[Pkg-owncloud-commits] [SCM] owncloud.git branch, master, updated. debian/4.0.8debian-1-6-g1a00794

Sat Feb 9 13:29:24 UTC 2013

The following commit has been merged in the master branch:
commit 1a00794ad79bcfe939f630981004b8e3e017d52f
Merge: 7709174ae5a55e6695f760daccef8d696b4099ad 5d2c96b99a0c85649eec2c4778ea65321a0bb892
Author: Paul van Tilburg <paulvt at debian.org>
Date:   Sat Feb 9 14:26:59 2013 +0100

    Merge branch 'nmu'
    
    This comprises NMUs form version 4.0.8debian-1.1 until 4.0.8debian-1.4a.
    
    Conflicts:
    	debian/changelog

diff --combined debian/changelog
index 91965d4,c3be537..a3ee5ad

--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,41 +1,47 @@@
 +owncloud (4.5.1+debian-1) UNRELEASED; urgency=low
 +
 +  * New upstream release
 +
 + -- Paul van Tilburg <paulvt at debian.org>  Fri, 02 Nov 2012 22:20:35 +0100
 +
+ owncloud (4.0.8debian-1.4) unstable; urgency=high
+ 
+   * Non-maintainer upload.
+   * Add 12_oc-sa-2013-001.patch patch
+     [SECURITY] CVE-2012-0201, CVE-2012-0202 and CVE-2012-0203: Fix multiple
+     XSS vulnerabilities. (Closes: #698737)
+ 
+  -- Salvatore Bonaccorso <carnil at debian.org>  Fri, 25 Jan 2013 21:36:15 +0100
+ 
+ owncloud (4.0.8debian-1.3) unstable; urgency=high
+ 
+   * Non-maintainer upload.
+   * Multiple security fixes (Closes: #696574):
+     + debian/patches/10_oc-sa-2012-006.patch:
+       - CVE-2012-5665: Auth bypass in user_webdavauth and user_ldap
+     + debian/patches/11_oc-sa-2012-007.patch:
+       - CVE-2012-5666: XSS vulnerability in bookmarks
+ 
+  -- Luca Falavigna <dktrkranz at debian.org>  Fri, 28 Dec 2012 20:20:56 +0100
+ 
+ owncloud (4.0.8debian-1.2) unstable; urgency=high
+ 
+   * Non-maintainer upload.
+   * debian/patches/06_oc-sa-2012-001.patch: Include escapeHTML() function.
+ 
+  -- Michael Banck <mbanck at debian.org>  Wed, 05 Dec 2012 21:31:39 +0100
+ 
+ owncloud (4.0.8debian-1.1) unstable; urgency=high
+ 
+   * Non-maintainer upload, fixes several security issues (Closes: #693990).
+   * debian/patches/06_oc-sa-2012-001.patch: Fix multiple XSS vulnerabilities.
+   * debian/patches/07_oc-sa-2012-002.patch: Fix timing attack.
+   * debian/patches/08_oc-sa-2012-004.patch: Fix code execution in migrate.php.
+   * debian/patches/09_oc-sa-2012-005.patch: Fix code execution in
+     filesystem.php.
+ 
+  -- Michael Banck <mbanck at debian.org>  Sun, 25 Nov 2012 12:26:01 +0100
+ 
  owncloud (4.0.8debian-1) unstable; urgency=low
  
    * New upstream bugfix release

-- 
owncloud.git

