nextcloudpi icon indicating copy to clipboard operation
nextcloudpi copied to clipboard

Published 20 hours ago • verified publisher icon nextcloud

CVE-2023-48239 in nextcloud server

Open Colfenor opened this issue 1 year ago • 1 comments

Heyo,

in the nextcloud server project a high severe CVE has been reported:

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267

which recommends that the Nextcloud Server is upgraded to quote 25.0.13, 26.0.8 or 27.1.3.

Is there an ETA on when to release a new docker image on the hub with the upstream merged patch ?

As of now the latest version is from 26 July 2023, 4 months ago. https://hub.docker.com/r/ownyourbits/nextcloudpi

greetings !

Colfenor avatar Dec 05 '23 22:12 Colfenor

The nextcloudpi-docker-version is EOL at the moment. Look here.

So if you are still on docker it is the best to migrate to another ncp instance.

REAPERSbattlecry avatar Dec 09 '23 13:12 REAPERSbattlecry

@REAPERSbattlecry is right, unfortunately. You can always try to update to specific Nextcloud versions manually, but they will not be tested.

theCalcaholic avatar Apr 22 '24 20:04 theCalcaholic