]>
source.dussan.org Git - nextcloud-server.git/log
Joas Schilling [Sat, 19 Oct 2024 06:25:16 +0000 (08:25 +0200)]
Merge pull request #48784 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Sat, 19 Oct 2024 02:29:28 +0000 (02:29 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Wed, 25 Sep 2024 05:05:29 +0000 (07:05 +0200)]
Merge pull request #48342 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
[stable22] fix(security): Update CA certificate bundle
nextcloud-command [Wed, 25 Sep 2024 02:31:01 +0000 (02:31 +0000)]
fix(security): Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Thu, 4 Jul 2024 10:12:43 +0000 (12:12 +0200)]
Merge pull request #46268 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
[stable22] fix(security): Update CA certificate bundle
Joas Schilling [Thu, 4 Jul 2024 06:24:44 +0000 (08:24 +0200)]
fix(CI): Disable failing JS unit test
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Wed, 3 Jul 2024 07:34:58 +0000 (09:34 +0200)]
fix(CI): Mark flaky test as skipped
Signed-off-by: Joas Schilling <coding@schilljs.com>
nextcloud-command [Wed, 3 Jul 2024 02:19:49 +0000 (02:19 +0000)]
fix(security): Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Mon, 1 Jul 2024 10:17:31 +0000 (12:17 +0200)]
Merge pull request #46210 from nextcloud/backport/46177/stable22
[stable22] fix(CI): Fix oracle image and config
Joas Schilling [Mon, 1 Jul 2024 09:45:50 +0000 (11:45 +0200)]
fix(CI): Fix psalm supporess
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 1 Jul 2024 07:14:39 +0000 (09:14 +0200)]
fix(CI): Fix oracle image and config
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 27 Jun 2024 08:06:45 +0000 (10:06 +0200)]
Merge pull request #46157 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Thu, 27 Jun 2024 02:21:38 +0000 (02:21 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Wed, 24 Apr 2024 12:05:10 +0000 (14:05 +0200)]
Merge pull request #45011 from nextcloud/backport/45010/stable22
[stable22] fix(files): Also skip cross storage move with access control
Joas Schilling [Wed, 24 Apr 2024 09:38:46 +0000 (11:38 +0200)]
fix(files): Also skip cross storage move with access control
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 28 Mar 2024 15:04:00 +0000 (16:04 +0100)]
Merge pull request #44478 from nextcloud/backport/44276/stable22
[stable22] fix(config): Make sure user keys are strings
Joas Schilling [Thu, 28 Mar 2024 06:49:20 +0000 (07:49 +0100)]
Merge pull request #44520 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Thu, 28 Mar 2024 02:15:25 +0000 (02:15 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Christoph Wurst [Mon, 18 Mar 2024 13:51:35 +0000 (14:51 +0100)]
fix(config): Make sure user keys are strings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Joas Schilling [Tue, 12 Mar 2024 07:03:01 +0000 (08:03 +0100)]
Merge pull request #44149 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
[stable22] fix(security): Update CA certificate bundle
nextcloud-command [Tue, 12 Mar 2024 02:11:19 +0000 (02:11 +0000)]
fix(security): Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Sat, 10 Feb 2024 12:29:53 +0000 (13:29 +0100)]
Merge pull request #43501 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Sat, 10 Feb 2024 02:12:02 +0000 (02:12 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Matthieu Gallien [Wed, 7 Feb 2024 08:11:31 +0000 (09:11 +0100)]
Merge pull request #43373 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Tue, 6 Feb 2024 02:12:35 +0000 (02:12 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Benjamin Gaussorgues [Wed, 24 Jan 2024 09:38:03 +0000 (10:38 +0100)]
Merge pull request #43042 from nextcloud/automated/noid/stable22-update-code-signing-crl
[stable22] fix(security): Update code signing revocation list
nextcloud-command [Wed, 24 Jan 2024 02:19:48 +0000 (02:19 +0000)]
fix(security): Update code signing revocation list
Signed-off-by: GitHub <noreply@github.com>
Matthieu Gallien [Wed, 20 Dec 2023 14:42:48 +0000 (15:42 +0100)]
Merge pull request #42393 from nextcloud/backport/42140/stable22
