[Pkg-owncloud-maintainers] Security issue in libjs-jquery-jplayer (was: [OwnCloud-Packaging] 5.0.4 & 4.5.9 & 4.0.14)
Pau Garcia i Quiles
pgquiles at elpauer.org
Thu Apr 11 18:15:13 UTC 2013
Hello,
I'll take a look.
Do you need that specific version of jPlayer for OwnCloud or would it be OK
to upload the latest version, which I guess includes the fix already?
On Thu, Apr 11, 2013 at 8:10 PM, David Prévot <david at tilapin.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hi,
>
> Le 10/04/2013 22:58, David Prévot a écrit :
> > Le 10/04/2013 15:28, David Prévot a écrit :
> >
> >> At first, we could upload 4.0.14 to Sid, hopefully it won’t be too
> messy.
> >
> > 4.0 branch created on Git, and package prepared. Binary packages
> > available on people.d.o for testers’ convenience:
> >
> > http://people.debian.org/~taffit/owncloud/
> >
> > I should be able to test it tomorrow or the day after, and then upload
>
> The security issue is actually in libjs-jquery-jplayer, so I won’t
> upload anything in a hurry.
>
> http://owncloud.org/about/security/advisories/oC-SA-2013-014/
> https://security-tracker.debian.org/tracker/CVE-2013-1942
>
> The new jquery-jplayer version FTBFS, I hope Pau (CC) will manage to
> backport the security fix in a timely manner.
>
> Regards
>
> David
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
>
> iQIcBAEBCAAGBQJRZvx9AAoJELgqIXr9/gny3XoP/1fCKjPqk7sGLf+Rsc2lVCUJ
> rQ6EPSqlOSXBuWpu46s4NxF/sibTNXCEtLtmm+QV1TyDBJfwzC1l83bMjKLrCA2D
> g8VsIEfA21iEOrrbL8Kh4FvfyRk2mF6beSZOdAnh73TeJeT9nagT24fF/i7izF5r
> /7Z/cUg3MZK6j4fj2MZoqhdpwOdXyFMyVQXGqmxRvGDWk6ddZah3dtcMWKkUgrbI
> hxAU6GzPXkZ6JXpuVYNRg9U6fr5VKeRztqZt+iRjAzUDHNwHqCENUY38ktl08qXf
> +HAHNrkxFEEJu3cvGViRxXoe/qZTcLLf9C9fiYAoFGJprmiCamPC7PEZ3Zg3PqbG
> 8r7MUOqxkh26Dt2gxwo64YlmoXygnWZdqAie6kF4BR/Zqu6fGHyD4k27VxmpYrbx
> wZNl8zror9SdmO6y5qJ+WbZ/I2lyrDRj/XtYgLV3+sI1Byz5iyLpT7dSbajkayMv
> L3Ar5H5CXks0a4orbnuUfX12hDDoPjgHGtnXGYd20UbBC8fI7yFngSu1ni/CVYZv
> TeyXsmEu34Tk+NlJkT8KTi1PwOp7eqPmDlo8pyOisehk8Ftz3LDYcLvua1H5RtPP
> lhsvbtX4FcXW4IOoRuMD+NmvdDX8VPjtMnXTnlvln/Jvb0jAa/YGDK9PsYLuLLw3
> rfBiTMyxD5kFLtNYkSR/
> =zUtN
> -----END PGP SIGNATURE-----
>
--
Pau Garcia i Quiles
http://www.elpauer.org
(Due to my workload, I may need 10 days to answer)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-owncloud-maintainers/attachments/20130411/f5613dc9/attachment.html>
More information about the Pkg-owncloud-maintainers
mailing list