Path to this page:
Subject: CVS commit: [pkgsrc-2012Q4] pkgsrc/www/php-owncloud
From: Matthias Scheler
Date: 2013-02-27 14:53:14
Message id: 20130227135314.85021175DD@cvs.netbsd.org
Log Message:
Pullup ticket #4082 - requested by ryoon
www/php-owncloud: security update
Revisions pulled up:
- www/php-owncloud/MESSAGE 1.10
- www/php-owncloud/Makefile 1.25-1.26
- www/php-owncloud/PLIST 1.11-1.12
- www/php-owncloud/distinfo 1.12-1.13
- www/php-owncloud/options.mk 1.4
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jan 25 20:02:25 UTC 2013
Modified Files:
pkgsrc/www/php-owncloud: MESSAGE Makefile PLIST distinfo options.mk
Log Message:
Update to 4.5.6
* Add PostgreSQL support, not tested.
Changelog:
Version 4.5.6 Jan 22th 2013
Improved language detection
Improved translations
Fix link to bugtracker
Several IE 6/7/8 fixes
SabreDAV updated to 1.6.6
Improved error reporting
Support special characters in mountpoint
Interpret http 403 and 401 as not authorized in user_webdavauth
Several fixes for special characters in files and folders
Improved PostgreSQL support
Check database names for valid characters
Fix default email address calculation
Remove debug output on send password page
Add SMTP port configuration option
Only show the max possible upload of 2GB on a 32 bit system
Show progress during file downloads
Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, \
CVE-2013-0203
Security: Fix Code execution in external storage: CVE-2013-0204
Security: Removed remoteStorage app because of unfixed security problems.
---
Module Name: pkgsrc
Committed By: ryoon
Date: Mon Feb 25 21:30:18 UTC 2013
Modified Files:
pkgsrc/www/php-owncloud: Makefile PLIST distinfo
Log Message:
Update to 4.5.7
Changelog:
Version 4.5.7 Feb 20th 2013
Fix for 3rd party apps dropping the database
Fix SubAdmins management
Fix PHP warnings
Fix compatibility with some CIFS shares
More robust apps management
Remove not needed AWS tests
Improved mime type parsing
Several sharing fixes
Offer the option to change the password only supported by the backend
More robust auto language detection
Revoke DB rights on install only if the db is newly created
Fix rendering of database connection error page
LDAP: update quota more often
Multiple XSS vulnerabilities (oC-SA-2013-003)
Multiple CSRF vulnerabilities (oC-SA-2013-004)
PHP settings disclosure (oC-SA-2013-005)
Multiple code executions (oC-SA-2013-006)
Privilege escalation in the calendar application (oC-SA-2013-007)
Files: