Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
Control: tags -1 + confirmed
On Sun, 2015-09-13 at 16:37 -0400, David Prévot wrote:
> As already discussed with the security team, please accept the fix for
> CVE-2015-4715 in php-dropbox. Source debdiff attached.
>
> As noted in the ownCloud tracker, the issue is only relevant if a server
> runs PHP below 5.6.0, or if some default has been changed. Yet, since
> the owncloud (and php-dropbox) packages from Jessie can be used (and I
> know they are actually used) out of the box on Wheezy, having the fix in
> the next point release makes sense.
>
> 1: https://owncloud.org/security/advisory/?id=oc-sa-2015-005
Please go ahead.
Regards,
Adam
Reply to: