Re: [owncloud-devel] ownCloud solutions in *other* projects

Thu, 08 Jan 2015 17:02:40 -0800

I always worked seamlessly with the creator of getID3 and we benefit from each other. 

https://github.com/JamesHeinrich/getID3/commit/a9443d559def6ab07489698a5b60c3c58da0e67e
This was derived from https://github.com/owncloud/music/issues/212#issuecomment-43082336 

Morris

Am 09.01.2015 um 00:37 schrieb Alessandro Cosentino:

Awesome! This is a fantastic start. Thank you, Lukas!

On Thu, Jan 8, 2015 at 5:06 PM, Lukas Reschke <lu...@statuscode.ch> wrote:

In order to celebrate ownCloud's 5th birthday (and the anniversary of
my 3-year engagement with ownCloud), I have planned to write a blog
post on how the development of ownCloud has benefited other software
projects (not necessarily open source projects).


ownCloud’s security team has reported quite some vulnerabilities in well known 
and widely used 3rdparty libraries. Most notably:

- ZendFramework: http://framework.zend.com/security/advisory/ZF2014-01
- SabreDAV: http://www.cvedetails.com/cve/CVE-2013-1939/ + 
http://www.cvedetails.com/cve/CVE-2014-2055/
- TCPDF: 
https://github.com/tcpdf-clone/tcpdf/commit/8ec040b3ccedc2a0150a7b6b46c18c59d932ad59
- GetID3: 
https://github.com/JamesHeinrich/getID3/commit/dc8549079a24bb0619b6124ef2df767704f8d0bc
 (also used by Wordpress and so on…)
- PHPExcel: 
https://github.com/PHPOffice/PHPExcel/commit/c243bcb8ad2911cdbd0c272b284a516b444e606a
- PHPDocX: http://www.cvedetails.com/cve/CVE-2014-2056/

Also in quite some other components but those are not that widely used as the 
ones pointed out above. Also every one of the bugs pointed out above allowed an 
attacker to either execute arbitrary PHP Code or read arbitrary files from the 
system :-)

- Lukas
_______________________________________________
Devel mailing list
Devel@owncloud.org
http://mailman.owncloud.org/mailman/listinfo/devel


_______________________________________________
Devel mailing list
Devel@owncloud.org
http://mailman.owncloud.org/mailman/listinfo/devel


_______________________________________________
Devel mailing list
Devel@owncloud.org
http://mailman.owncloud.org/mailman/listinfo/devel

Reply via email to