Date: Fri, 8 Nov 2013 19:38:11 +0100 (CET) From: Loic Blot <loic.blot@unix-experience.fr> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/183797: www/owncloud stability and security Message-ID: <20131108183811.3D2CB5C806@www.unix-experience.fr> Resent-Message-ID: <201311081840.rA8Ie1SP039180@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 183797 >Category: ports >Synopsis: www/owncloud stability and security >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Nov 08 18:40:01 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Loic Blot >Release: FreeBSD 9.2-RELEASE amd64 >Organization: Institut Optique Graduate School >Environment: System: FreeBSD www.unix-experience.fr 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 2013 root@bake.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 >Description: Owncloud 5.0.13 has been updated, fixing a security flaw and many bugs which can be blocking SECURITY: Fix a possible security bypass on admin page under certain circumstances and MariaDB Correctly update database schema during app update Fix automatic login rejecion error message Several Oracle fixes Fixing serverroot/webroot calculation Adding detection for aborted uploads for chunked uploads Fixing directory handling that end with a space Fixing home storage handling Allow to share a file/folder as public link also if one of it parents was already shared as link Fix search in shared folders Fix check for uploads into Shared folder Several Shared folder handling fixes Prefere them PNGs over core SVGs Fall back to default log file of specified logfile doesn’t exist Several IE fixes Fix LDAP login for certain circumstances Fixed chunk size calculation for encrypted files Fix recursive delete for smb Fix using touch for creating files for smb Support OCS Share API Fix updating ETAGs Don't write user passwords into logfile Enable configuration of timezones for logfile timestamps Cleanup share database table for files that no longer exist Adding privilege check on move and rename operations >How-To-Repeat: >Fix: Here is the port update --- owncloud.diff begins here --- --- Makefile.old 2013-11-08 19:34:40.000000000 +0100 +++ Makefile 2013-11-08 19:29:33.000000000 +0100 @@ -1,8 +1,7 @@ # $FreeBSD: www/owncloud/Makefile 333181 2013-11-08 05:29:43Z kevlo $ PORTNAME= owncloud -PORTVERSION= 5.0.12 -PORTREVISION= 1 +PORTVERSION= 5.0.13 CATEGORIES= www MASTER_SITES= http://download.owncloud.org/community/ --- distinfo.old 2013-11-08 19:35:30.000000000 +0100 +++ distinfo 2013-11-08 19:29:37.000000000 +0100 @@ -1,2 +1,2 @@ -SHA256 (owncloud-5.0.12.tar.bz2) = b1aafcba4823c011b19b60353394d81455e2b3e9c169d4e444b27c740695ed7a -SIZE (owncloud-5.0.12.tar.bz2) = 15147476 +SHA256 (owncloud-5.0.13.tar.bz2) = 8a64ab8cc2ae4c71713a2922e5fbcda029de8ab2cf4dee04e15f041be48aa326 +SIZE (owncloud-5.0.13.tar.bz2) = 15436770 --- owncloud.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131108183811.3D2CB5C806>