Security update for nextcloud
This update for nextcloud fixes the following issues:
Security issues fixed:
- CVE-2018-3761: Fix improper authentication on the OAuth2 token endpoint (bsc#1100344).
- CVE-2018-3762: Fix improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to (bsc#1100343).
-
Submitted by
Eric Schirra (ecsos)
Fixed bugs
bnc#1100344
VUL-0: CVE-2018-3761: nextcloud: Improper authentication on the OAuth2 token endpoint
bnc#1100343
VUL-1: CVE-2018-3762: nextcloud: Improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.
