Fedora 32: 2020-10-19 Nextcloud 18.0.9 Moderate Security Issues

NextCloud gives you universal access to your files through a web interface or

WebDAV. It also provides a platform to easily view & sync your contacts,

calendars and bookmarks across all your devices and enables basic editing right

on the web. NextCloud is extendable via a simple but powerful API for

applications and plugins.

Update to Nextcloud 18.0.9, fixes CVE-2020-81-39, CVE-2020-8173, CVE-2020-8183,

CVE-2020-8223, CVE-2020-8154, CVE-2020-8155. Updating the Mail & Groupfolders

apps from within Nextcloud also fixes CVE-2020-8153, CVE-2020-8156

* Sun Oct 11 2020 Christopher Engelhard - 18.0.9-1

- Update to Nextcloud 18.0.9

[ 1 ] Bug #1838275 - CVE-2020-8153 CVE-2020-8154 CVE-2020-8155 CVE-2020-8156 nextcloud: multiple vulnerabilities [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1838275

[ 2 ] Bug #1838535 - CVE-2020-8139 nextcloud: hide-download shares to be downloadable when appending /download to the URL [fedora-31]

https://bugzilla.redhat.com/show_bug.cgi?id=1838535

[ 3 ] Bug #1873704 - Please update to 18.0.8 on Fedora 32

https://bugzilla.redhat.com/show_bug.cgi?id=1873704

su -c 'dnf upgrade --advisory FEDORA-2020-c9863904de' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/