Advisories » MGASA-2020-0099

Updated nextcloud packages fix security vulnerability

Publication date: 24 Feb 2020
Modification date: 24 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-15613

Description

Updated nextcloud packages fix security vulnerability:

A bug in Nextcloud Server causes the workflow rules to depend their
behavior on the file extension when checking file mimetypes
(CVE-2019-15613).

The nextcloud package has been updated to version 15.0.14, fixing this
issue and other bugs.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26225
• https://nextcloud.com/security/advisory/?id=NC-SA-2020-002
• https://nextcloud.com/changelog/#latest15
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15613

SRPMS

7/core

• nextcloud-15.0.14-1.mga7