Overview

File _patchinfo of Package patchinfo.15756

<patchinfo incident="15756">
  <issue tracker="cve" id="2020-8295"/>
  <issue tracker="cve" id="2020-8294"/>
  <issue tracker="cve" id="2020-8293"/>
  <issue tracker="bnc" id="1181803">VUL-1: CVE-2020-8294: nextcloud: A missing link validation</issue>
  <issue tracker="bnc" id="1181804">VUL-0: CVE-2020-8295: nextcloud: Denial of service attack when resetting the password for a user</issue>
  <issue tracker="bnc" id="1181445">VUL-0: CVE-2020-8293: nextcloud: input validation issue allows users to store unlimited data in workflow rules</issue>
  <packager>atopt</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for nextcloud</summary>
  <description>This update for nextcloud fixes the following issues:

- nextcloud was upgraded to version 20.0.7
   - CVE-2020-8294: Fixed a missing link validation (boo#1181803)
   - CVE-2020-8295: Fixed a denial of service attack (boo#1181804)
   - CVE-2020-8293: Fixed an input validation issue (boo#1181445)

This update was imported from the openSUSE:Leap:15.2:Update update project.</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places