Date: Fri, 8 Nov 2013 19:38:11 +0100 (CET) From: Loic Blot <loic.blot@unix-experience.fr> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/183797: www/owncloud stability and security Message-ID: <20131108183811.3D2CB5C806@www.unix-experience.fr> Resent-Message-ID: <201311081840.rA8Ie1SP039180@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 183797
>Category: ports
>Synopsis: www/owncloud stability and security
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Nov 08 18:40:01 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Loic Blot
>Release: FreeBSD 9.2-RELEASE amd64
>Organization:
Institut Optique Graduate School
>Environment:
System: FreeBSD www.unix-experience.fr 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 2013 root@bake.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
Owncloud 5.0.13 has been updated, fixing a security flaw and many bugs which can be blocking
SECURITY: Fix a possible security bypass on admin page under certain circumstances and MariaDB
Correctly update database schema during app update
Fix automatic login rejecion error message
Several Oracle fixes
Fixing serverroot/webroot calculation
Adding detection for aborted uploads for chunked uploads
Fixing directory handling that end with a space
Fixing home storage handling
Allow to share a file/folder as public link also if one of it parents was already shared as link
Fix search in shared folders
Fix check for uploads into Shared folder
Several Shared folder handling fixes
Prefere them PNGs over core SVGs
Fall back to default log file of specified logfile doesn’t exist
Several IE fixes
Fix LDAP login for certain circumstances
Fixed chunk size calculation for encrypted files
Fix recursive delete for smb
Fix using touch for creating files for smb
Support OCS Share API
Fix updating ETAGs
Don't write user passwords into logfile
Enable configuration of timezones for logfile timestamps
Cleanup share database table for files that no longer exist
Adding privilege check on move and rename operations
>How-To-Repeat:
>Fix:
Here is the port update
--- owncloud.diff begins here ---
--- Makefile.old 2013-11-08 19:34:40.000000000 +0100
+++ Makefile 2013-11-08 19:29:33.000000000 +0100
@@ -1,8 +1,7 @@
# $FreeBSD: www/owncloud/Makefile 333181 2013-11-08 05:29:43Z kevlo $
PORTNAME= owncloud
-PORTVERSION= 5.0.12
-PORTREVISION= 1
+PORTVERSION= 5.0.13
CATEGORIES= www
MASTER_SITES= http://download.owncloud.org/community/
--- distinfo.old 2013-11-08 19:35:30.000000000 +0100
+++ distinfo 2013-11-08 19:29:37.000000000 +0100
@@ -1,2 +1,2 @@
-SHA256 (owncloud-5.0.12.tar.bz2) = b1aafcba4823c011b19b60353394d81455e2b3e9c169d4e444b27c740695ed7a
-SIZE (owncloud-5.0.12.tar.bz2) = 15147476
+SHA256 (owncloud-5.0.13.tar.bz2) = 8a64ab8cc2ae4c71713a2922e5fbcda029de8ab2cf4dee04e15f041be48aa326
+SIZE (owncloud-5.0.13.tar.bz2) = 15436770
--- owncloud.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131108183811.3D2CB5C806>