GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Mon Sep 14, 2020 5:26 am Post subject: [ GLSA 202009-09 ] Nextcloud Desktop Sync client |
 |
|
Gentoo Linux Security Advisory
Title: Nextcloud Desktop Sync client: Multiple vulnerabilities (GLSA 202009-09)
Severity: normal
Exploitable: remote
Date: 2020-09-13
Bug(s): #736649
ID: 202009-09
Synopsis
Multiple vulnerabilities have been found in Nextcloud Desktop Sync
client, the worst of which may allow execution of arbitrary code.
Background
Nextcloud Desktop Sync client can synchronize one or more directories to
Nextcloud server.
Affected Packages
Package: net-misc/nextcloud-client
Vulnerable: < 2.6.5
Unaffected: >= 2.6.5
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync
client. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Nextcloud Desktop Sync client users should upgrade to the latest
version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/nextcloud-client-2.6.5"
|
References
CVE-2020-8189
CVE-2020-8224
CVE-2020-8227 |
|
News & Announcements
