Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-48239 in nextcloud server #1854

Closed
Colfenor opened this issue Dec 5, 2023 · 2 comments
Closed

CVE-2023-48239 in nextcloud server #1854

Colfenor opened this issue Dec 5, 2023 · 2 comments
Labels
has-updates

Comments

@Colfenor
Copy link

Colfenor commented Dec 5, 2023
edited

Heyo,

in the nextcloud server project a high severe CVE has been reported:

GHSA-f962-hw26-g267

which recommends that the Nextcloud Server is upgraded to quote 25.0.13, 26.0.8 or 27.1.3.

Is there an ETA on when to release a new docker image on the hub with the upstream merged patch ?

As of now the latest version is from 26 July 2023, 4 months ago.
https://hub.docker.com/r/ownyourbits/nextcloudpi

greetings !
@REAPERSbattlecry
Copy link

The nextcloudpi-docker-version is EOL at the moment.
Look here.

So if you are still on docker it is the best to migrate to another ncp instance.

@theCalcaholic
Copy link
Collaborator

@REAPERSbattlecry is right, unfortunately. You can always try to update to specific Nextcloud versions manually, but they will not be tested.

@theCalcaholic theCalcaholic reopened this Apr 22, 2024
@theCalcaholic theCalcaholic closed this as not planned Won't fix, can't repro, duplicate, stale Apr 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
has-updates
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@theCalcaholic @Colfenor @REAPERSbattlecry