Security update for nextcloud (moderate)

2018-12-0712:19:24

lists.opensuse.org

0.001 Low

EPSS

Percentile

21.9%

JSON

This update for nextcloud fixes security issues and bugs.

Security issues fixed:

CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments
(boo#1114817)

This update also contains all bug fixes and improvements in the 13.0.8
version, including:

Password expiration time changed from 12h to 7d
Bug fixes to the OAuth brute force protection
Various other bug fixes and improvements

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0noarchnextcloud< 13.0.8-lp150.2.9.1nextcloud-13.0.8-lp150.2.9.1.noarch.rpm
openSUSE Backports SLE15noarchnextcloud< 13.0.8-bp150.2.6.1nextcloud-13.0.8-bp150.2.6.1.noarch.rpm
openSUSE Leap42.3noarchnextcloud< 13.0.8-15.1nextcloud-13.0.8-15.1.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.0	noarch	nextcloud	< 13.0.8-lp150.2.9.1	nextcloud-13.0.8-lp150.2.9.1.noarch.rpm
openSUSE Backports SLE	15	noarch	nextcloud	< 13.0.8-bp150.2.6.1	nextcloud-13.0.8-bp150.2.6.1.noarch.rpm
openSUSE Leap	42.3	noarch	nextcloud	< 13.0.8-15.1	nextcloud-13.0.8-15.1.noarch.rpm

References

bugzilla.suse.com/1114817

0.001 Low

EPSS

Percentile

21.9%

JSON

Related for OPENSUSE-SU-2018:4002-1