[Pkg-owncloud-commits] [SCM] owncloud.git branch, master, updated. debian/4.0.8debian-1-6-g1a00794
Paul van Tilburg
paulvt at debian.org
Sat Feb 9 13:29:24 UTC 2013
The following commit has been merged in the master branch:
commit 5d2c96b99a0c85649eec2c4778ea65321a0bb892
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Fri Jan 25 21:36:15 2013 +0100
Imported Debian patch 4.0.8debian-1.4
diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index 845ca06..0000000
--- a/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-.pc
diff --git a/debian/changelog b/debian/changelog
index 4a23451..c3be537 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,41 @@
+owncloud (4.0.8debian-1.4) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Add 12_oc-sa-2013-001.patch patch
+ [SECURITY] CVE-2012-0201, CVE-2012-0202 and CVE-2012-0203: Fix multiple
+ XSS vulnerabilities. (Closes: #698737)
+
+ -- Salvatore Bonaccorso <carnil at debian.org> Fri, 25 Jan 2013 21:36:15 +0100
+
+owncloud (4.0.8debian-1.3) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Multiple security fixes (Closes: #696574):
+ + debian/patches/10_oc-sa-2012-006.patch:
+ - CVE-2012-5665: Auth bypass in user_webdavauth and user_ldap
+ + debian/patches/11_oc-sa-2012-007.patch:
+ - CVE-2012-5666: XSS vulnerability in bookmarks
+
+ -- Luca Falavigna <dktrkranz at debian.org> Fri, 28 Dec 2012 20:20:56 +0100
+
+owncloud (4.0.8debian-1.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * debian/patches/06_oc-sa-2012-001.patch: Include escapeHTML() function.
+
+ -- Michael Banck <mbanck at debian.org> Wed, 05 Dec 2012 21:31:39 +0100
+
+owncloud (4.0.8debian-1.1) unstable; urgency=high
+
+ * Non-maintainer upload, fixes several security issues (Closes: #693990).
+ * debian/patches/06_oc-sa-2012-001.patch: Fix multiple XSS vulnerabilities.
+ * debian/patches/07_oc-sa-2012-002.patch: Fix timing attack.
+ * debian/patches/08_oc-sa-2012-004.patch: Fix code execution in migrate.php.
+ * debian/patches/09_oc-sa-2012-005.patch: Fix code execution in
+ filesystem.php.
+
+ -- Michael Banck <mbanck at debian.org> Sun, 25 Nov 2012 12:26:01 +0100
+
owncloud (4.0.8debian-1) unstable; urgency=low
* New upstream bugfix release
diff --git a/debian/patches/06_oc-sa-2012-001.patch b/debian/patches/06_oc-sa-2012-001.patch
new file mode 100644
index 0000000..3e339c7
--- /dev/null
+++ b/debian/patches/06_oc-sa-2012-001.patch
@@ -0,0 +1,69 @@
+Index: owncloud-4.0.8debian/core/js/js.js
+===================================================================
+--- owncloud-4.0.8debian.orig/core/js/js.js 2012-10-09 17:10:37.000000000 +0200
++++ owncloud-4.0.8debian/core/js/js.js 2012-12-05 21:31:14.538889999 +0100
+@@ -29,6 +29,15 @@
+ }
+ t.cache={};
+
++/*
++* Sanitizes a HTML string
++* @param string
++* @return Sanitized string
++*/
++function escapeHTML(s) {
++ return s.toString().split('&').join('&').split('<').join('<').split('"').join('"');
++}
++
+ OC={
+ webroot:oc_webroot,
+ appswebroot:oc_appswebroot,
+Index: owncloud-4.0.8debian/3rdparty/fullcalendar/js/fullcalendar.js
+===================================================================
