- This also fix security issues:

- (boo#1184770, CVE-2021-22879, NC-SA-2021-008 , CWE-99) Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation. OBS-URL: https://build.opensuse.org/package/show/network/nextcloud-desktop?expand=0&rev=38
2021-04-15 18:33:22 +00:00 · 2021-04-15 18:33:22 +00:00 · ae14fbaadc
commit ae14fbaadc
parent 1fed5d98a3
1 changed files with 7 additions and 1 deletions
--- a/nextcloud-desktop.changes
+++ b/nextcloud-desktop.changes
@ -91,7 +91,13 @@ Thu Apr  8 18:18:51 UTC 2021 - ecsos <ecsos@opensuse.org>
  - desktop#2972 Do no include glib.h with extern C
  - desktop#2979 Do not include glib.h with extern C (2)
  - desktop#2986 Bump version to 3.1.81
-
+- This also fix security issues:
+  - (boo#1184770, CVE-2021-22879, NC-SA-2021-008 , CWE-99)
+    Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource
+    injection by way of missing validation of URLs, allowing a 
+    malicious server to execute remote commands.
+    User interaction is needed for exploitation. 
+  
 -------------------------------------------------------------------
 Sat Feb 20 10:24:03 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>