[Pkg-owncloud-maintainers] Bug#688123: owncloud: CVE-2012-4753

Thomas Müller thomas.mueller at tmit.eu
Thu Oct 11 13:33:15 UTC 2012

A member of the Owncloud security team is in contact with MITRE 
in order to close this CVE as it's invalid due to unclear changelog entries.

I'll keep you informed.



Am Mittwoch, dem 19.09.2012 um 17:32 schrieb Moritz Muehlenhoff:
> Package: owncloud
> Severity: grave
> Tags: security
> Justification: user security hole
> Hi,
> CVE-2012-4753 is still unfixed in Wheezy:
> http://www.openwall.com/lists/oss-security/2012/09/05/17
> It's not clear, which CSRF fixes were fixed in 4.0.5, so please
> contact upstream to identify the specific fixes and introduce 
> them in another tpu upload.
> Cheers,
>         Moritz
> _______________________________________________
> Pkg-owncloud-maintainers mailing list
> Pkg-owncloud-maintainers at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-owncloud-maintainers

More information about the Pkg-owncloud-maintainers mailing list