Nextcloud Bugfix and Security Updates

Post date

January 16, 2017

Categories
Author

Jos Poortvliet

2017-1751381_1920Welcome to 2017! Our new year resolution: continue to provide you the safest, most secure way to protect your data!

Today Nextcloud makes available updates for Nextcloud 9, 10 and 11 with a number of bug fixes and a precautionary update for the SwiftMailer vulnerability discovered recently. We recommend to update at your earliest convenience. Read on to find out what has changed.

Fixes

Nextcloud 11.0.1 introduces about two dozen fixes dealing with Safari’s lack of decent CSPv3 support, a fix for LDAP issues, the Calendar/Contact DAV endpoint and more. About a dozen is relevant for 10.0.3, making updates more reliable and fixing some translation and visual issues.

Find more details in our changelogs.

swift

Precautionary update for SwiftMailer

Just before the end of 2016, a security researcher published a security advisory for an unfixed critical vulnerability in SwiftMailer. SwiftMailer is a widely used library for sending e-mails from PHP applications and used by many popular frameworks such as Yii2, Laravel or Symfony.

This library in question is also used by Nextcloud and we’ve immediately begun analyzing the vulnerability as well as it’s exploitation path. After extensive analysis by members of our security team we believe that a standard Nextcloud server installation is not affected by this specific vulnerability. However, as we include the library in our public programming API third-party app authors may call the library in an exploitable way.

Security Matters

Nextcloud takes security very seriously and protecting user data is of utmost importance to us. We want to state again, that this is purely a security pre-caution and based on our research this seems like a non-exploitable issue in a default Nextcloud server installation. However, as we didn’t want to take even any slightly theoretical chance of exploitation we’ve decided to err on the side of caution to protect our users.

Nextcloud employs dedicated security personnel, is subject to regular penetration testing, static and dynamic analysis and offers bug bounties up to $5,000 for critical security vulnerabilities.

Learn more about Nextcloud security…

Available now

We made available the updates for Nextcloud 9, 10 and 11 on our download server and via the updater. If you are on the latest version you will receive an update notification. Due to staged roll-outs the update notification does not come at once for all users. You can expect to be notified at the latest by the end of next week. Users on Nextcloud 10 or 11 can bypass the waiting period by setting their release channel to ‘beta’ to immediately receive Nextcloud 11.0.1.

We recommend to update at your earliest convenience. Get the latest Nextcloud 11 from our download page and earlier releases from the changelog page.

Other posts

Nextcloud file uploads issue Android app

Unhappy with the recently lost file upload feature in the Nextcloud app for Android? So are we. Let us explain.

Dear users, We are aware that for some months, Nextcloud file uploads for Android users have not been working as expected: you cannot upload all data to your Nextcloud, only photos and videos. We have seen your complaints in various forums such as the Nextcloud help forum, on GitHub, Reddit, or other forums. As your […]

Read More
Microsoft Teams alternative Nextcloud Talk Munich launch at Nextcloud Summit

Your Microsoft Teams alternative: Nextcloud Talk “Munich” launching live at the Nextcloud Summit

With Nextcloud Talk “Munich”, Nextcloud offers a solid Microsoft Teams alternative. Join the launch live on June 5th at the Nextcloud Summit!

Read More
Nextcloud nomination Product of the Year 2025 connect professional competition

Vote for Nextcloud as Product of the Year 2025 in the connect professional competition!

Nextcloud is nominated for connect professional Product of the Year 2025 readers’ choice awards — and we need your vote! As a digitally sovereign open source platform for collaboration and cloud storage, voters can support Nextcloud in two categories: Help us take home this award — and grab the chance to win some nice prize […]

Read More
Nextcloud nominated for the CloudComputing-Insider Award 2025

Vote for Nextcloud in the CloudComputing-Insider IT Awards 2025

For the ninth time, Nextcloud has been nominated for the CloudComputing-Insider Readers’ Choice Award in the category of Cloud Content Management. We’d love to reach the top again! And we’re looking for the support of you and everyone else in our amazing community to get there. Nextcloud as the best Cloud Content Management tool? Only […]

Read More
Featured image Nextcloud Summit 2025

Digital sovereignty in Munich: Join us at the Nextcloud Summit 2025

Following the overwhelming success of our Enterprise Days, Nextcloud is proud to launch its very first Summit on digital sovereignty. Whereas the Enterprise Days have a clear focus on Nextcloud as a platform and technology, with the Summit, we want to address the wider market around digitally sovereign collaboration technology. This exclusive one-day event bridges […]

Read More
Nextcloud Hub 10 featured image

Nextcloud Hub 10 – your unified, modular digital workspace

Welcome Nextcloud Hub 10. Our latest release comes with reinforced performance in every app, deeper integration across the platform, and dozens of new features that will make your day easier.

