[Pkg-owncloud-maintainers] Bug#703094: owncloud: multiple vulnerabilities (oC-SA-2013-009, oC-SA-2013-010)
gregor herrmann
gregoa at debian.org
Fri Mar 15 21:25:18 UTC 2013
Control: tag -1 + patch
On Fri, 15 Mar 2013 09:27:32 +0100, Salvatore Bonaccorso wrote:
> the following vulnerabilities were published for owncloud.
>
> CVE-2013-1851[0]:
> user_migrate: Local file disclosure
>
> CVE-2013-1850[1]:
> Contacts: Bypass of file blacklist
I've now taken the commits mentioned in the upstream oC-SAs and put
them into debian/patches. Diff attached.
Cheers,
gregor
--
.''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
: :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/
`. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
`- NP: The Who: Boris The Spider
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 703094.diff
Type: text/x-diff
Size: 7187 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-owncloud-maintainers/attachments/20130315/a604d259/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-owncloud-maintainers/attachments/20130315/a604d259/attachment.pgp>
More information about the Pkg-owncloud-maintainers
mailing list