Hi David, hi bpo-ftpmasters, VETO (, please)! On Di 22 Jul 2014 19:04:47 CEST, David Prévot wrote:
Hi, Le 22/05/2014 14:58, Gunnar Wolf a écrit :David Prévot dijo [Wed, May 21, 2014 at 06:57:06AM -0400]:The php-sabredav package currently available in wheezy-backports is vulnerable to some security issues, can you please upload a more recent version?This new version adds a dependency on php-symfony-classloader, which does not exist in Backports. If somebody is willing to provide such dependency, building+updating the package is trivial.php-symfony-classloader is a trivial package, only needed to run the test suite.Otherwise, maybe the best answer would be to remove it from Backports.Since nobody stepped up in the last two months to fix this security issue, can someone please take care of the removal of php-sabredav and its dependencies? (That means owncloud too, but since the backports package is also outdated, and the latest one also fixes a security issue, you’ll kill two birds in one stone.)
I will take care of all mentioned packages after my VAC (first week of August).
Thanks+Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
Attachment:
pgpzkoQc8K1aJ.pgp
Description: Digitale PGP-Signatur