Read More
Nextcloud powering the digital workspace of tomorrow - 2024 in review

Nextcloud powering the digital workspace of tomorrow: 2024 in review

In the Nextcloud 2024 wrap-up, we want to take a moment to celebrate this year's achievements. Join us as we continue to reimagine what’s possible - shaping a world where open source, privacy and connection come together and drive progress for the greater good. 

Read More

The open source answer to Microsoft Teams

Organisations, small and large, need a way to ensure the resiliency and digital sovereignty of their operations – an open-source, privacy-respecting alternative to Teams. And today, we present that solution - Nextcloud Talk.

Read More
Nextcloud Recognized with World Summit Award Germany

Nextcloud recognized with World Summit Award Germany

Nextcloud has been recognized with the World Summit Award Germany that selects and promotes local digital innovation improving society, aiming to contribute to the United Nations' agenda of sustainable development goals.

Read More
Nextcloud IT-Awards 2024

Nextcloud wins Platinum at the IT Awards 2024!

Nextcloud has been awarded Platinum at the IT Awards 2024. Today, we celebrate this win together!

Read More
Meet the first open-source AI assistant that doesn't prey on your data

Meet the first open-source AI assistant that doesn't prey on your data

The first ethical, open-source AI assistant that can get a multitude of tasks done for you without compromising your data.

Read More
Nextcloud for DIE ZEIT: Microsoft’s anti-competitive behavior, PR stunts and salami slicing

Nextcloud for DIE ZEIT: Microsoft’s anti-competitive behavior, PR stunts and salami slicing

DIE ZEIT, a prominent German outlet, interviewed Nextcloud’s founder Frank Karlitschek for an article on Microsoft’s anti-competitive behaviour on the European office software market. Read for a recap of the article and the key takeaways.

Read More
MagentaCLOUD feature image

How T-Systems migrated millions of MagentaCLOUD users to Nextcloud

MagentaCLOUD’s migration to Nextcloud in 2021 resulted in a fully equipped Online Storage with an integrated online office suite that further improves the user experience, flexibility and security for customers.

Read More

Nextcloud releases Assistant 2.0 and pushes AI-as-a-Service

We bring you a major update to the Nextcloud AI Assistant, plus the news we work with several big hosting providers like IONOS and OVHcloud to bring AI-as-a-Service options to you!

Read More
Bechtle and Nextcloud offer a digitally sovereign service for the public sector

Bechtle and Nextcloud offer digitally sovereign collaboration services for the public sector

Bechtle and Nextcloud announce today a complete managed collaboration platform for the public sector that requires no tender and can be deployed immediately.

Read More

Migrating from ownCloud to Nextcloud

Discover how to make the switch from ownCloud to Nextcloud. Our quick guide provides insights into the migration process, helping you make the transition smoothly.

Read More
Owncloud Nextcloud Kiteworks migration tools

Kiteworks acquires ownCloud & Dracoon

Today, US-based file sync & share vendor Kiteworks announced their acquisition of ownCloud and Dracoon. Kiteworks points out that their customers now have access to their file-sharing application. It is to be expected they will not maintain 3 similar products, but customers will have to migrate to the US firms’ platform or look for another […]

Read More
Frank Karlitschek, Nextcloud founder, wins the European SFS Award

Nextcloud founder earns European Free Software Award

Nextcloud founder and CEO Frank Karlitschek earns the honorary SFS Award at the 20th annual SFSCON taking place in South Tyrol, Italy.

Read More
Minister of Digitization of Schleswig-Holstein and Nextcloud CEO shake hands

German state & Nextcloud build digitally sovereign AI for public sector

As part of Schleswig-Holstein's state digitization strategy, the state chancellery has announced they will work with Nextcloud to develop AI for working with government documents. This comes just after we announced the first private AI assistant last weekend with Hub 6. The German state already uses Nextcloud and their AI strategy aligns with our work on ethical, local AI technologies.

Read More
ethical ai

AI in Nextcloud: what, why and how

Over the last year, AI has become a popular topic. Some is hype, some is substance. Some is good, some is bad. We want to give you the good, not the bad, and ignore the hype! AI has a ton of opportunity – but also risk. So we put you in control – off by […]

Read More
Nextcloud Summit Agenda Highlights

The Nextcloud Summit 2025 Agenda: shaping Europe’s digital future with experts and thought-leaders

On June 5th, we are welcoming experts and thought leaders for a defining event on Europe’s digital future and tech innovation: the Nextcloud Summit in Munich, Germany. This full-day event builds on momentum of public and private organizations looking for an online platform based on trust, transparency, and independence. With an agenda featuring keynotes from […]

Read More
Nextcloud Summit panel discussion featured image

Nextcloud Summit panel discussion on tech innovation: “Europe CAN do it: strengthening digital sovereignty”

Join the Nextcloud Summit in Munich, June 5, for a thought-provoking panel discussion on tech innovation and digital sovereignty in Europe.

Read More

Start the discussion at the
Nextcloud forums

Go to Forums