+--- owncloud-4.0.8debian.orig/3rdparty/fullcalendar/js/fullcalendar.js 2012-11-25 12:57:59.258247853 +0100
++++ owncloud-4.0.8debian/3rdparty/fullcalendar/js/fullcalendar.js 2012-12-05 21:31:14.558890107 +0100
+@@ -4662,7 +4662,7 @@
+ "</span>";
+ }
+ html +=
+- "<span class='fc-event-title'>" + event.title + "</span>" +
++ "<span class='fc-event-title'>" + htmlEscape(event.title) + "</span>" +
+ "</div>";
+ if (seg.isEnd && isEventResizable(event)) {
+ html +=
+@@ -5220,5 +5220,5 @@
+ };
+
+ }
+-
++
+ })(jQuery);
+Index: owncloud-4.0.8debian/apps/files/js/filelist.js
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/files/js/filelist.js 2012-11-25 12:57:59.258247853 +0100
++++ owncloud-4.0.8debian/apps/files/js/filelist.js 2012-12-05 21:31:14.574890191 +0100
+@@ -14,9 +14,9 @@
+ var extension=false;
+ }
+ html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />';
+- html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '<').replace(/>/, '>')+'/'+name+'"><span class="nametext">'+basename
++ html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '<').replace(/>/, '>')+'/'+escapeHTML(name)+'"><span class="nametext">'+escapeHTML(basename);
+ if(extension){
+- html+='<span class="extension">'+extension+'</span>';
++ html+='<span class="extension">'+escapeHTML(extension)+'</span>';
+ }
+ html+='</span></a></td>';
+ if(size!='Pending'){
+Index: owncloud-4.0.8debian/apps/files_versions/js/versions.js
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/files_versions/js/versions.js 2012-11-25 12:57:59.258247853 +0100
++++ owncloud-4.0.8debian/apps/files_versions/js/versions.js 2012-12-05 21:31:14.614890392 +0100
+@@ -36,7 +36,7 @@
+
+ var historyUrl = OC.linkTo('files_versions', 'history.php') + '?path='+encodeURIComponent( $( '#dir' ).val() ).replace( /%2F/g, '/' )+'/'+encodeURIComponent( filename );
+
+- var html = '<div id="dropdown" class="drop" data-file="'+files+'">';
++ var html = '<div id="dropdown" class="drop" data-file="'+escapeHTML(files)+'">';
+ html += '<div id="private">';
+ html += '<select data-placeholder="Saved versions" id="found_versions" class="chzen-select" style="width:16em;">';
+ html += '<option value=""></option>';
diff --git a/debian/patches/07_oc-sa-2012-002.patch b/debian/patches/07_oc-sa-2012-002.patch
new file mode 100644
index 0000000..ff006e0
--- /dev/null
+++ b/debian/patches/07_oc-sa-2012-002.patch
@@ -0,0 +1,28 @@
+Index: owncloud-4.0.8debian/core/lostpassword/index.php
+===================================================================
+--- owncloud-4.0.8debian.orig/core/lostpassword/index.php 2012-11-25 12:57:44.838176326 +0100
++++ owncloud-4.0.8debian/core/lostpassword/index.php 2012-11-25 12:57:49.474199345 +0100
+@@ -13,8 +13,8 @@
+ // Someone lost their password:
+ if (isset($_POST['user'])) {
+ if (OC_User::userExists($_POST['user'])) {
+- $token = hash("sha256", $_POST['user'].OC_Util::generate_random_bytes(10));
+- OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
++ $token = hash("sha256", OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', ''));
++ OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash("sha256", $token)); // Hash the token again to prevent timing attacks
