• Update to 20.0.10, fixes multiple CVEs (RHBZ 1934830, RHBZ 1934838, RHBZ 1934840, RHBZ 1977202)
  • Include php-fpm config in httpd subpackage
  • Set php memory limit to 512MB (RHBZ 1933529)
  • Add Referrer-policy no-referrer to nginx config (RHBZ 1933530)

This update has been submitted for testing by lcts.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
Module
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1933529 The PHP memory limit is below the recommended value of 512MB
0
0
BZ#1933530 The “Referrer-Policy” HTTP header is not set to “no-referrer”, “no-referrer-when-downgrade”, “strict-origin”, “strict-origin-when-cross-origin” or “same-origin”
0
0
BZ#1934830 CVE-2020-8296 nextcloud: Passwords stored in a recoverable format [fedora-all]
0
0
BZ#1934838 CVE-2021-22878 nextcloud: Reflected cross-site scripting due to lack of sanitization in `OC.Notification.show` [fedora-all]
0
0
BZ#1934840 CVE-2021-22877 nextcloud: Stored credentials accessible by other users [fedora-all]
0
0
BZ#1977202 CVE-2021-22915 nextcloud: lack of inclusion of IPv6 subnets in rate-limiting considerations allows brute force attacks [fedora-all]
0
0

Automated Test Results