[stable22] Update crl after revoke rides.csr
Matthieu Gallien [Mon, 11 Dec 2023 08:35:05 +0000 (08:35 +0000)]
Update crl after revoke rides.csr
Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>
Joas Schilling [Thu, 14 Dec 2023 05:53:02 +0000 (06:53 +0100)]
Merge pull request #42194 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
[stable22] fix(security): Update CA certificate bundle
nextcloud-command [Wed, 13 Dec 2023 02:17:44 +0000 (02:17 +0000)]
fix(security): Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Joas Schilling [Thu, 26 Oct 2023 07:02:36 +0000 (09:02 +0200)]
Merge pull request #41129 from nextcloud/backport/41123/stable22
[stable22] fix(external): Get storage before update it
Joas Schilling [Tue, 17 Oct 2023 13:22:21 +0000 (15:22 +0200)]
fix(external): Get storage before update it
Signed-off-by: Joas Schilling <coding@schilljs.com>
Andy Scherzinger [Fri, 8 Sep 2023 07:27:51 +0000 (09:27 +0200)]
Merge pull request #40319 from nextcloud/backport/40292/stable22
[stable22] fix(CalDAV): check birthday calendar owner
Arthur Schiwon [Thu, 7 Sep 2023 07:16:26 +0000 (09:16 +0200)]
Merge pull request #40308 from nextcloud/backport/stable22/40293
[stable22] fix(ratelimit): Only use memory cache backend for redis
Anna Larch [Fri, 18 Aug 2023 07:02:59 +0000 (09:02 +0200)]
fix(CalDAV): check birthday calendar owner
Signed-off-by: Anna Larch <anna@nextcloud.com>
Joas Schilling [Tue, 29 Aug 2023 06:04:25 +0000 (08:04 +0200)]
fix(ratelimit): Only use memory cache backend for redis
Signed-off-by: Anna Larch <anna@nextcloud.com>
Arthur Schiwon [Tue, 5 Sep 2023 17:34:28 +0000 (19:34 +0200)]
Merge pull request #40265 from nextcloud/backport/40234/stable22
[stable22] enh: skip processing for empty response
Daniel Kesselberg [Mon, 4 Sep 2023 13:18:37 +0000 (15:18 +0200)]
enh: skip processing for empty response
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
John Molakvoæ [Wed, 23 Aug 2023 06:09:26 +0000 (08:09 +0200)]
Merge pull request #40009 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
nextcloud-command [Wed, 23 Aug 2023 02:10:03 +0000 (02:10 +0000)]
fix(security): Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Arthur Schiwon [Thu, 20 Jul 2023 11:38:25 +0000 (13:38 +0200)]
Merge pull request #39496 from nextcloud/backport/39490/stable22
[stable22] fix(apps): Fix loading info.xml file
Joas Schilling [Wed, 12 Jul 2023 07:23:37 +0000 (09:23 +0200)]
fix(apps): Fix loading info.xml file
Ref: https://bugs.php.net/bug.php?id=62577
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 17 Jul 2023 15:12:19 +0000 (17:12 +0200)]
Merge pull request #39422 from nextcloud/backport/39416/stable22
[stable22] fix(core): Add password confirmation requirement for getapppassword
Joas Schilling [Mon, 17 Jul 2023 10:07:22 +0000 (12:07 +0200)]
fix(core): Add password confirmation requirement for getapppassword
Signed-off-by: Joas Schilling <coding@schilljs.com>
Andy Scherzinger [Thu, 13 Jul 2023 19:32:16 +0000 (21:32 +0200)]
Merge pull request #39361 from nextcloud/backport/39323/39323-stable22
[stable22] getStorage before remove
Maxence Lange [Tue, 11 Jul 2023 18:36:17 +0000 (17:36 -0100)]
getStorage before remove
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Andy Scherzinger [Thu, 13 Jul 2023 10:49:26 +0000 (12:49 +0200)]
Merge pull request #39349 from nextcloud/ci/sign-drone-stable22
[stable22] chore(CI): Sign .drone.yml file
Joas Schilling [Thu, 13 Jul 2023 09:54:52 +0000 (11:54 +0200)]
chore(CI): Sign .drone.yml file
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 13 Jul 2023 07:11:19 +0000 (09:11 +0200)]
Merge pull request #39308 from nextcloud/backport/38773/stable22
[stable22] Add bruteforce protection in OauthApiController
Julien Veyssier [Mon, 12 Jun 2023 15:36:49 +0000 (17:36 +0200)]
add bruteforce protection in OauthApiController
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
Joas Schilling [Mon, 10 Jul 2023 12:39:21 +0000 (14:39 +0200)]
Merge pull request #39256 from nextcloud/backport/38046/stable22