+ $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
+ if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
+ $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.urlencode($_POST['user']).'&token='.$token;
+Index: owncloud-4.0.8debian/core/lostpassword/resetpassword.php
+===================================================================
+--- owncloud-4.0.8debian.orig/core/lostpassword/resetpassword.php 2012-11-25 12:57:44.838176326 +0100
++++ owncloud-4.0.8debian/core/lostpassword/resetpassword.php 2012-11-25 12:57:49.474199345 +0100
+@@ -10,7 +10,7 @@
+ require_once('../../lib/base.php');
+
+ // Someone wants to reset their password:
+-if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === $_GET['token']) {
++if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === hash("sha256", $_GET['token'])) {
+ if (isset($_POST['password'])) {
+ if (OC_User::setPassword($_GET['user'], $_POST['password'])) {
+ OC_Preferences::deleteKey($_GET['user'], 'owncloud', 'lostpassword');
diff --git a/debian/patches/08_oc-sa-2012-004.patch b/debian/patches/08_oc-sa-2012-004.patch
new file mode 100644
index 0000000..2ee8b15
--- /dev/null
+++ b/debian/patches/08_oc-sa-2012-004.patch
@@ -0,0 +1,91 @@
+Index: owncloud-4.0.8debian/lib/migrate.php
+===================================================================
+--- owncloud-4.0.8debian.orig/lib/migrate.php 2012-11-25 12:57:40.610155372 +0100
++++ owncloud-4.0.8debian/lib/migrate.php 2012-11-25 12:57:52.078212228 +0100
+@@ -199,8 +199,8 @@
+ // Get export_info.json
+ $scan = scandir( $extractpath );
+ // Check for export_info.json
+- if( !in_array( 'export_info.json', $scan ) ){
+- OC_Log::write( 'migration', 'Invalid import file, export_info.json note found', OC_Log::ERROR );
++ if( !in_array( 'export_info.json', $scan ) ) {
++ OC_Log::write( 'migration', 'Invalid import file, export_info.json not found', OC_Log::ERROR );
+ return json_encode( array( 'success' => false ) );
+ }
+ $json = json_decode( file_get_contents( $extractpath . 'export_info.json' ) );
+@@ -235,12 +235,19 @@
+ return json_encode( array( 'success' => false ) );
+ }
+ // Copy data
+- if( !self::copy_r( $extractpath . $json->exporteduser, $datadir . '/' . self::$uid ) ){
+- return json_encode( array( 'success' => false ) );
++ $userfolder = $extractpath . $json->exporteduser;
++ $newuserfolder = $datadir . '/' . self::$uid;
++ foreach(scandir($userfolder) as $file){
++ if($file !== '.' && $file !== '..' && is_dir($file)){
++ // Then copy the folder over
++ OC_Helper::copyr($userfolder.'/'.$file, $newuserfolder.'/'.$file);
++ }
+ }
+ // Import user app data
+- if( !$appsimported = self::importAppData( $extractpath . $json->exporteduser . '/migration.db', $json, self::$uid ) ){
+- return json_encode( array( 'success' => false ) );
++ if(file_exists($extractpath . $json->exporteduser . '/migration.db')){
++ if( !$appsimported = self::importAppData( $extractpath . $json->exporteduser . '/migration.db', $json, self::$uid ) ) {
++ return json_encode( array( 'success' => false ) );
++ }
+ }
+ // All done!
