[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: ownCloud
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2012-12-22 6:49:01
Message-ID: 50D557DD.7020304 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/21/2012 02:29 PM, Lukas Reschke wrote:
> ownCloud 4.5.5 and 4.0.10 are bringing two security fixes: 
> http://owncloud.org/changelog/
> 
> - Auth bypass in user_webdavauth and user_ldap (oC-SA-2012-001)

Please use CVE-2012-5665 for this issue.

> - XSS vulnerability in bookmarks (oC-SA-2012-007)

Please use CVE-2012-5666 for this issue.

> Thanks Lukas
> 


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ1VfdAAoJEBYNRVNeJnmT/sEP/jXElZAErcew5AFir9bcYnhK
wM2ApyIDK4Lf/jp4QSGKYtGvOZqECQ2oPfUd6atYSZfVwvwNqv3qqNRHWiTfnGy/
Mv0m8b/BLq0s3Mjm8ChmOY82OweHLWzV7mzk1U0GWqRT60+TVG5A82E1OzcIsUhf
IH1ph5nEhdop5qolkfrgs44gRj2d11Wqjur21xvXBYr+EKpmG+jU0+Q7+T6/PhRn
y1f7yzvikVk1GByBzfomKv+vBCP/m/t63HC1xgW/zLUlFOrxT70bpCs0sFv81itF
xtJfhDdNnRImIF2DxYROy4jMW/VVdIv1TanEYTsPYWKgtOojYceBPV1027YSx1UP
zLuhJ+BRwsiv/OCFVYbJ7NTapg0hgMykNGb0thNowBmOMmAQwP1TIH/kPRtspWk1
crsgBRrM5CHVkNUgTXZgRki1RSqq38OWyMKsHNH2cYHJBO1/Ri+JGkpU7z2e0/aD
2M9pr1yeqiWcxjWl8FF1CsbXeHGGdn5r4BT+F/rqThocjUFoUnekgTD/ZtXzQmR2
ecQTttmUAB8raK5yJI2fTNW5P4vnaF+CPTlVP1qUkeJSeJ6iJCRjUMcj9NbCojVd
OZew+ts7YQKV6df9fu0BgKDiA9RbgdoUKMHDC4MEgdfpvd91Nplkjo0RFnhXjqdH
pGG3+b4aFBpLCaZXs7m4
=Z0ds
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]