First I should note that we could use Debian's packages as a start for updating these packages. http://snapshot.debian.org/package/owncloud/
Debian versions available: 5.0.13+dfsg-2 or 5.0.14.a+dfsg-1 6.0.4+dfsg-1 or 6.0.3+dfsg-2
Ubuntu versions: 6.0.1+dfsg-1ubuntu1 trusty 5.0.4debian-0ubuntu1~ubuntu12.04 precise
Owncloud versions with release dates: Version 7.0.2 August 28th 2014 Version 6.0.5 August 28th 2014 Version 5.0.17 June 23rd 2014
The proposed package suggests updating with OBS or juju and that would upgrade to either 7.0.1 (juju) or 7.0.2 (OBS) depending on the choice. The 5.x and 6.x versions of owncloud still have supported upstream packages which are less likely to break things: http://download.opensuse.org/repositories/isv:/ownCloud:/community:/5.0/xUbuntu_12.04/ http://download.opensuse.org/repositories/isv:/ownCloud:/community:/6.0/xUbuntu_14.04/
The trusty package also points to https://jujucharms.com/precise/owncloud/. One might wonder if the juju charm won't work for trusty.
I have tried to identify the CVE patch sets without much success thus far.
Support for the 5.x series will likely be ending within 6 months and it will require more work to update security patches included in 5.0.17.
Would the SRU team accept an updated package based on the Debian's 6.0.4+dfsg-1 package for trusty?
First I should note that we could use Debian's packages as a start for updating these packages. http:// snapshot. debian. org/package/ owncloud/
Debian versions available:
5.0.13+dfsg-2 or 5.0.14.a+dfsg-1
6.0.4+dfsg-1 or 6.0.3+dfsg-2
Ubuntu versions: 0ubuntu1~ ubuntu12. 04 precise
6.0.1+dfsg-1ubuntu1 trusty
5.0.4debian-
Owncloud versions with release dates:
Version 7.0.2 August 28th 2014
Version 6.0.5 August 28th 2014
Version 5.0.17 June 23rd 2014
The proposed package suggests updating with OBS or juju and that would upgrade to either 7.0.1 (juju) or 7.0.2 (OBS) depending on the choice. download. opensuse. org/repositorie s/isv:/ ownCloud: /community: /5.0/xUbuntu_ 12.04/ download. opensuse. org/repositorie s/isv:/ ownCloud: /community: /6.0/xUbuntu_ 14.04/
The 5.x and 6.x versions of owncloud still have supported upstream packages which are less likely to break things:
http://
http://
The trusty package also points to https:/ /jujucharms. com/precise/ owncloud/. One might wonder if the juju charm won't work for trusty.
I have tried to identify the CVE patch sets without much success thus far.
Support for the 5.x series will likely be ending within 6 months and it will require more work to update security patches included in 5.0.17.
Would the SRU team accept an updated package based on the Debian's 6.0.4+dfsg-1 package for trusty?