A member of the Owncloud security team is in contact with MITRE
in order to close this CVE as it's invalid due to unclear changelog entries.
I'll keep you informed.
THX,
Tom
Am Mittwoch, dem 19.09.2012 um 17:32 schrieb Moritz Muehlenhoff:
> Package: owncloud
> Severity: grave
> Tags: securit
Package: owncloud
Severity: grave
Tags: security
Justification: user security hole
Hi,
CVE-2012-4753 is still unfixed in Wheezy:
http://www.openwall.com/lists/oss-security/2012/09/05/17
It's not clear, which CSRF fixes were fixed in 4.0.5, so please
contact upstream to identify the specific fixes
2 matches
Mail list logo