+ if( !self::unlink_r( $extractpath ) ){
+@@ -305,37 +312,6 @@
+ }
+
+ /**
+- * @brief copies recursively
+- * @param $path string path to source folder
+- * @param $dest string path to destination
+- * @return bool
+- */
+- private static function copy_r( $path, $dest ){
+- if( is_dir($path) ){
+- @mkdir( $dest );
+- $objects = scandir( $path );
+- if( sizeof( $objects ) > 0 ){
+- foreach( $objects as $file ){
+- if( $file == "." || $file == ".." || $file == ".htaccess")
+- continue;
+- // go on
+- if( is_dir( $path . '/' . $file ) ){
+- self::copy_r( $path .'/' . $file, $dest . '/' . $file );
+- } else {
+- copy( $path . '/' . $file, $dest . '/' . $file );
+- }
+- }
+- }
+- return true;
+- }
+- elseif( is_file( $path ) ){
+- return copy( $path, $dest );
+- } else {
+- return false;
+- }
+- }
+-
+- /**
+ * @brief tries to extract the import zip
+ * @param $path string path to the zip
+ * @return string path to extract location (with a trailing slash) or false on failure
+Index: owncloud-4.0.8debian/lib/helper.php
+===================================================================
+--- owncloud-4.0.8debian.orig/lib/helper.php 2012-11-25 12:57:40.610155372 +0100
++++ owncloud-4.0.8debian/lib/helper.php 2012-11-25 12:57:52.078212228 +0100
+@@ -309,7 +309,8 @@
+ self::copyr("$src/$file", "$dest/$file");
+ }
+ }
+- }elseif(file_exists($src)){
++
++ }elseif(file_exists($src) && !OC_Filesystem::isFileBlacklisted($src)) {
+ copy($src, $dest);
+ }
+ }
diff --git a/debian/patches/09_oc-sa-2012-005.patch b/debian/patches/09_oc-sa-2012-005.patch
new file mode 100644
index 0000000..0b587ce
--- /dev/null
+++ b/debian/patches/09_oc-sa-2012-005.patch
@@ -0,0 +1,52 @@
+Index: owncloud-4.0.8debian/lib/filesystem.php
+===================================================================
+--- owncloud-4.0.8debian.orig/lib/filesystem.php 2012-11-25 12:57:34.022122706 +0100
++++ owncloud-4.0.8debian/lib/filesystem.php 2012-11-25 12:57:53.858221067 +0100
+@@ -361,12 +361,16 @@
+ * @return bool
+ */
+ static public function isValidPath($path){
++ $path = str_replace('\\', '/', $path);
+ if(!$path || $path[0]!=='/'){
+ $path='/'.$path;
+ }
+ if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){
+ return false;
+ }
++ if(self::isFileBlacklisted($path)){
++ return false;
++ }
+ return true;
+ }
+
+@@ -375,21 +379,23 @@
+ * Listens to write and rename hooks
+ * @param array $data from hook
+ */
+- static public function isBlacklisted($data){
+- $blacklist = array('.htaccess');
++ static public function isBlacklisted($data) {
+ if (isset($data['path'])) {
+ $path = $data['path'];
+ } else if (isset($data['newpath'])) {
+ $path = $data['newpath'];
+ }
+ if (isset($path)) {
+- $filename = strtolower(basename($path));
+- if (in_array($filename, $blacklist)) {
+- $data['run'] = false;
+- }
++ $data['run'] = !self::isFileBlacklisted($path);
+ }
+ }
+-
++
++ static public function isFileBlacklisted($path){
++ $blacklist = array('.htaccess');
++ $filename = strtolower(basename($path));
++ return in_array($filename, $blacklist);
++ }
++
+ /**
+ * following functions are equivalent to their php builtin equivalents for arguments/return values.
+ */
diff --git a/debian/patches/10_oc-sa-2012-006.patch b/debian/patches/10_oc-sa-2012-006.patch
new file mode 100644
index 0000000..438e754
--- /dev/null
+++ b/debian/patches/10_oc-sa-2012-006.patch
@@ -0,0 +1,48 @@
+Index: owncloud-4.0.8debian/apps/files_encryption/settings.php
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/files_encryption/settings.php 2012-10-09 17:09:46.000000000 +0200
++++ owncloud-4.0.8debian/apps/files_encryption/settings.php 2012-12-25 16:29:57.110214044 +0100
+@@ -6,6 +6,8 @@
+ * See the COPYING-README file.
