From ${URL} : Description Due to not properly checking the ownership of an calendar, an authenticated attacker is able to download calendars of other users via the “calid” GET parameter to export.php in /apps/calendar/ Affected Software ownCloud Server < 8.1.1 (CVE-2015-6670) ownCloud Server < 8.0.6 (CVE-2015-6670) ownCloud Server < 7.0.8 (CVE-2015-6670) @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
Vulnerable versions removed: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98bfa53ed0489308a35f23bd7e24784cbbd8012c