Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
Brand Logo

Cloudron Forum
  • Package UpdatesP

    Keycloak - Package Updates

    Pinned Locked Keycloak
    42
    0 Votes
    42 Posts
    10k Views
    Package UpdatesP
    [1.6.3] Update keycloak to 26.6.3 Full Changelog #47707 CVE-2026-4800 lodash vulnerable to Code Injection via _.template imports key names account/ui #47935 [CVE-2026-4874] Server-Side Request Forgery via OIDC token endpoint manipulation oidc #48036 [CVE-2026-37977] CORS Access-Control-Allow-Origin reflected from unverified JWT azp claim on UMA token endpoint authorization-services #48709 [CVE-2026-7500] Improper Access Control on Keycloak Server when the account Account API feature is disabled account/api #48695 Add startup check for missing database indexes #45957 Handling of CORS requests in the Admin UI ineffective / open for CSRF admin/ui #48430 Wildcard redirect URI matching does not enforce host boundary when * is placed directly after hostname oidc #48438 Keycloak 26.6.0/26.6.1 exits (code 1) ~100ms after async realm migration completes; migrations not persisted core #48584 Updating Keycloak to 26.6.x fails on SQL Server with case sensitive collation core #48877 Keycloak 26.6.1 does not persist UPDATE_PASSWORD for LDAP/AD federated users after temporary password reset ldap
  • girishG

    ntfy - Package Updates

    Pinned Locked ntfy
    38
    0 Votes
    38 Posts
    11k Views
    Package UpdatesP
    [1.27.0] Update ntfy to 2.24.0 Full Changelog Fix case-insensitive ACL topic matching on SQLite: an access control rule for secret no longer also matches a request for SECRET. SQLite's LIKE is case-insensitive for ASCII by default. PostgreSQL was unaffected. It's honestly incredible that this issue remained undetected for so long, especially while ntfy.sh was running on SQLite (it now runs on PostgreSQL). Add opt-in in-memory ACL cache (auth-access-cache) that serves topic authorization without a database round-trip; off by default, intended for high-volume servers Add ntfy --version flag to the CLI (#1722, #1748, thanks to @sskender for the contribution, and @Saucy9607 for reporting) Extend account token automatically from the PWA service worker, so installed PWAs don't get logged out (#1669, #1203, #1533, thanks to @nihalgonsalves for the contribution) Fix rel attribute on auto-linked notification URLs so noreferrer/noopener are actually applied (#1720, thanks to @dmitrylyzo for the contribution) Add systemd sandboxing/hardening to the ntfy.service unit (#1467, thanks to @Velocifyer for the contribution) Fix cmd package build on macOS (darwin) so the server compiles from source (#1631, #1696, thanks to @ShipItAndPray for the contribution, and @XYenon for reporting)
  • girishG

    Metabase - Package Updates

    Pinned Locked Metabase
    575
    1 Votes
    575 Posts
    575k Views
    Package UpdatesP
    [3.13.5] Update metabase to 0.61.3.5 Full Changelog
  • girishG

    Matrix (Synapse/Element) - Package Updates

    Pinned Locked Matrix (Synapse/Element)
    409
    0 Votes
    409 Posts
    523k Views
    Package UpdatesP
    [1.135.0] Update synapse to 1.154.0 Full Changelog
  • girishG

    Koel - Package Updates

    Pinned Locked Koel
    119
    0 Votes
    119 Posts
    58k Views
    Package UpdatesP
    [1.42.0] Update koel to 9.7.1 Full Changelog fix: close remaining SSRF advisories (DNS rebinding, IPv6 transition, bail) by @phanan in #2549 feat: per-song star ratings by @phanan in #2536 fix: use heart icon consistently for favorite affordances by @phanan in #2538 feat: rate albums and artists by @phanan in #2539 fix: accept grid/list/table on view-mode preferences by @phanan in #2541 fix: normalize legacy 'list' view mode for albums and artists by @phanan in #2542 feat: random album / artist carousels + reusable Carousel by @phanan in #2540 feat: table view mode for radio stations by @phanan in #2543 fix: close SSRF gaps in Subsonic podcast and internet radio endpoints by @phanan in #2545 feat: add EMBED_ENABLED toggle to disable embedding by @phanan in #2548
  • R

    Nocodb latest package breaks thumbnail creation via sharps library

    Moved NocoDB
    3
    2 Votes
    3 Posts
    35 Views
    jamesJ
    Issue should be resolved with this update https://forum.cloudron.io/post/125503
  • girishG

    NocoDB - Package Updates

    Pinned Locked NocoDB
    155
    2 Votes
    155 Posts
    101k Views
    Package UpdatesP
    [1.42.1] Install img/sharp-linux-x64 for linux/Ubuntu
  • milian.hackradtM

    Forms produce repeated HTMLPurifier warnings

    Mautic
    1
    1 Votes
    1 Posts
    24 Views
    No one has replied
  • girishG

