oss-sec mailing list archives
CVE Request: owncloud
From: Jamie Strandboge <jamie () canonical com>
Date: Fri, 30 Nov 2012 09:29:14 -0600
Owncloud 4.5.2 and 4.0.9 has a few security fixes: http://owncloud.org/changelog/ Specifically: - Multiple XSS vulnerabilities (oC-SA-2012-001) - Timing attack in the “Lost Password” implementation (oC-SA-2012-002) - XSS vulnerability in user_webdavauth (oC-SA-2012-003) - Code Execution in /lib/migrate.php (oC-SA-2012-004) - Code Execution in /lib/filesystem.php (oC-SA-2012-005) -- Jamie Strandboge http://www.ubuntu.com/
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE Request: owncloud Jamie Strandboge (Nov 30)
- Re: CVE Request: owncloud Kurt Seifried (Nov 30)
- Re: [security] [oss-security] CVE Request: owncloud Lukas Reschke (Nov 30)
- <Possible follow-ups>
- CVE request: ownCloud Lukas Reschke (Dec 21)
- Re: CVE request: ownCloud Kurt Seifried (Dec 21)
- Re: CVE Request: owncloud Kurt Seifried (Nov 30)