httpoxy Can Affect Nextcloud, Get Your Update Now

Beitragsdatum

18. Juli 2016

Kategorien
Autor

Jos Poortvliet

httpoxy
We ship Guzzle 5 as part of Nextcloud. This handles http requests and supports HTTP_PROXY environment variable which can be abused, in some special scenario’s, by an attacker to read content. In the worst case, when you use the ajax cron feature, an attacker can potentially see external storage credentials and data. We recommend not to use the ajax cron feature but the system cron if possible, as that also improves performance and reliability.

As a precaution and because security and privacy are paramount for our users, we released a security update. Grab the latest from the install page! Here is documentation on doing a manual upgrade or migrate.

Learn more about httpoxy here.

Andere Beiträge

Nextcloud Hub 9

Nextcloud Hub 9: Be connected

Mit Nextcloud Hub 9 bleiben Sie vernetzt. Neue Federation-Funktionen, Automatisierung von Workflows, neues Design und vieles mehr!

Mehr lesen
Bechtle and Nextcloud offer a digitally sovereign service for the public sector

Bechtle und Nextcloud bieten digital souveränen Kollaborationsdienst für den Public Sector

Bechtle und Nextcloud kündigen heute eine vollständig verwaltete Kollaborationsplattform für den öffentlichen Sektor an, die keiner Ausschreibung bedarf und sofort bereitgestellt werden kann.

Mehr lesen
Nextcloud Hub 5 - open source collaboration platform

Introducing Hub 5: first to deliver self-hosted AI-powered digital workspace

Our mission is to help individuals, businesses and organizations achieve digital sovereignty and regain control over their data. Nextcloud Hub 5 marks a massive step forward towards achieving this mission, putting the power of AI into your hands – in a way that keeps you in control. New release, new possibilities Hub 5 builds on […]

Mehr lesen
Minor Nextcloud updates released

November maintenance updates for Nextcloud Hub 7, 8 and 9

Maintenance updates 28.0.12, 29.0.9 and 30.0.2 for Nextcloud Hub 7, 8 and 9 respectively are here! Read an update summary and access full changelog on the website.

Mehr lesen
Minor Nextcloud updates released

October maintenance updates for Nextcloud Hub 7 and 8

Maintenance updates 28.0.11 and 29.0.8 for Nextcloud Hub 7 and 8 respectively are here! Read an update summary and access full changelog on the website.

Mehr lesen