From ae14fbaadc46a4606345e2c6bdd7bb8e18b50638a1ea6adee16ebc2916ae6f05 Mon Sep 17 00:00:00 2001
From: Eric Schirra <ecsos@schirra.net>
Date: Thu, 15 Apr 2021 18:33:22 +0000
Subject: [PATCH] - This also fix security issues:   - (boo#1184770,
 CVE-2021-22879, NC-SA-2021-008 , CWE-99)     Nextcloud Desktop Client prior
 to 3.1.3 is vulnerable to resource     injection by way of missing validation
 of URLs, allowing a     malicious server to execute remote commands.     User
 interaction is needed for exploitation.

OBS-URL: https://build.opensuse.org/package/show/network/nextcloud-desktop?expand=0&rev=38
---
 nextcloud-desktop.changes | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/nextcloud-desktop.changes b/nextcloud-desktop.changes
index 34e59d1..a14c91a 100644
--- a/nextcloud-desktop.changes
+++ b/nextcloud-desktop.changes
@@ -91,7 +91,13 @@ Thu Apr  8 18:18:51 UTC 2021 - ecsos <ecsos@opensuse.org>
   - desktop#2972 Do no include glib.h with extern C
   - desktop#2979 Do not include glib.h with extern C (2)
   - desktop#2986 Bump version to 3.1.81
-
+- This also fix security issues:
+  - (boo#1184770, CVE-2021-22879, NC-SA-2021-008 , CWE-99)
+    Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource
+    injection by way of missing validation of URLs, allowing a 
+    malicious server to execute remote commands.
+    User interaction is needed for exploitation. 
+  
 -------------------------------------------------------------------
 Sat Feb 20 10:24:03 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>