Your message dated Fri, 07 Jun 2013 16:18:20 +0000 with message-id <e1ukzmq-0007d4...@franck.debian.org> and subject line Bug#711517: fixed in owncloud 4.0.16debian-1 has caused the Debian Bug report #711517, regarding owncloud: CVE-2013-2149: XSS vulnerability in core/js/oc-dialogs.js to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 711517: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711517 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: owncloud Version: 4.0.15debian-1 Severity: grave Tags: security patch upstream Hi, the following vulnerability was published for owncloud. CVE-2013-2149[0]: XSS vulnerability in core/js/oc-dialogs.js See upstream advisory at [1]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149 http://security-tracker.debian.org/tracker/CVE-2013-2149 [1] http://owncloud.org/about/security/advisories/oC-SA-2013-028/ Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: owncloud Source-Version: 4.0.16debian-1 We believe that the bug you reported is fixed in the latest version of owncloud, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 711...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Prévot <taf...@debian.org> (supplier of updated owncloud package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 07 Jun 2013 11:20:28 -0400 Source: owncloud Binary: owncloud owncloud-mysql owncloud-sqlite Architecture: source all Version: 4.0.16debian-1 Distribution: unstable Urgency: low Maintainer: ownCloud for Debian maintainers <pkg-owncloud-maintain...@lists.alioth.debian.org> Changed-By: David Prévot <taf...@debian.org> Description: owncloud - cloud storage for files, music, contacts, calendars and many more owncloud-mysql - meta-package providing MySQL dependencies for ownCloud owncloud-sqlite - meta-package providing SQLite dependencies for ownCloud Closes: 711517 Changes: owncloud (4.0.16debian-1) unstable; urgency=low . * Team upload * New upstream release (Closes: #711517) - Fix CVE-2013-2149: XSS vulnerabilities in core/js/oc-dialogs.js Checksums-Sha1: 8f949c604860cdd4fe3989a05fd437a12c6744c4 1802 owncloud_4.0.16debian-1.dsc b4ad7b5019c10acb8f0ba3c81d1e879e16891731 3273619 owncloud_4.0.16debian.orig.tar.bz2 0ebaf4f93b1ece816436120b9439c0b24e029f62 39526 owncloud_4.0.16debian-1.debian.tar.gz 2bc1aaf8db70cadd3a69b3aae368ab681589b790 2213688 owncloud_4.0.16debian-1_all.deb 509307edbc2203b755020e28476ea478238fa4ec 30100 owncloud-mysql_4.0.16debian-1_all.deb 6a0cf5f3bbbeca2b149729438e4ef6931e91233c 55110 owncloud-sqlite_4.0.16debian-1_all.deb Checksums-Sha256: bcdbb0f66174d3da66cd5a9f90accc61222c83ea1e12bfcf7258616fbe7b80a5 1802 owncloud_4.0.16debian-1.dsc b641b2839015dea5e1596a6852bfe2c23dd786c7b2ee6575c369a9f4c4c7188b 3273619 owncloud_4.0.16debian.orig.tar.bz2 4dbad3898db9b3e1a456a6ba522e1c68d72e5826ecb22bb849f362f72a41d002 39526 owncloud_4.0.16debian-1.debian.tar.gz 201128e4fce3180fb54e4ba02202da01a7fa448ec42fd726cc7a40a40f068276 2213688 owncloud_4.0.16debian-1_all.deb a9d3a2a700e2d809b08c01c5b149db16f3b0140b3673f7cdccf300ba52e732a7 30100 owncloud-mysql_4.0.16debian-1_all.deb 00848c25aae328037ba6765714a4a7754085d582a0f6864d5bab4315558458bf 55110 owncloud-sqlite_4.0.16debian-1_all.deb Files: 682860c140d4616285b8bef8bf96e10a 1802 web extra owncloud_4.0.16debian-1.dsc e3caf1b9acc62792eab78df2fbe5109e 3273619 web extra owncloud_4.0.16debian.orig.tar.bz2 f3f39ef44140e0d70272bee8405f46ed 39526 web extra owncloud_4.0.16debian-1.debian.tar.gz eb1994e45189d70592c59c7cb5ee06ca 2213688 web extra owncloud_4.0.16debian-1_all.deb eeca28a845e9e33103a0c49b392c2872 30100 web extra owncloud-mysql_4.0.16debian-1_all.deb fd7bbcbbfbac18a467b5090c320e44bc 55110 web extra owncloud-sqlite_4.0.16debian-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJRsgGtAAoJEAWMHPlE9r08eDEH/1GfEZJSVdalS4lPsaMXx/gO +Fu7Epi1gVtfGGR7GbaelesLchvWZNZNOiWcEPWMtObIa3qvusSBoGUHAcDeDpoe tQm0jnwqPMP/I5VwWhSxOFmCFg8eKSbnIPsogo8uPrCcMIW6U2I6BGPf0iVFtOio aebbvrF64SjgeFZWFw5QGg76FICUrcYgIcJj+RLRVtQQVf3GT+/lc5v6QUfadL9O ujPEiJJSkZnFRVmj4OIyItuYLqQf0n9cy8PPjkJTBGP/B2DbYkoe0pWJJECHfMK+ Guo2GJoh0bTQdnhLO+xZsk3x1xEPYTxWsQ04rymGNJq+RFBekxJ3JvjOWqdbpCI= =Kiqh -----END PGP SIGNATURE-----
--- End Message ---
