Advisories » MGASA-2015-0256

Updated owncloud-client package fixes security vulnerability

Publication date: 05 Jul 2015
Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4456

Description

ownCloud Desktop Client before 1.8.2 was vulnerable against MITM attacks when
used in combination with self-signed certificates (CVE-2015-4456).

The owncloud-client package has been updated to version 1.8.3, which fixes this
issue as well as several other bugs
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16106
• https://owncloud.org/security/advisory/?id=oc-sa-2015-009
• https://owncloud.org/changelog/desktop/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4456

SRPMS

4/core

• owncloud-client-1.8.3-1.mga4

5/core

• owncloud-client-1.8.3-1.mga5