[owncloud/f20: 2/2] new release 7.0.5 (yet-undisclosed vulns: #1204821 #1204823)

Mon Mar 23 19:22:21 UTC 2015

commit 300ed34aa2998255d4bbd239828e8a708fc84163
Author: Adam Williamson <awilliam at redhat.com>
Date:   Mon Mar 23 12:20:18 2015 -0700

    new release 7.0.5 (yet-undisclosed vulns: #1204821 #1204823)
    
    Also backports a 'critical' bug fix relating to cron kicking
    in while OC is in maintenance mode.

 .gitignore                                     |  1 +
 c716776a90da02e463040c507ea8a3f34d871cfd.patch | 27 ++++++++++++++++++++++++++
 owncloud.spec                                  | 13 +++++++++++--
 sources                                        |  2 +-
 4 files changed, 40 insertions(+), 3 deletions(-)
---

diff --git a/.gitignore b/.gitignore
index 8046d55..e5d2396 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@
 /owncloud-7.0.2-repack.tar.bz2
 /owncloud-7.0.3-repack.tar.bz2
 /owncloud-7.0.4-repack.tar.bz2
+/owncloud-7.0.5-repack.tar.bz2
diff --git a/c716776a90da02e463040c507ea8a3f34d871cfd.patch b/c716776a90da02e463040c507ea8a3f34d871cfd.patch
new file mode 100644
index 0000000..84ea9c6
--- /dev/null
+++ b/c716776a90da02e463040c507ea8a3f34d871cfd.patch
@@ -0,0 +1,27 @@
+From c716776a90da02e463040c507ea8a3f34d871cfd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller at tmit.eu>
+Date: Thu, 12 Mar 2015 21:03:26 +0100
+Subject: [PATCH] cron shall not operate in case we are in maintenance mode -
+ fixes #14843
+
+---
+ cron.php | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/cron.php b/cron.php
+index 5c2cb20..8a3240d 100644
+--- a/cron.php
++++ b/cron.php
+@@ -50,7 +50,11 @@ function handleUnexpectedShutdown() {
+ 
+ 	if (\OCP\Util::needUpgrade()) {
+ 		\OCP\Util::writeLog('cron', 'Update required, skipping cron', \OCP\Util::DEBUG);
+-		exit();
++		exit;
++	}
++	if (\OC::$server->getSystemConfig()->getValue('maintenance', false)) {
++		\OCP\Util::writeLog('cron', 'We are in maintenance mode, skipping cron', \OCP\Util::DEBUG);
++		exit;
+ 	}
+ 
+ 	// load all apps to get all api routes properly setup
diff --git a/owncloud.spec b/owncloud.spec
index 36b823a..b6bf252 100644
--- a/owncloud.spec
+++ b/owncloud.spec
@@ -1,6 +1,6 @@
 Name:           owncloud
-Version:        7.0.4
-Release:        3%{?dist}
+Version:        7.0.5
+Release:        1%{?dist}
 Summary:        Private file sync and share server
 
 License:        AGPLv3+ and MIT and BSD and CC-BY and CC-BY-SA and GPLv3 and Public Domain and (MPLv1.1 or GPLv2+ or LGPLv2+) and (MIT or GPL+) and (MIT or GPLv2) and ASL 2.0 and LGPLv3
@@ -63,6 +63,10 @@ Patch15:        %{name}-7.0.3-opcache_invalidate.patch
 # Backported from upstream 8.x, updates Google Drive external storage support
 # for v1.x of the Google API library.
 Patch16:        %{name}-7.0.4-google1.patch
+# Backported fix (from stable7) for 'critical' issue #14843
+# "cron shall not operate in case we are in maintenance mode"
+Patch17:        https://github.com/owncloud/core/commit/c716776a90da02e463040c507ea8a3f34d871cfd.patch
+
 
 BuildArch:      noarch
 
@@ -231,6 +235,7 @@ sed -i 's/\r$//' apps/files_encryption/lib/crypt.php
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
+%patch17 -p1
 
 # prepare package doc
 cp %{SOURCE3} README.fedora
@@ -449,6 +454,10 @@ fi
 
 
 %changelog
+* Mon Mar 23 2015 Adam Williamson <awilliam at redhat.com> - 7.0.5-1
+- new release 7.0.5 (fixes yet-undisclosed vulns, #1204821 #1204823)
+- also backport fix for 'severe' upstream issue #14843
+
 * Sun Feb 22 2015 Adam Williamson <awilliam at redhat.com> - 7.0.4-3
 - revise and strengthen Apache configuration layout, fix external apps
 - fix external apps for Nginx
diff --git a/sources b/sources
index 388ad86..fef145e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1f3349709d60dd2325d3c3c9d34bde57  owncloud-7.0.4-repack.tar.bz2
+35d78996858c5288a3475956866351ce  owncloud-7.0.5-repack.tar.bz2
