drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in OwnCloud
Name: |
Mehrere Probleme in OwnCloud |
|
ID: |
FEDORA-2015-4693 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
So, 19. April 2015, 00:59 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
OwnCloud |
|
Originalnachricht |
Name : owncloud Product : Fedora 20 Version : 7.0.5 Release : 2.fc20 URL : http://owncloud.org Summary : Private file sync and share server Description : ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing right on the web. ownCloud is extendable via a simple but powerful API for applications and plugins.
------------------------------------------------------------------------------- - Update Information:
This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud.
It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating.
We have also backported a post-7.0.5 fix for a 'critical' issue: https://github.com/owncloud/core/issues/14843 . ------------------------------------------------------------------------------- - ChangeLog:
* Tue Mar 24 2015 Adam Williamson <awilliam@redhat.com> - 7.0.5-2 - fix patch backported in previous build (upstream made a booboo) * Mon Mar 23 2015 Adam Williamson <awilliam@redhat.com> - 7.0.5-1 - new release 7.0.5 (fixes yet-undisclosed vulns, #1204821 #1204823) - also backport fix for 'severe' upstream issue #14843 * Sun Feb 22 2015 Adam Williamson <awilliam@redhat.com> - 7.0.4-3 - revise and strengthen Apache configuration layout, fix external apps - fix external apps for Nginx * Sat Dec 20 2014 Adam Williamson <awilliam@redhat.com> - 7.0.4-2 - backport upstream support for google PHP lib 1.x and unbundle it * Tue Dec 9 2014 Adam Williamson <awilliam@redhat.com> - 7.0.4-1 - new release 7.0.4 * Tue Nov 25 2014 Adam Williamson <awilliam@redhat.com> - 7.0.3-3 - fix dropbox autoload patch (thanks Tomas Dolezal) #1168082 * Tue Nov 11 2014 Adam Williamson <awilliam@redhat.com> - 7.0.3-2 - drop unnecessary bits from 3rdparty_includes.patch - split Dropbox loading changes into a separate patch (submitted upstream) * Mon Nov 10 2014 Adam Williamson <awilliam@redhat.com> - 7.0.3-1 - new release 7.0.3 * Wed Oct 29 2014 Adam Williamson <awilliam@redhat.com> - 7.0.2-4 - db sub-packages should not depend on db server packages - improve README - improve db sub-package descriptions - don't check for new versions or working .htaccess files * Tue Oct 28 2014 Adam Williamson <awilliam@redhat.com> - 7.0.2-3 - drop unnecessary deps: php-gmp (#1152438) and Net_Curl(#999720) - re-arrange deps in spec to be the way I like 'em * Tue Sep 9 2014 Adam Williamson <awilliam@redhat.com> - 7.0.2-2 - 10927.patch: backport fix for an upgrade bug (upstream #10762) * Thu Aug 28 2014 Adam Williamson <awilliam@redhat.com> - 7.0.2-1 - update to 7.0.2 - update patch for using Composer autoloader with 3rdparty deps * Wed Aug 20 2014 Adam Williamson <awilliam@redhat.com> - 7.0.1-2 - make php directives in httpd config conditional on mod_php (FPM compat) * Wed Aug 20 2014 Adam Williamson <awilliam@redhat.com> - 7.0.1-1 - update to 7.0.1 - drop contact_type.patch (merged upstream) * Tue Jul 29 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-6 - do not ship upstream's 'updater' app (it'll only lead to tears) - don't patch and ship OC's sample config, write a stub instead * Tue Jul 29 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-5 - fix up sabre paths right this time * Tue Jul 29 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-4 - more autoloader tweaking - use composer not OC autoloader for legacy 3rdparty includes (core#9643) - specify explicit paths to Sabre deps * Sun Jul 27 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-3 - update apache config for OC 7 changes - drop unneeded isoft/mssql-bundle from 3rdparty * Sun Jul 27 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-2 - opcache_invalidate.patch: avoid triggering a crash in the PHP opcache - contact_type.patch: fix selection of current field type in contact view * Thu Jul 24 2014 Adam Williamson <awilliam@redhat.com> - 7.0.0-1 - 7.0.0 - rediff 3rdparty_includes.patch - update 3rdparty strip commands and dependencies for upstream changes - update dependencies * Mon Jun 30 2014 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.4-1 - 6.0.4 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 6.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Thu May 1 2014 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.3-1 - 6.0.3 - update symfony routing patch * Tue Mar 4 2014 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.2-1 - 6.0.2 * Mon Feb 24 2014 Adam Williamson <awilliam@redhat.com> - 6.0.1-3 - set a minimum ver on the DBAL req for safety (using with 2.3 is dangerous) * Mon Jan 27 2014 Adam Williamson <awilliam@redhat.com> - 6.0.1-2 - unbundle phpseclib (packaged now) * Thu Jan 23 2014 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.1-1 - 6.0.1 * Tue Jan 14 2014 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.0a-9 - fix routing with symfony 2.3 * Fri Jan 10 2014 Adam Williamson <awilliam@redhat.com> - 6.0.0a-8 - make a warning OC keeps triggering into a debug message * Thu Jan 9 2014 Adam Williamson <awilliam@redhat.com> - 6.0.0a-7 - re-enable irods, patch loading of it, add dependency on it * Fri Jan 3 2014 Adam Williamson <awilliam@redhat.com> - 6.0.0a-6 - disable irods a bit harder * Fri Jan 3 2014 Adam Williamson <awilliam@redhat.com> - 6.0.0a-5 - drop non-existent OC_User_IMAP from config file * Fri Jan 3 2014 Adam Williamson <awilliam@redhat.com> - 6.0.0a-4 - apps_3rdparty_includes: fix more 3rdparty loading stuff - disable_irods: disable storage app's irods (it's broken) * Mon Dec 30 2013 Adam Williamson <awilliam@redhat.com> - 6.0.0a-3 - tar-include, blowfish-include, dropbox-include: fix more paths * Mon Dec 30 2013 Adam Williamson <awilliam@redhat.com> - 6.0.0a-2 - dropbox-include.patch: fix loading of system copy of php-Dropbox * Sun Dec 22 2013 Adam Williamson <awilliam@redhat.com> - 6.0.0a-1 - 6.0.0a * Sun Dec 22 2013 Gregor Tätzner <brummbq@fedoraproject.org> - 6.0.0-1 - 6.0.0 * Fri Dec 20 2013 Adam Williamson <awilliam@redhat.com> - 5.0.14a-2 - Correct location of php-symfony-routing: #1045301 * Fri Dec 20 2013 Adam Williamson <awilliam@redhat.com> - 5.0.14a-1 - 5.0.14a ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1204821 - owncloud: new security issues fixed upstream in 6.0.7 and 7.0.5 https://bugzilla.redhat.com/show_bug.cgi?id=1204821 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update owncloud' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|