The following flaws were fixed in the 7.0.5 release of ownCloud: CVE-2015-3013 -- Bypass of file blacklist (oC-SA-2015-004) https://owncloud.org/security/advisory/?id=oc-sa-2015-004 CVE-2015-3012 -- Multiple stored XSS in "documents" application (oC-SA-2015-002) https://owncloud.org/security/advisory/?id=oc-sa-2015-002 CVE-2015-3011 -- Multiple stored XSS in "contacts" application (oC-SA-2015-001) https://owncloud.org/security/advisory/?id=oc-sa-2015-001 Additional information: https://www.debian.org/security/2015/dsa-3244
Created owncloud tracking bugs for this issue: Affects: fedora-all [bug 1218245] Affects: epel-6 [bug 1218246] Affects: epel-7 [bug 1218247]
7.0.5 is already out for all releases prior to 22 as a stable update. 22 and Rawhide are on the 8.x series.