[stable22] fix(dav): Abort requests with 429 instead of waiting
Joas Schilling [Thu, 30 Mar 2023 13:02:51 +0000 (15:02 +0200)]
fix(dav): Abort requests with 429 instead of waiting
Signed-off-by: Joas Schilling <coding@schilljs.com>
Daniel Kesselberg [Tue, 21 Feb 2023 22:20:55 +0000 (23:20 +0100)]
chore(tests): add tests for handleLoginFailed
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Daniel Kesselberg [Tue, 21 Feb 2023 21:45:37 +0000 (22:45 +0100)]
chore: use local variable for remote address
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Arthur Schiwon [Thu, 22 Jun 2023 10:37:15 +0000 (12:37 +0200)]
Merge pull request #38913 from nextcloud/backport/38584/stable22
[stable22] Increase from 100000 to 600000 iterations for hash_pbkdf2
Côme Chilliet [Thu, 25 May 2023 14:31:27 +0000 (16:31 +0200)]
Adapt encryption test to change in generateHeader
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Côme Chilliet [Thu, 11 May 2023 15:20:44 +0000 (17:20 +0200)]
Increase from 100000 to 600000 iterations for hash_pbkdf2
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Arthur Schiwon [Mon, 19 Jun 2023 19:18:12 +0000 (21:18 +0200)]
Merge pull request #38896 from nextcloud/obj-store-copy-list-source-cache-22
[stable22] use source cache when listing folder during recursive copy
Robin Appelman [Fri, 26 May 2023 12:51:05 +0000 (14:51 +0200)]
use source cache when listing folder during recursive copy
Signed-off-by: Robin Appelman <robin@icewind.nl>
John Molakvoæ [Fri, 9 Jun 2023 07:03:26 +0000 (09:03 +0200)]
Merge pull request #38536 from nextcloud/automated/noid/stable22-update-ca-cert-bundle
nextcloud-command [Wed, 31 May 2023 02:33:56 +0000 (02:33 +0000)]
Update CA certificate bundle
Signed-off-by: GitHub <noreply@github.com>
Arthur Schiwon [Thu, 25 May 2023 14:01:41 +0000 (16:01 +0200)]
Merge pull request #38464 from nextcloud/fix/read-only-system-addres-book-acls-stable22
[stable22] fix(carddav): Mark system address book as read-only
Joas Schilling [Tue, 16 May 2023 09:34:08 +0000 (11:34 +0200)]
Merge pull request #38279 from nextcloud/backport/38274/stable22
[stable22] fix(middleware): Also abort the request when reaching max delay in af…
Joas Schilling [Tue, 16 May 2023 04:36:50 +0000 (06:36 +0200)]
Merge pull request #38272 from nextcloud/backport/38267/stable22
[stable22] fix(lostpassword): Also rate limit the setPassword endpoint
Robin Appelman [Mon, 15 May 2023 21:49:40 +0000 (23:49 +0200)]
Merge pull request #38285 from nextcloud/session-auth-check-username-22
[22] check the username when doing external storage session auth
Robin Appelman [Thu, 11 May 2023 15:45:16 +0000 (17:45 +0200)]
check the username when doing external storage session auth
Signed-off-by: Robin Appelman <robin@icewind.nl>
Joas Schilling [Thu, 11 May 2023 07:23:50 +0000 (09:23 +0200)]
fix(middleware): Also abort the request when reaching max delay in afterController
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 15 May 2023 14:12:14 +0000 (16:12 +0200)]
fix(tests): Adjust unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 15 May 2023 07:21:07 +0000 (09:21 +0200)]
fix(lostpassword): Also rate limit the setPassword endpoint
Signed-off-by: Joas Schilling <coding@schilljs.com>
Christoph Wurst [Mon, 8 May 2023 17:41:06 +0000 (19:41 +0200)]
fix(carddav): Mark system address book as read-only
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Arthur Schiwon [Thu, 4 May 2023 08:56:01 +0000 (10:56 +0200)]
Merge pull request #37999 from nextcloud/backport/37909/stable22
[stable22] Update crl after revoke shifts.csr
Vitor Mattos [Mon, 24 Apr 2023 22:21:36 +0000 (22:21 +0000)]
Update crl after revoke shifts.csr
Signed-off-by: Vitor Mattos <vitor@php.rio>
Joas Schilling [Thu, 27 Apr 2023 07:37:22 +0000 (09:37 +0200)]
Merge pull request #37841 from nextcloud/bump/guzzle-psr7/stable22
[stable22] sec(deps): Update guzzlehttp/psr7
Joas Schilling [Thu, 20 Apr 2023 13:49:52 +0000 (15:49 +0200)]
sec(deps): Update guzzlehttp/psr7
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 3 Apr 2023 20:11:50 +0000 (22:11 +0200)]
