Bug#699652: tpu: owncloud/4.0.4debian2-3.3
Hi Julien
On Sun, Feb 03, 2013 at 11:50:05PM +0100, Julien Cristau wrote:
> On Sun, Feb 3, 2013 at 00:05:39 +0100, Salvatore Bonaccorso wrote:
>
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian.org@packages.debian.org
> > Usertags: unblock
> >
> > Hi Release Team
> >
> > owncloud in unstable fixes some security bugs: #698737, which are some
> > XSS vulnerabilities fixed in unstable (CVE-2012-0201, CVE-2012-0202
> > and CVE-2012-0203). But we have a newer version in unstable. Attached
> > is the proposed debdiff against the version in unstable (practicly the
> > same patch as applied in unstable).
> >
> > Attached is the debdiff. Could I upload this to t-p-u?
> >
> > Regards and thanks for your work!
> >
> Go ahead.
Thanks done!
> > +--- a/apps/gallery/sharing.php
> > ++++ b/apps/gallery/sharing.php
> > +@@ -37,7 +37,7 @@
> > + <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script>
>
> ick.
Indeed; have not checked in detail but does not seem to be reported to
the BTS so far.
Regards,
Salvatore
Reply to: