From upstream, these versions fix multiple security issues (changelog is not online yet). Just a heads up for now, but CVEs will probably come soon On our side, 4.0.8 and 4.5.0 are now in tree, previous version removed
Thanks, Bernard. Upstream changelog at $URL: Version 4.0.8 Oct 10th 2012 Show Login Button when user and password are autocompleted Sanitize LDAP base, user and groups Security: Fix for insufficiently Random Values (CVE-2008-4107) Security: Fixed multiple XSS vulnerabilities (CVE-2012-5056) Security: Fixed a HTTP header injection (CVE-2012-5057) Security: Fixed an Auth bypass in /lib/base.php (CVE-2012-5336) Download: http://download.owncloud.org/releases/owncloud-4.0.8.tar.bz2 MD5: http://download.owncloud.org/releases/owncloud-4.0.8.tar.bz2.md5 Closing noglsa for ~arch only.