Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: ownCloud
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 21 Dec 2012 23:49:01 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/21/2012 02:29 PM, Lukas Reschke wrote:
ownCloud 4.5.5 and 4.0.10 are bringing two security fixes: 
http://owncloud.org/changelog/

- Auth bypass in user_webdavauth and user_ldap (oC-SA-2012-001)

Please use CVE-2012-5665 for this issue.

- XSS vulnerability in bookmarks (oC-SA-2012-007)

Please use CVE-2012-5666 for this issue.

Thanks Lukas



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ1VfdAAoJEBYNRVNeJnmT/sEP/jXElZAErcew5AFir9bcYnhK
wM2ApyIDK4Lf/jp4QSGKYtGvOZqECQ2oPfUd6atYSZfVwvwNqv3qqNRHWiTfnGy/
Mv0m8b/BLq0s3Mjm8ChmOY82OweHLWzV7mzk1U0GWqRT60+TVG5A82E1OzcIsUhf
IH1ph5nEhdop5qolkfrgs44gRj2d11Wqjur21xvXBYr+EKpmG+jU0+Q7+T6/PhRn
y1f7yzvikVk1GByBzfomKv+vBCP/m/t63HC1xgW/zLUlFOrxT70bpCs0sFv81itF
xtJfhDdNnRImIF2DxYROy4jMW/VVdIv1TanEYTsPYWKgtOojYceBPV1027YSx1UP
zLuhJ+BRwsiv/OCFVYbJ7NTapg0hgMykNGb0thNowBmOMmAQwP1TIH/kPRtspWk1
crsgBRrM5CHVkNUgTXZgRki1RSqq38OWyMKsHNH2cYHJBO1/Ri+JGkpU7z2e0/aD
2M9pr1yeqiWcxjWl8FF1CsbXeHGGdn5r4BT+F/rqThocjUFoUnekgTD/ZtXzQmR2
ecQTttmUAB8raK5yJI2fTNW5P4vnaF+CPTlVP1qUkeJSeJ6iJCRjUMcj9NbCojVd
OZew+ts7YQKV6df9fu0BgKDiA9RbgdoUKMHDC4MEgdfpvd91Nplkjo0RFnhXjqdH
pGG3+b4aFBpLCaZXs7m4
=Z0ds
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]