CVE-2021-44537: ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b973582f9c0b210df9f8baed587897a99c072276 commit b973582f9c0b210df9f8baed587897a99c072276 Author: Bernard Cafarelli <voyageur@gentoo.org> AuthorDate: 2022-01-18 20:39:05 +0000 Commit: Bernard Cafarelli <voyageur@gentoo.org> CommitDate: 2022-01-18 22:34:34 +0000 net-misc/owncloud-client: drop old security vulnerable versions Bug: https://bugs.gentoo.org/831372 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org> net-misc/owncloud-client/Manifest | 2 - .../owncloud-client-2.9.0.5150.ebuild | 69 ---------------------- .../owncloud-client-2.9.1.5500.ebuild | 69 ---------------------- 3 files changed, 140 deletions(-)
Thanks! All done