[Pkg-owncloud-maintainers] Security issue in libjs-jquery-jplayer (was: [OwnCloud-Packaging] 5.0.4 & 4.5.9 & 4.0.14)

[David Prévot]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

Le 10/04/2013 22:58, David Prévot a écrit :
> Le 10/04/2013 15:28, David Prévot a écrit :
> 
>> At first, we could upload 4.0.14 to Sid, hopefully it won’t be too messy.
> 
> 4.0 branch created on Git, and package prepared. Binary packages
> available on people.d.o for testers’ convenience:
> 
> 	http://people.debian.org/~taffit/owncloud/
> 
> I should be able to test it tomorrow or the day after, and then upload

The security issue is actually in libjs-jquery-jplayer, so I won’t
upload anything in a hurry.

	http://owncloud.org/about/security/advisories/oC-SA-2013-014/
	https://security-tracker.debian.org/tracker/CVE-2013-1942

The new jquery-jplayer version FTBFS, I hope Pau (CC) will manage to
backport the security fix in a timely manner.

Regards

David

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRZvx9AAoJELgqIXr9/gny3XoP/1fCKjPqk7sGLf+Rsc2lVCUJ
rQ6EPSqlOSXBuWpu46s4NxF/sibTNXCEtLtmm+QV1TyDBJfwzC1l83bMjKLrCA2D
g8VsIEfA21iEOrrbL8Kh4FvfyRk2mF6beSZOdAnh73TeJeT9nagT24fF/i7izF5r
/7Z/cUg3MZK6j4fj2MZoqhdpwOdXyFMyVQXGqmxRvGDWk6ddZah3dtcMWKkUgrbI
hxAU6GzPXkZ6JXpuVYNRg9U6fr5VKeRztqZt+iRjAzUDHNwHqCENUY38ktl08qXf
+HAHNrkxFEEJu3cvGViRxXoe/qZTcLLf9C9fiYAoFGJprmiCamPC7PEZ3Zg3PqbG
8r7MUOqxkh26Dt2gxwo64YlmoXygnWZdqAie6kF4BR/Zqu6fGHyD4k27VxmpYrbx
wZNl8zror9SdmO6y5qJ+WbZ/I2lyrDRj/XtYgLV3+sI1Byz5iyLpT7dSbajkayMv
L3Ar5H5CXks0a4orbnuUfX12hDDoPjgHGtnXGYd20UbBC8fI7yFngSu1ni/CVYZv
TeyXsmEu34Tk+NlJkT8KTi1PwOp7eqPmDlo8pyOisehk8Ftz3LDYcLvua1H5RtPP
lhsvbtX4FcXW4IOoRuMD+NmvdDX8VPjtMnXTnlvln/Jvb0jAa/YGDK9PsYLuLLw3
rfBiTMyxD5kFLtNYkSR/
=zUtN
-----END PGP SIGNATURE-----