Fedora 20: owncloud Security Update

    Date18 Apr 2015
    CategoryFedora
    121
    Posted ByLinuxSecurity Advisories
    This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud. It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating. We have also backported a post-7.0.5 fix for a 'critical' issue: https://github.com/owncloud/core/iss [More...]
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2015-4693
    2015-03-26 16:44:51
    --------------------------------------------------------------------------------
    
    Name        : owncloud
    Product     : Fedora 20
    Version     : 7.0.5
    Release     : 2.fc20
    URL         : http://owncloud.org
    Summary     : Private file sync and share server
    Description :
    ownCloud gives you universal access to your files through a web interface or
    WebDAV. It also provides a platform to easily view & sync your contacts,
    calendars and bookmarks across all your devices and enables basic editing right
    on the web. ownCloud is extendable via a simple but powerful API for
    applications and plugins.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud.
    
    It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating.
    
    We have also backported a post-7.0.5 fix for a 'critical' issue: https://github.com/owncloud/core/issues/14843 .
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Tue Mar 24 2015 Adam Williamson  - 7.0.5-2
    - fix patch backported in previous build (upstream made a booboo)
    * Mon Mar 23 2015 Adam Williamson  - 7.0.5-1
    - new release 7.0.5 (fixes yet-undisclosed vulns, #1204821 #1204823)
    - also backport fix for 'severe' upstream issue #14843
    * Sun Feb 22 2015 Adam Williamson  - 7.0.4-3
    - revise and strengthen Apache configuration layout, fix external apps
    - fix external apps for Nginx
    * Sat Dec 20 2014 Adam Williamson  - 7.0.4-2
    - backport upstream support for google PHP lib 1.x and unbundle it
    * Tue Dec  9 2014 Adam Williamson  - 7.0.4-1
    - new release 7.0.4
    * Tue Nov 25 2014 Adam Williamson  - 7.0.3-3
    - fix dropbox autoload patch (thanks Tomas Dolezal) #1168082
    * Tue Nov 11 2014 Adam Williamson  - 7.0.3-2
    - drop unnecessary bits from 3rdparty_includes.patch
    - split Dropbox loading changes into a separate patch (submitted upstream)
    * Mon Nov 10 2014 Adam Williamson  - 7.0.3-1
    - new release 7.0.3
    * Wed Oct 29 2014 Adam Williamson  - 7.0.2-4
    - db sub-packages should not depend on db server packages
    - improve README
    - improve db sub-package descriptions
    - don't check for new versions or working .htaccess files
    * Tue Oct 28 2014 Adam Williamson  - 7.0.2-3
    - drop unnecessary deps: php-gmp (#1152438) and Net_Curl(#999720)
    - re-arrange deps in spec to be the way I like 'em
    * Tue Sep  9 2014 Adam Williamson  - 7.0.2-2
    - 10927.patch: backport fix for an upgrade bug (upstream #10762)
    * Thu Aug 28 2014 Adam Williamson  - 7.0.2-1
    - update to 7.0.2
    - update patch for using Composer autoloader with 3rdparty deps
    * Wed Aug 20 2014 Adam Williamson  - 7.0.1-2
    - make php directives in httpd config conditional on mod_php (FPM compat)
    * Wed Aug 20 2014 Adam Williamson  - 7.0.1-1
    - update to 7.0.1
    - drop contact_type.patch (merged upstream)
    * Tue Jul 29 2014 Adam Williamson  - 7.0.0-6
    - do not ship upstream's 'updater' app (it'll only lead to tears)
    - don't patch and ship OC's sample config, write a stub instead
    * Tue Jul 29 2014 Adam Williamson  - 7.0.0-5
    - fix up sabre paths right this time
    * Tue Jul 29 2014 Adam Williamson  - 7.0.0-4
    - more autoloader tweaking
    - use composer not OC autoloader for legacy 3rdparty includes (core#9643)
    - specify explicit paths to Sabre deps
    * Sun Jul 27 2014 Adam Williamson  - 7.0.0-3
    - update apache config for OC 7 changes
    - drop unneeded isoft/mssql-bundle from 3rdparty
    * Sun Jul 27 2014 Adam Williamson  - 7.0.0-2
    - opcache_invalidate.patch: avoid triggering a crash in the PHP opcache
    - contact_type.patch: fix selection of current field type in contact view
    * Thu Jul 24 2014 Adam Williamson  - 7.0.0-1
    - 7.0.0
    - rediff 3rdparty_includes.patch
    - update 3rdparty strip commands and dependencies for upstream changes
    - update dependencies
    * Mon Jun 30 2014 Gregor Tätzner  - 6.0.4-1
    - 6.0.4
    * Sat Jun  7 2014 Fedora Release Engineering  - 6.0.3-2
    - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
    * Thu May  1 2014 Gregor Tätzner  - 6.0.3-1
    - 6.0.3
    - update symfony routing patch
    * Tue Mar  4 2014 Gregor Tätzner  - 6.0.2-1
    - 6.0.2
    * Mon Feb 24 2014 Adam Williamson  - 6.0.1-3
    - set a minimum ver on the DBAL req for safety (using with 2.3 is dangerous)
    * Mon Jan 27 2014 Adam Williamson  - 6.0.1-2
    - unbundle phpseclib (packaged now)
    * Thu Jan 23 2014 Gregor Tätzner  - 6.0.1-1
    - 6.0.1
    * Tue Jan 14 2014 Gregor Tätzner   - 6.0.0a-9
    - fix routing with symfony 2.3
    * Fri Jan 10 2014 Adam Williamson  - 6.0.0a-8
    - make a warning OC keeps triggering into a debug message
    * Thu Jan  9 2014 Adam Williamson  - 6.0.0a-7
    - re-enable irods, patch loading of it, add dependency on it
    * Fri Jan  3 2014 Adam Williamson  - 6.0.0a-6
    - disable irods a bit harder
    * Fri Jan  3 2014 Adam Williamson  - 6.0.0a-5
    - drop non-existent OC_User_IMAP from config file
    * Fri Jan  3 2014 Adam Williamson  - 6.0.0a-4
    - apps_3rdparty_includes: fix more 3rdparty loading stuff
    - disable_irods: disable storage app's irods (it's broken)
    * Mon Dec 30 2013 Adam Williamson  - 6.0.0a-3
    - tar-include, blowfish-include, dropbox-include: fix more paths
    * Mon Dec 30 2013 Adam Williamson  - 6.0.0a-2
    - dropbox-include.patch: fix loading of system copy of php-Dropbox
    * Sun Dec 22 2013 Adam Williamson  - 6.0.0a-1
    - 6.0.0a
    * Sun Dec 22 2013 Gregor Tätzner  - 6.0.0-1
    - 6.0.0
    * Fri Dec 20 2013 Adam Williamson  - 5.0.14a-2
    - Correct location of php-symfony-routing: #1045301
    * Fri Dec 20 2013 Adam Williamson  - 5.0.14a-1
    - 5.0.14a
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1204821 - owncloud: new security issues fixed upstream in 6.0.7 and 7.0.5
            https://bugzilla.redhat.com/show_bug.cgi?id=1204821
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use
    su -c 'yum update owncloud' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://admin.fedoraproject.org/mailman/listinfo/package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"67","type":"x","order":"1","pct":57.26,"resources":[]},{"id":"88","title":"Should be more technical","votes":"16","type":"x","order":"2","pct":13.68,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.06,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.