+ */
+
++OC_Util::checkAdminUser();
++
+ $tmpl = new OCP\Template( 'files_encryption', 'settings');
+ $blackList=explode(',',OCP\Config::getAppValue('files_encryption','type_blacklist','jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
+ $enabled=(OCP\Config::getAppValue('files_encryption','enable_encryption','true')=='true');
+Index: owncloud-4.0.8debian/apps/user_ldap/settings.php
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/user_ldap/settings.php 2012-10-09 17:10:37.000000000 +0200
++++ owncloud-4.0.8debian/apps/user_ldap/settings.php 2012-12-25 16:29:57.114214045 +0100
+@@ -20,6 +20,9 @@
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
++
++OC_Util::checkAdminUser();
++
+ $params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute');
+
+ OCP\Util::addscript('user_ldap', 'settings');
+Index: owncloud-4.0.8debian/apps/user_migrate/settings.php
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/user_migrate/settings.php 2012-10-09 17:10:37.000000000 +0200
++++ owncloud-4.0.8debian/apps/user_migrate/settings.php 2012-12-25 16:29:57.114214045 +0100
+@@ -22,6 +22,9 @@
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
++
++OC_Util::checkLoggedIn();
++
+ OCP\App::checkAppEnabled('user_migrate');
+ if (isset($_POST['user_import'])) {
+ $root = OC::$SERVERROOT . "/";
+@@ -86,4 +89,4 @@
+ // fill template
+ $tmpl = new OCP\Template('user_migrate', 'settings');
+ return $tmpl->fetchPage();
+-}
+\ No newline at end of file
++}
diff --git a/debian/patches/11_oc-sa-2012-007.patch b/debian/patches/11_oc-sa-2012-007.patch
new file mode 100644
index 0000000..db8e0f7
--- /dev/null
+++ b/debian/patches/11_oc-sa-2012-007.patch
@@ -0,0 +1,13 @@
+Index: owncloud-4.0.8debian/apps/bookmarks/js/bookmarks.js
+===================================================================
+--- owncloud-4.0.8debian.orig/apps/bookmarks/js/bookmarks.js 2012-10-09 17:10:37.000000000 +0200
++++ owncloud-4.0.8debian/apps/bookmarks/js/bookmarks.js 2012-12-25 16:25:21.050223382 +0100
+@@ -141,7 +141,7 @@
+ var taglist = '';
+ for ( var i=0, len=tags.length; i<len; ++i ){
+ if(tags[i] != '')
+- taglist = taglist + '<a class="bookmark_tag" href="'+replaceQueryString( String(window.location), 'tag', encodeURIComponent(tags[i])) + '">' + tags[i] + '</a> ';
++ taglist = taglist + '<a class="bookmark_tag" href="'+replaceQueryString(escapeHTML(String(window.location)), 'tag', encodeURIComponent(tags[i])) + '">' + tags[i] + '</a> ';
+ }
+ if(!hasProtocol(bookmark.url)) {
+ bookmark.url = 'http://' + bookmark.url;
diff --git a/debian/patches/12_oc-sa-2013-001.patch b/debian/patches/12_oc-sa-2013-001.patch
new file mode 100644
index 0000000..902c08a
--- /dev/null
+++ b/debian/patches/12_oc-sa-2013-001.patch
@@ -0,0 +1,86 @@
+Description: Fix multiple XSS vulnerabilities
+ - CVE-2013-0201
+ - CVE-2013-0202
+ - CVE-2013-0203
+ .
+ See: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
+Origin: upstream
+Bug-Debian: http://bugs.debian.org/698737
+Author: Salvatore Bonaccorso <carnil at debian.org>
+Last-Update: 2013-01-24
+
+--- a/apps/gallery/sharing.php
++++ b/apps/gallery/sharing.php
+@@ -37,7 +37,7 @@
+ <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script>
+ <script src="js/sharing.js" type="text/javascript"></script>
+ <script>
+- var TOKEN = '<?php echo htmlentities($_GET['token']); ?>';
++ var TOKEN = '<?php echo OC_Util::sanitizeHTML($_GET['token']); ?>';
+ </script>
+ </head>
+ <body>
+--- a/core/lostpassword/templates/resetpassword.php
++++ b/core/lostpassword/templates/resetpassword.php
+@@ -1,4 +1,4 @@
+-<form action="<?php echo 'resetpassword.php?'.$_SERVER['QUERY_STRING']; ?>" method="post">
++<form action="<?php echo 'resetpassword.php?user='.htmlentities($_GET['user']).'&token='.htmlentities($_GET['token']); ?>" method="post">
+ <fieldset>
+ <?php if($_['success']): ?>
+ <h1><?php echo $l->t('Your password was reset'); ?></h1>
+--- a/lib/helper.php
++++ b/lib/helper.php
+@@ -179,8 +179,9 @@
+ $mimetype=$alias[$mimetype];
+ // echo $mimetype;
+ }
+- // Replace slash with a minus
++ // Replace slash and backslash with a minus
+ $mimetype = str_replace( "/", "-", $mimetype );
++ $mimetype = str_replace( "\\", "-", $mimetype );
+
+ // Is it a dir?
