[Pkg-owncloud-maintainers] Bug#688123: owncloud: CVE-2012-4753
Thomas Müller
thomas.mueller at tmit.eu
Thu Oct 11 13:33:15 UTC 2012
A member of the Owncloud security team is in contact with MITRE
in order to close this CVE as it's invalid due to unclear changelog entries.
I'll keep you informed.
THX,
Tom
Am Mittwoch, dem 19.09.2012 um 17:32 schrieb Moritz Muehlenhoff:
> Package: owncloud
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
> CVE-2012-4753 is still unfixed in Wheezy:
> http://www.openwall.com/lists/oss-security/2012/09/05/17
>
> It's not clear, which CSRF fixes were fixed in 4.0.5, so please
> contact upstream to identify the specific fixes and introduce
> them in another tpu upload.
>
> Cheers,
> Moritz
>
> _______________________________________________
> Pkg-owncloud-maintainers mailing list
> Pkg-owncloud-maintainers at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-owncloud-maintainers
More information about the Pkg-owncloud-maintainers
mailing list