Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1

To: David Prévot <taffit@debian.org>, 798893@bugs.debian.org
Subject: Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 13 Sep 2015 22:56:38 +0100
Message-id: <[🔎] 1442181398.7638.54.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 798893@bugs.debian.org
In-reply-to: <[🔎] 55F5DE7F.4000905@debian.org>
References: <[🔎] 55F5DE7F.4000905@debian.org>

Control: tags -1 + confirmed

On Sun, 2015-09-13 at 16:37 -0400, David Prévot wrote:
> As already discussed with the security team, please accept the fix for
> CVE-2015-4715 in php-dropbox. Source debdiff attached.
> 
> As noted in the ownCloud tracker, the issue is only relevant if a server
> runs PHP below 5.6.0, or if some default has been changed. Yet, since
> the owncloud (and php-dropbox) packages from Jessie can be used (and I
> know they are actually used) out of the box on Wheezy, having the fix in
> the next point release makes sense.
> 
> 1: https://owncloud.org/security/advisory/?id=oc-sa-2015-005

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
  - From: David Prévot <taffit@debian.org>

References:
- Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
  - From: David Prévot <taffit@debian.org>

Prev by Date: Bug#798895: jessie-pu: package owncloud/7.0.4+dfsg-4~deb8u2
Next by Date: Processed: Re: Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
Previous by thread: Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
Next by thread: Bug#798893: jessie-pu: package php-dropbox/1.0.0-3+deb8u1
Index(es):
- Date
- Thread