[Pkg-owncloud-maintainers] Bug#989846: CVE-2021-22895
Sandro Knauß
hefee at debian.org
Sun Sep 12 17:33:57 BST 2021
Hey,
> > > What about Buster? Is 2.5 also affected?
> >
> > yes 2.5 is also affected. At least the source files look the same.
>
> Ack, can you also prepare an update for buster-security, please?
I have here a proposed debdiff. I added a third patch, so users have the
possiblility to accept invalid certs otherwise they would fail silently. At
least for me this sounds like not a proper solution.
* Do I need to upload also with sources? How can I check this myself?
Cheers,
hefee
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nextcloud-desktop_2.5.1-3+deb10u2.debdiff
Type: text/x-patch
Size: 8580 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-owncloud-maintainers/attachments/20210912/0f2d4d5e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-owncloud-maintainers/attachments/20210912/0f2d4d5e/attachment.sig>
More information about the Pkg-owncloud-maintainers
mailing list