[Pkg-owncloud-maintainers] Bug#688123: owncloud: CVE-2012-4753
Moritz Muehlenhoff
jmm at inutil.org
Wed Sep 19 15:32:14 UTC 2012
Package: owncloud
Severity: grave
Tags: security
Justification: user security hole
Hi,
CVE-2012-4753 is still unfixed in Wheezy:
http://www.openwall.com/lists/oss-security/2012/09/05/17
It's not clear, which CSRF fixes were fixed in 4.0.5, so please
contact upstream to identify the specific fixes and introduce
them in another tpu upload.
Cheers,
Moritz
More information about the Pkg-owncloud-maintainers
mailing list