Your message dated Fri, 01 Feb 2013 21:18:07 +0000 with message-id <e1u1nzr-0004ya...@franck.debian.org> and subject line Bug#698737: fixed in owncloud 4.0.8debian-1.4 has caused the Debian Bug report #698737, regarding owncloud: Multiple security issues in owncloud to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 698737: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698737 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: owncloud Version: 4.0.4debian2-3.2 Severity: grave Tags: security Justification: user security hole The version of owncloud in both testing and unstable contains security holes. http://owncloud.org/changelog/ has details. Upstream versions 4.0.11 and 4.5.6 fixed: * Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203 * Security: Removed remoteStorage app because of unfixed security problems. -- John -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---Source: owncloud Source-Version: 4.0.8debian-1.4 We believe that the bug you reported is fixed in the latest version of owncloud, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 698...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated owncloud package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 25 Jan 2013 21:36:15 +0100 Source: owncloud Binary: owncloud owncloud-mysql owncloud-sqlite Architecture: source all Version: 4.0.8debian-1.4 Distribution: unstable Urgency: high Maintainer: ownCloud for Debian maintainers <pkg-owncloud-maintain...@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: owncloud - cloud storage for files, music, contacts, calendars and many more owncloud-mysql - meta-package providing MySQL dependencies for ownCloud owncloud-sqlite - meta-package providing SQLite dependencies for ownCloud Closes: 698737 Changes: owncloud (4.0.8debian-1.4) unstable; urgency=high . * Non-maintainer upload. * Add 12_oc-sa-2013-001.patch patch [SECURITY] CVE-2012-0201, CVE-2012-0202 and CVE-2012-0203: Fix multiple XSS vulnerabilities. (Closes: #698737) Checksums-Sha1: dceb345390ca8777860f2ee2eebf658f3e1b189d 2149 owncloud_4.0.8debian-1.4.dsc b69623f80189bc0fde04023caaea34f5e8cc069d 41908 owncloud_4.0.8debian-1.4.debian.tar.gz fd6acfff4fc190abb32f06459ebf5ef65d32d09c 2213106 owncloud_4.0.8debian-1.4_all.deb efd6ebc9a0f019e9a7530408e0a4c5500bea3cf4 29498 owncloud-mysql_4.0.8debian-1.4_all.deb cfce1b7d1f2e162f14aa25685047cd155fe11788 54930 owncloud-sqlite_4.0.8debian-1.4_all.deb Checksums-Sha256: a31ce348ec0b4302ebd21151883555d8083fa049f253096bdbebecc92a1616c5 2149 owncloud_4.0.8debian-1.4.dsc c8dc050d4f0ce9cd66c61c4a6a4eb07732a04547d3382cff0a8eeff6ac2cb125 41908 owncloud_4.0.8debian-1.4.debian.tar.gz 5f871ee16c2a23f7967e706a53c9af1205cf49f3c89e2e7741a2a6d82ccf5806 2213106 owncloud_4.0.8debian-1.4_all.deb cb17796ab02160bb7a045d7c77a00eb3b363f22a3661a0dce12803b0792f20f5 29498 owncloud-mysql_4.0.8debian-1.4_all.deb 9d12f07580f6f0aa30f1de20b2169f6e0bf51a17e1ae5a884f3979c638fb8f3c 54930 owncloud-sqlite_4.0.8debian-1.4_all.deb Files: f7f149bdd981fee8f16d225b467fdafd 2149 web extra owncloud_4.0.8debian-1.4.dsc d55aa52e5e3a6880d7ace9c491897779 41908 web extra owncloud_4.0.8debian-1.4.debian.tar.gz 9288884e26c29039af841a2693802433 2213106 web extra owncloud_4.0.8debian-1.4_all.deb c9b14f0ac72f864f614d2b5450e7b68e 29498 web extra owncloud-mysql_4.0.8debian-1.4_all.deb 1be13fbd6ee09a08579bba5031d6ed70 54930 web extra owncloud-sqlite_4.0.8debian-1.4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJRAu1MAAoJEHidbwV/2GP+qHAQAIB89xxEIuyQA0xYMVID44ZD iVg8UkLtFDiv2xLVby843eRw9/kZIuXfawB+1ibcbWKoIM9JEdeSdhJb/5YBrgkT zVRy0VSDERyNfzVERENLfiouwefkt9LkCjqF0niKoHVr2//qF0GTIgst0dxGy5/K i6Tsty3EXMnxDkeravxcbEINsqEAqtZqJrYZqSAgPWm53+GJMC+268pcZ/b7bA8/ Z+6Jw6nKjRigKE1SCB450NZU0Px2dJ+Rs7wzrQWC5dc76CTschaE/dbDxtXoCL5K N7koq81OhfxqpIaR+B4waUDs9VN0vc5KrDtWZdY21KUN6iwkAqi3I471BSR34j21 JoTP+dnaOe2UvCjIJSdiBrcGc2JaFFb3Zgx7zy8QYqAcSifTTthgrnpdU4oCAIlO 91vIq3PkT1hjkyx6afDBg04S+UULBtTPtQAgVuFh3P+pq0f0UsEcN57MvmBManH8 uq4VXHuR4j0/VD6lKJMytwgXYvukTyu1tzLFVoGs0fqXViSEUY/cicqmOw7+wCq1 FTTNBXVK8JFIA0dEHaM62z6APgZUGoe0b0NLCC5amkpsc4HLtUjSusOD3P1DvQ0+ 0lrSF8RScp0vfY1qIsF6Vbdum49XkOyTBVEi88YXowL58+fm/iYeSsWfMYZpnHgk nKjVVzxEs917vD5zhDHH =C8tI -----END PGP SIGNATURE-----
--- End Message ---