Merge pull request #37556 from nextcloud/backport/37542/stable22
[stable22] feat(security): Allow to opt-out of ratelimit protection, e.g. for te…
Joas Schilling [Mon, 3 Apr 2023 13:43:22 +0000 (15:43 +0200)]
fix(backport): Add missing sample config
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Mon, 3 Apr 2023 05:23:34 +0000 (07:23 +0200)]
feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 16 Mar 2023 14:08:03 +0000 (15:08 +0100)]
Merge pull request #37258 from nextcloud/backport/37252/stable22
[stable22] fix(workflow): Check tag attribute
Joas Schilling [Thu, 16 Mar 2023 07:41:18 +0000 (08:41 +0100)]
fix(workflow): Check tag attribute
Signed-off-by: Joas Schilling <coding@schilljs.com>
John Molakvoæ [Thu, 23 Feb 2023 06:52:45 +0000 (07:52 +0100)]
Merge pull request #36818 from nextcloud/backport/36814/stable22
[stable22] Validate the scope when validating operations
Joas Schilling [Wed, 15 Feb 2023 14:36:32 +0000 (15:36 +0100)]
Also check the scope when reading operations from the database
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Wed, 15 Feb 2023 12:20:20 +0000 (13:20 +0100)]
Validate the scope when validating operations
Signed-off-by: Joas Schilling <coding@schilljs.com>
blizzz [Tue, 14 Feb 2023 21:07:28 +0000 (22:07 +0100)]
Merge pull request #36705 from nextcloud/backport/36700/stable22
[stable22] Also copy meta data when converting DataResponse to JSONRe…
Joas Schilling [Mon, 23 Jan 2023 08:22:34 +0000 (09:22 +0100)]
Also copy bruteforce meta data when converting DataResponse to JSONResponse
Signed-off-by: Joas Schilling <coding@schilljs.com>
blizzz [Tue, 7 Feb 2023 09:09:50 +0000 (10:09 +0100)]
Merge pull request #36576 from nextcloud/backport/36489/stable22
[stable22] Add bruteforce protection to password reset page
Joas Schilling [Tue, 7 Feb 2023 07:33:22 +0000 (08:33 +0100)]
Merge pull request #36404 from nextcloud/bump-guzzlehttp-stable22
[stable22] Bump guzzlehttp/guzzle and guzzlehttp/psr7
Joas Schilling [Mon, 6 Feb 2023 10:26:38 +0000 (11:26 +0100)]
fix(CI): Adjust expected result
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Fri, 20 Jan 2023 12:10:09 +0000 (13:10 +0100)]
Add bruteforce protection to password reset page
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Fri, 27 Jan 2023 11:26:57 +0000 (12:26 +0100)]
Bump guzzlehttp/guzzle and guzzlehttp/psr7
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Tue, 7 Feb 2023 05:20:30 +0000 (06:20 +0100)]
Merge pull request #36521 from nextcloud/backport/36500/stable22
[stable22] Skip failing avatar test with PHP 8.0
Joas Schilling [Mon, 6 Feb 2023 09:42:28 +0000 (10:42 +0100)]
Fix EmailProviderTest mocking unexisting method
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Fri, 3 Feb 2023 14:29:47 +0000 (15:29 +0100)]
fix(CI): Fix unmockable countUsers() method
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Fri, 3 Feb 2023 14:21:13 +0000 (15:21 +0100)]
Fix admin_audit unit test
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 2 Feb 2023 17:04:20 +0000 (18:04 +0100)]
Remove failing test that works with mocks only anyway
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Fri, 3 Feb 2023 14:08:58 +0000 (15:08 +0100)]
Fix phpunit version used in s3 external testing
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 2 Feb 2023 12:57:58 +0000 (13:57 +0100)]
Skip failing avatar test with PHP 8.0
The font is placed one pixel off
Signed-off-by: Joas Schilling <coding@schilljs.com>
Joas Schilling [Thu, 2 Feb 2023 14:27:56 +0000 (15:27 +0100)]
Merge pull request #36495 from nextcloud/backport/36470/stable22
[stable22] Fix createNamedParameter in LDAP migrations
John Molakvoæ [Thu, 7 Apr 2022 09:34:13 +0000 (11:34 +0200)]
Fix createNamedParameter in LDAP migrations
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
blizzz [Tue, 17 Jan 2023 12:03:20 +0000 (13:03 +0100)]
Merge pull request #35755 from nextcloud/backport/31683/stable22
[stable22] limit ldap_dn columns to 4000
projects / nextcloud-server.git / log