[Pkg-owncloud-maintainers] Bug#699441: [Secure-testing-team] Bug#699441: owncloud: Multiple security issues in owncloud
John Goerzen
jgoerzen at complete.org
Thu Jan 31 14:39:42 UTC 2013
Ah, sorry for the noise. 698737 did not show up on
bugs.debian.org/owncloud and I didn't think to check the src:.
-- John
On 01/31/2013 08:37 AM, Salvatore Bonaccorso wrote:
> Control: merge 698737 699441
>
> Hi John
>
> On Thu, Jan 31, 2013 at 07:25:38AM -0600, John Goerzen wrote:
>> Package: owncloud
>> Version: 4.0.4debian2-3.2
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>>
>> The version of owncloud in both testing and unstable contains security
>> holes.
>>
>> http://owncloud.org/changelog/ has details. Upstream versions 4.0.11
>> and 4.5.6 fixed:
>>
>> * Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203
>> * Security: Removed remoteStorage app because of unfixed security problems.
>
> Yes, owncloud fixing these is in the delayed queue:
>
> See: http://bugs.debian.org/698737
>
> Regards,
> Salvatore
>
More information about the Pkg-owncloud-maintainers
mailing list