CVE-2023-48239 in nextcloud server

[Colfenor]

Heyo,

in the nextcloud server project a high severe CVE has been reported:

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267

which recommends that the Nextcloud Server is upgraded to quote 25.0.13, 26.0.8 or 27.1.3.

Is there an ETA on when to release a new docker image on the hub with the upstream merged patch ?

As of now the latest version is from 26 July 2023, 4 months ago. https://hub.docker.com/r/ownyourbits/nextcloudpi

greetings !

[REAPERSbattlecry]

The nextcloudpi-docker-version is EOL at the moment. Look here.

So if you are still on docker it is the best to migrate to another ncp instance.

[theCalcaholic]

@REAPERSbattlecry is right, unfortunately. You can always try to update to specific Nextcloud versions manually, but they will not be tested.