Overview

File _patchinfo of Package patchinfo.8398

<patchinfo incident="8398">
  <issue tracker="bnc" id="1100344">VUL-0: CVE-2018-3761: nextcloud: Improper authentication on the OAuth2 token endpoint</issue>
  <issue tracker="bnc" id="1100343">VUL-1: CVE-2018-3762: nextcloud: Improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.</issue>
  <issue tracker="cve" id="2018-3762"/>
  <issue tracker="cve" id="2018-3761"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>ecsos</packager>
  <description>This update for nextcloud fixes the following issues:

Security issues fixed:

- CVE-2018-3761: Fix improper authentication on the OAuth2 token endpoint (bsc#1100344).
- CVE-2018-3762: Fix improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to (bsc#1100343).
  </description>
  <summary>Security update for nextcloud</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places