oss-sec mailing list archives
Re: CVE request: ownCloud
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 21 Dec 2012 23:49:01 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/21/2012 02:29 PM, Lukas Reschke wrote:
ownCloud 4.5.5 and 4.0.10 are bringing two security fixes: http://owncloud.org/changelog/ - Auth bypass in user_webdavauth and user_ldap (oC-SA-2012-001)
Please use CVE-2012-5665 for this issue.
- XSS vulnerability in bookmarks (oC-SA-2012-007)
Please use CVE-2012-5666 for this issue.
Thanks Lukas
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQ1VfdAAoJEBYNRVNeJnmT/sEP/jXElZAErcew5AFir9bcYnhK wM2ApyIDK4Lf/jp4QSGKYtGvOZqECQ2oPfUd6atYSZfVwvwNqv3qqNRHWiTfnGy/ Mv0m8b/BLq0s3Mjm8ChmOY82OweHLWzV7mzk1U0GWqRT60+TVG5A82E1OzcIsUhf IH1ph5nEhdop5qolkfrgs44gRj2d11Wqjur21xvXBYr+EKpmG+jU0+Q7+T6/PhRn y1f7yzvikVk1GByBzfomKv+vBCP/m/t63HC1xgW/zLUlFOrxT70bpCs0sFv81itF xtJfhDdNnRImIF2DxYROy4jMW/VVdIv1TanEYTsPYWKgtOojYceBPV1027YSx1UP zLuhJ+BRwsiv/OCFVYbJ7NTapg0hgMykNGb0thNowBmOMmAQwP1TIH/kPRtspWk1 crsgBRrM5CHVkNUgTXZgRki1RSqq38OWyMKsHNH2cYHJBO1/Ri+JGkpU7z2e0/aD 2M9pr1yeqiWcxjWl8FF1CsbXeHGGdn5r4BT+F/rqThocjUFoUnekgTD/ZtXzQmR2 ecQTttmUAB8raK5yJI2fTNW5P4vnaF+CPTlVP1qUkeJSeJ6iJCRjUMcj9NbCojVd OZew+ts7YQKV6df9fu0BgKDiA9RbgdoUKMHDC4MEgdfpvd91Nplkjo0RFnhXjqdH pGG3+b4aFBpLCaZXs7m4 =Z0ds -----END PGP SIGNATURE-----
Current thread:
- CVE Request: owncloud Jamie Strandboge (Nov 30)
- Re: CVE Request: owncloud Kurt Seifried (Nov 30)
- Re: [security] [oss-security] CVE Request: owncloud Lukas Reschke (Nov 30)
- <Possible follow-ups>
- CVE request: ownCloud Lukas Reschke (Dec 21)
- Re: CVE request: ownCloud Kurt Seifried (Dec 21)
- Re: CVE Request: owncloud Kurt Seifried (Nov 30)