merge v0.19b hot fix release

27b4edfc · Joshua Tauberer · 35a360ef · ba75ff78 · 27b4edfc · 27b4edfc
Commit 27b4edfc authored Aug 20, 2016 by Joshua Tauberer
Show whitespace changes
Inline Side-by-side

Showing with 10 additions and 3 deletions

CHANGELOG.md CHANGELOG.md +7 -0

README.md README.md +2 -2

bootstrap.sh setup/bootstrap.sh +1 -1

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,13 @@ ownCloud:

 * Updated to ownCloud to 8.2.7.

+v0.19b (August 20, 2016)
+------------------------
+
+This update corrects a security issue introduced in v0.18.
+
+A remote code execution vulnerability is corrected in how the munin system monitoring graphs are generated for the control panel. The vulnerability involves an administrative user visiting a carefully crafted URL.
+
 v0.19a (August 18, 2016)
 ------------------------


--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ by me:
 	$ curl -s https://keybase.io/joshdata/key.asc | gpg --import
 	gpg: key C10BDD81: public key "Joshua Tauberer <jt@occams.info>" imported

-	$ git verify-tag v0.19a
+	$ git verify-tag v0.19b
 	gpg: Signature made ..... using RSA key ID C10BDD81
 	gpg: Good signature from "Joshua Tauberer <jt@occams.info>"
 	gpg: WARNING: This key is not certified with a trusted signature!
@@ -72,7 +72,7 @@ and on my [personal homepage](https://razor.occams.info/). (Of course, if this r

 Checkout the tag corresponding to the most recent release:

-	$ git checkout v0.19a
+	$ git checkout v0.19b

 Begin the installation.


--- a/setup/bootstrap.sh
+++ b/setup/bootstrap.sh
@@ -7,7 +7,7 @@
 #########################################################

 if [ -z "$TAG" ]; then
-	TAG=v0.19a
+	TAG=v0.19b
 fi

 # Are we running as root?