    Discourse - Package Updates

    Pinned Locked Discourse
    100
    0 Votes
    100 Posts
    52k Views
    Package UpdatesP
    [2.15.1] Change healthcheckPath to /srv/status
  • nottheendN

    Application unexpectedly missing in Backup

    Discuss backups scheduler
    4
    1 Votes
    4 Posts
    127 Views
    nottheendN
    I guess I have more questions around the integrity check: What is the exact criteria for "green" or "red"? Here's why I'm asking: After recovering my Cloudron, I noticed that one backup location, an external drive, is still present in the configuration. BUT: that external drive is no longer mounted (or even connected, for that matter). I haven't disabled the location in Cloudron yet. Now here's the surprising part for me: Cloudron still claims it performed a backup to that location. And when I run the integrity check on that backup, it shows up as green. For a backup that, as far as I can tell, doesn't actually exist on accessible hardware. I realise I might not fully understand how ext4 mounts work behind the scenes, but I do know that the physical hardware isn't connected. So this makes me wonder: how does the integrity check actually work under the hood? Does it only check metadata or local records, rather than verifying the actual remote files? Would love to understand this better, because right now a "green" integrity result feels less reliable than I initially thought. Thanks for bearing with me.
  • girishG

    Grist is now available

    Announcements
    14
    13 Votes
    14 Posts
    2k Views
    jamesJ
    Grist now has enterprise options again. https://forum.cloudron.io/post/125494
  • girishG

    Grist - Package Updates

    Pinned Locked Grist
    13
    0 Votes
    13 Posts
    1k Views
    Package UpdatesP
    [1.2.1] enable enterprise features again
  • nebulonN

    Baserow - Package Updates

    Pinned Locked Baserow
    118
    2 Votes
    118 Posts
    47k Views
    Package UpdatesP
    [1.37.14] Update uv to 0.11.19
  • C

    tcpdf error permission denied cuz invoice job create folder with root permission instead of www-data

    Dolibarr
    6
    1
    2 Votes
    6 Posts
    77 Views
    jamesJ
    Hello @crush33 Thanks for the details.
  • I

    OnlyOffice 1.26.0: Document editor loads blank in Nextcloud integration

    OnlyOffice
    7
    1 Votes
    7 Posts
    238 Views
    I
    Hi @james thanks for your reply. I just removed and reinstalled the Onlyoffice app in my Cloudron, I checked and it's correctly running, so I changed the secret key in the production-linux.json on both places and then added the key in Nextcloud ONLYOFFICE app, and tried again in both Firefox and chromium without blocking app enabled but still get an error. I switched to Collabora and it seems to work fine, which is a good workaround so problem solved
  • luckowL

    Tymeslot

    Community Apps
    23
    1 Votes
    23 Posts
    2k Views
    E
    Can you check the logs for any error? Regarding the e-mail, the issue could be a wrong email setup. Have you installed it as a Cloudron community app?
  • nebulonN

    Collabora Online - Package Updates

    Pinned Locked Collabora Online (CODE)
    163
    0 Votes
    163 Posts
    115k Views
    Package UpdatesP
    [1.50.0] Update code to 26.04.1.3.1
  • girishG

    Ghost - Package Updates

    Pinned Locked Ghost
    595
    1 Votes
    595 Posts
    1m Views
    Package UpdatesP
    [4.175.0] Update ghost to 6.44.0 Full Changelog Added Klipy as a GIF provider alongside Tenor (#28109) - Renato Costa Add archived tiers to tier filter (#28189) - Jonatan Svennberg Improved analytics CSV exports to include the site name (#28308) - Aileen Booker Fixed a typo in the integrations settings description (#28349) - Evan Hahn Fixed bookmark card favicons not loading after the first save (#28300) - Fabien O'Carroll Fixed staff invite error for existing users (#28294) - Aileen Booker Fixed design preview showing raw markdown when llms.txt is enabled (#28266) - Jannis Fedoruk-Betschki
  • girishG

    InvoiceNinja - Package Updates

    Pinned Locked Invoice Ninja
    578
    0 Votes
    578 Posts
    1m Views
    Package UpdatesP
    [1.22.19] Update invoiceninja to 5.13.23 Full Changelog Support for PHP 8.5 Updated translations Include .xslx files when exporting reports List filter sort improvements ZUGFeRD pdf merge QB sync fixes Tags for Tasks/Projects Add payware payment gateway integration by @payware in #11697 Fix invoice filter not searching by project name by @theoryshaw in #11968 Fix ZUGFeRD PDF merge metadata by @bold84 in #11934
  • L

    Kavita Library Folder

    Kavita kavita folders configuration
    4
    1
    0 Votes
    4 Posts
    3k Views
    J
    @gregorywest501 What I gathered from the other thread was that you are not using Cloudron and this was about your docker based setup... May be you can give Cloudron a try or you can try if kavita is able to import in our demo instance at https://my.demo.cloudron.io (username/password is cloudron)