Summary: | <www-apps/nextcloud-14.0.0: password protection bypass on certain shared file types (CVE-2018-16467) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Boyle <boylemic> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | voyageur, web-apps |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nextcloud.com/security/advisory/?id=NC-SA-2018-014 | ||
Whiteboard: | ~4 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Boyle
2018-10-31 02:04:40 UTC
@maintainer(s), the fix is in 14.0.0-14.0.3. We can clean the previous versions. Michael Boyle Gentoo Security Padawan OK there was a round of advisories, like https://nextcloud.com/security/advisory/?id=NC-SA-2018-010 also affecting 12.x and 13.x I cleaned all previous versions (except last releases): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1dbd46d1641947919326bb7f29bcd2fff423e20c |