openSUSE Security Update : nextcloud (openSUSE-2018-712)
Medium Nessus Plugin ID 111037
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for nextcloud fixes the following issues :
Security issues fixed :
- CVE-2018-3761: Fix improper authentication on the OAuth2 token endpoint (bsc#1100344).
- CVE-2018-3762: Fix improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to (bsc#1100343).
SolutionUpdate the affected nextcloud package.