Security update for nextcloud
This update for nextcloud fixes the following issues:
- nextcloud was upgraded to version 20.0.7
- CVE-2020-8294: Fixed a missing link validation (boo#1181803)
- CVE-2020-8295: Fixed a denial of service attack (boo#1181804)
- CVE-2020-8293: Fixed an input validation issue (boo#1181445)
This update was imported from the openSUSE:Leap:15.2:Update update project.
-
Submitted by
Alexandros Toptsoglou (atopt)
Fixed bugs
bnc#1181803
VUL-1: CVE-2020-8294: nextcloud: A missing link validation
bnc#1181804
VUL-0: CVE-2020-8295: nextcloud: Denial of service attack when resetting the password for a user
bnc#1181445
VUL-0: CVE-2020-8293: nextcloud: input validation issue allows users to store unlimited data in workflow rules