+ if( $mimetype == "dir" ){
+--- a/apps/files_sharing/ajax/share.php
++++ b/apps/files_sharing/ajax/share.php
+@@ -25,7 +25,7 @@
+ }
+ } catch (Exception $exception) {
+ OCP\Util::writeLog('files_sharing', 'Unexpected Error : '.$exception->getMessage(), OCP\Util::ERROR);
+- OCP\JSON::error(array('data' => array('message' => $exception->getMessage())));
++ OCP\JSON::error(array('data' => array('message' => OC_Util::sanitizeHTML($exception->getMessage()))));
+ }
+ } else {
+ if ($file['encrypted'] == true) {
+--- a/apps/bookmarks/js/bookmarks.js
++++ b/apps/bookmarks/js/bookmarks.js
+@@ -158,9 +158,9 @@
+ '</span> ' +
+ '</p>' +
+ '<p class="bookmark_title">'+
+- '<a href="' + encodeEntities(bookmark.url) + '" target="_blank" class="bookmark_link">' + encodeEntities(bookmark.title) + '</a>' +
++ '<a href="' + encodeURI(bookmark.url) + '" target="_blank" class="bookmark_link">' + encodeEntities(bookmark.title) + '</a>' +
+ '</p>' +
+- '<p class="bookmark_url"><a href="' + encodeEntities(bookmark.url) + '" target="_blank" class="bookmark_link">' + encodeEntities(bookmark.url) + '</a></p>' +
++ '<p class="bookmark_url"><a href="' + encodeURI(bookmark.url) + '" target="_blank" class="bookmark_link">' + encodeURI(bookmark.url) + '</a></p>' +
+ '</div>'
+ );
+ if(taglist != '') {
+@@ -198,4 +198,4 @@
+ function hasProtocol(url) {
+ var regexp = /(ftp|http|https|sftp)/;
+ return regexp.test(url);
+-}
++}
+\ No newline at end of file
+--- a/apps/calendar/js/calendar.js
++++ b/apps/calendar/js/calendar.js
+@@ -718,7 +718,7 @@
+ ' class="' + classes.join(' ') + '"' +
+ '>' +
+ '<span class="fc-event-title">' +
+- event.title +
++ escapeHTML(event.title) +
+ '</span>' +
+ '</span>' +
+ '</td>' +
diff --git a/debian/patches/series b/debian/patches/series
index e933a28..f18ce3f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,4 +5,10 @@
fix_tar_require.diff
fix_sabre_requires.diff
fix_config.php_mode.diff
-
+06_oc-sa-2012-001.patch
+07_oc-sa-2012-002.patch
+08_oc-sa-2012-004.patch
+09_oc-sa-2012-005.patch
+10_oc-sa-2012-006.patch
+11_oc-sa-2012-007.patch
+12_oc-sa-2013-001.patch
diff --git a/debian/source/local-options b/debian/source/local-options
deleted file mode 100644
index 4aceb10..0000000
--- a/debian/source/local-options
+++ /dev/null
@@ -1 +0,0 @@
-unapply-patches
--
owncloud.git
More information about the Pkg-owncloud-commits
mailing list