Hi, folks. Instead of relval (for a change) I spent some of my non-work time today working on ownCloud packaging (I’m the owner/’primary contact’/whatever for the ownCloud package, these days).
I’ve been in touch with ownCloud’s awesome security folk, Lukas Reschke, recently, and he confirmed that the ownCloud version currently in Fedora 19 and EPEL 6 – 4.5.13 – is known to have some security vulnerabilities. It’s also unmaintained and is very unlikely to be upgradable directly to ownCloud 7, so I really needed to Do Something for folks on those releases.
So I did! There’s now an ownCloud 5.0.17 update candidate for Fedora 19 and an ownCloud 6.0.5 update candidate for EPEL 6. Well, the ownCloud 6 update for EPEL 6 has been around for a while, but it never actually installed before, it had all sorts of dep issues.
There is also an ownCloud 5 build for EPEL 6 in my oc5 side repository – you can grab https://www.happyassassin.net/temp/oc5_repo/oc5.repo and put it in
/etc/yum.repos.d to enable that. This is intended for upgrading: ownCloud only officially supports upgrading one major version at a time, so if you have an existing EPEL 6 ownCloud 4.5.13 deployment it is probably best to upgrade from 4.5.13 to 5.0.17 via the side repo, then from 5.0.17 to 6.0.5. 4.5 to 6.x upgrade may work, I have no idea – I haven’t tested it – but AFAIK it’s not supported and can’t be relied upon.
I’ve actually done some testing on these: I’ve tested upgrade of an F19 4.5.13 MySQL deployment to 5.0.17 and clean 5.0.17 install, and both worked fine. On EPEL 6 (on a CentOS 6.6 install) I tested upgrade from 4.5.13 to 5.0.17 via the side repo, then upgrade to 6.0.4-3, then upgrade to 6.0.5-1; it survived the whole process without obvious problems. I didn’t test fresh deployment of OC 5 or OC 6 on EPEL 6, yet.
ownCloud 5 is still in maintenance upstream for a few months, and ownCloud 6 should be maintained for a while. I plan to send ownCloud 6 to Fedora 19 just before it goes EOL, the hope being people have a few weeks to upgrade from 4.5 to 5 now, then they can upgrade from 5 to 6, before upgrading to Fedora 20 or 21 where they’ll get 7. I wanted to take roughly the same approach for EPEL 6, but Remi sent a 6.0.2 update to testing some time ago and I don’t think I can ‘rewind’ to 5.x now that’s happened.
I intend to keep the oc5 and oc6 repos available with both F19 and EPEL 6 builds of the latest 5 and 6 builds as long as I can (notwithstanding the /temp in the path – I really shouldn’t have put ’em in that directory…), so there’s at least some way to do a staged upgrade of old installations if you miss any boats.
I’ll try and look at EPEL 7 later this week; I’ll probably aim to start it out on 6.x then see if we can get it to 7.x. I think some dependent packages do not yet have EPEL 7 branches, though, so I may have to wait on other maintainers before I can possibly do an EPEL 7 build.