The version of ownCloud in Ubuntu’s Universe repositories is old and full of “multiple critical security vulnerabilities.†It’s no secret. The ownCloud project itself asked Ubuntu to remove it so users wouldn’t have vulnerable server software. Ubuntu suggested to ownCloud they should take over maintaining it instead. OwnCloud thought that was ridiculous—they just want to write software and not maintain it in every distribution’s repositories.
Ubuntu is finally taking action and uploading an empty package that will disable the vulnerable ownCloud server software on Ubuntu 14.04 systems. But this whole weeks-long ordeal demonstrates a serious weakness with the way Linux software is packaged, distributed, and updated.
Read more at PCWorld.
