Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Nextcloud
  3. Nextcloud 29.0.6 is out

Nextcloud 29.0.6 is out

Scheduled Pinned Locked Moved Solved Nextcloud
17 Posts 6 Posters 2.3k Views 6 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • necrevistonnezrN Offline
    necrevistonnezrN Offline
    necrevistonnezr
    wrote on last edited by
    #8

    Interesting: 29.0.5 is not listed here (anymore): https://nextcloud.com/changelog/
    but here: https://github.com/nextcloud/server/releases/tag/v29.0.5

    1 Reply Last reply
    2
    • necrevistonnezrN Offline
      necrevistonnezrN Offline
      necrevistonnezr
      wrote on last edited by
      #9

      They recognized the error (probably the one @girish mentioned above) and will got straight to 29.0.6 (and 30….): https://help.nextcloud.com/t/rc1-of-29-0-6-available/202059

      1 Reply Last reply
      1
      • necrevistonnezrN Offline
        necrevistonnezrN Offline
        necrevistonnezr
        wrote on last edited by
        #10

        29.06 seems to be released now: https://nextcloud.com/changelog/

        1 Reply Last reply
        2
        • nebulonN Away
          nebulonN Away
          nebulon
          Staff
          wrote on last edited by
          #11

          Unfortunately it seems to have the same issue still. The issue is, that the very first login attempt for LDAP users throws an error, subsequent logins work fine. We are investigating...

          1 Reply Last reply
          4
          • necrevistonnezrN Offline
            necrevistonnezrN Offline
            necrevistonnezr
            wrote on last edited by
            #12

            29.0.6 is (now) also a security update:
            As per https://adv-archiv.dfn-cert.de/adv/2024-2304/:

            2024-2304: Nextcloud Server: A vulnerability allows spying on information
            History: Version 1 (2024-09-04 18:17)

            Description:
            An attacker can remotely exploit a vulnerability to circumvent security measures.
            No privileges are required for the exploitation of the vulnerability.
            The manufacturer confirms the vulnerability and has released Nextcloud Server 29.0.6 as a security update.

            For Fedora 39 and 40, security updates in the form of 'nextcloud-29.0.6-2' packages are available and for Fedora EPEL 9 the package 'nextcloud-29.0.6-1.el9' in the 'testing' status to fix the vulnerability.

            Vulnerabilities:
            CVE-2024-39338
            Vulnerability in Axios enables server-side request-forgery (SSRF) attack

            1 Reply Last reply
            0
            • girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #13

              The packaging issue was reported upstream at https://github.com/nextcloud/server/issues/47768

              1 Reply Last reply
              3
              • nebulonN Away
                nebulonN Away
                nebulon
                Staff
                wrote on last edited by
                #14

                We managed to mitigate this issue by ensuring cron.sh was run at least once on first start. It is unclear how it is connected to the ldap login, but it solved it. Further it mitigates a warning in the first 5min in the admin section that the cronjob was last run years ago 🙂

                1 Reply Last reply
                4
                • nebulonN nebulon marked this topic as a question on
                • nebulonN nebulon has marked this topic as solved on
                • necrevistonnezrN Offline
                  necrevistonnezrN Offline
                  necrevistonnezr
                  wrote on last edited by
                  #15

                  Fantastic! (btw it seems that 29.0.7 is around the corner... 🙂 )

                  1 Reply Last reply
                  2
                  • girishG Offline
                    girishG Offline
                    girish
                    Staff
                    wrote on last edited by
                    #16

                    It seems 30 is out! I think we will take the change to switch to OIDC now. Just have to figure out what is the migration strategy for people who use groups.

                    1 Reply Last reply
                    3
                    • L Offline
                      L Offline
                      LoudLemur
                      wrote on last edited by
                      #17

                      Nextcloud Hub9 was launched this morning with lots of great features, including federation of Talk.

                      1 Reply Last reply
                      1
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes


                      • Login

                      • Don't have an account? Register

                      • Login or register to search.
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • Bookmarks
                      • Search