Hi again, So far only two replies :( I am sure the actual reality is better than this!
If you do have some contribution to other projects that fits the constraints I specified in the first email, please let me know. I am going to write the blog post this weekend. Thanks, Alessandro On Thu, Jan 8, 2015 at 8:01 PM, Morris Jobke <mor...@owncloud.com> wrote: > I always worked seamlessly with the creator of getID3 and we benefit from > each other. > > https://github.com/JamesHeinrich/getID3/commit/a9443d559def6ab07489698a5b60c3c58da0e67e > > This was derived from > https://github.com/owncloud/music/issues/212#issuecomment-43082336 > > Morris > > Am 09.01.2015 um 00:37 schrieb Alessandro Cosentino: > >> Awesome! This is a fantastic start. Thank you, Lukas! >> >> On Thu, Jan 8, 2015 at 5:06 PM, Lukas Reschke <lu...@statuscode.ch> wrote: >>>> >>>> In order to celebrate ownCloud's 5th birthday (and the anniversary of >>>> my 3-year engagement with ownCloud), I have planned to write a blog >>>> post on how the development of ownCloud has benefited other software >>>> projects (not necessarily open source projects). >>> >>> >>> ownCloud’s security team has reported quite some vulnerabilities in well >>> known and widely used 3rdparty libraries. Most notably: >>> >>> - ZendFramework: http://framework.zend.com/security/advisory/ZF2014-01 >>> - SabreDAV: http://www.cvedetails.com/cve/CVE-2013-1939/ + >>> http://www.cvedetails.com/cve/CVE-2014-2055/ >>> - TCPDF: >>> https://github.com/tcpdf-clone/tcpdf/commit/8ec040b3ccedc2a0150a7b6b46c18c59d932ad59 >>> - GetID3: >>> https://github.com/JamesHeinrich/getID3/commit/dc8549079a24bb0619b6124ef2df767704f8d0bc >>> (also used by Wordpress and so on…) >>> - PHPExcel: >>> https://github.com/PHPOffice/PHPExcel/commit/c243bcb8ad2911cdbd0c272b284a516b444e606a >>> - PHPDocX: http://www.cvedetails.com/cve/CVE-2014-2056/ >>> >>> Also in quite some other components but those are not that widely used as >>> the ones pointed out above. Also every one of the bugs pointed out above >>> allowed an attacker to either execute arbitrary PHP Code or read arbitrary >>> files from the system :-) >>> >>> - Lukas >>> _______________________________________________ >>> Devel mailing list >>> Devel@owncloud.org >>> http://mailman.owncloud.org/mailman/listinfo/devel >>> >> _______________________________________________ >> Devel mailing list >> Devel@owncloud.org >> http://mailman.owncloud.org/mailman/listinfo/devel >> > _______________________________________________ > Devel mailing list > Devel@owncloud.org > http://mailman.owncloud.org/mailman/listinfo/devel _______________________________________________ Devel mailing list Devel@owncloud.org http://mailman.owncloud.org/mailman/listinfo/devel
