Package: owncloud Severity: grave Tags: security Justification: user security hole
Hi, CVE-2012-4753 is still unfixed in Wheezy: http://www.openwall.com/lists/oss-security/2012/09/05/17 It's not clear, which CSRF fixes were fixed in 4.0.5, so please contact upstream to identify the specific fixes and introduce them in another tpu upload. Cheers, Moritz _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
