• Update to 20.0.10, fixes multiple CVEs (RHBZ 1934830, RHBZ 1934838, RHBZ 1934840, RHBZ 1977202)
  • Include php-fpm config in httpd subpackage
  • Set php memory limit to 512MB (RHBZ 1933529)
  • Add Referrer-policy no-referrer to nginx config (RHBZ 1933530)

This update has been submitted for testing by lcts.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

12 months ago

This update has been pushed to stable.

12 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
Module
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
12 months ago
BZ#1933529 The PHP memory limit is below the recommended value of 512MB
0
0
BZ#1933530 The “Referrer-Policy” HTTP header is not set to “no-referrer”, “no-referrer-when-downgrade”, “strict-origin”, “strict-origin-when-cross-origin” or “same-origin”
0
0
BZ#1934830 CVE-2020-8296 nextcloud: Passwords stored in a recoverable format [fedora-all]
0
0
BZ#1934838 CVE-2021-22878 nextcloud: Reflected cross-site scripting due to lack of sanitization in `OC.Notification.show` [fedora-all]
0
0
BZ#1934840 CVE-2021-22877 nextcloud: Stored credentials accessible by other users [fedora-all]
0
0
BZ#1977202 CVE-2021-22915 nextcloud: lack of inclusion of IPv6 subnets in rate-limiting considerations allows brute force attacks [fedora-all]
0
0

Automated Test Results