Changelog:
Version 8.1.0 July 6th 2015
Much polishing, stability and performance improvements
Encryption 2.0
Updated Documents
New Mount Options for External Storage
Federated Cloud ID
Integrated documentation
LDAP Wizard Improvements
Security Improvements
App store improvements
Release channels
ownCloud API work: 190 new calls, 50 replaced
Many small improvements
Changelog:
Version 8.0.4 June 9th 2015
occ can now optionally run the update routines without disabling all third party apps
Database handling changes which should improve performance on big systems
better support for very old cURL versions (for QNAP users)
Extended X-Accel-Redirect functionality in nginx
Added work-around for file transfers on 32bit systems
Improved quota calculation
Many fixes and improvements to sharing
Several fixes to upgrade process
Fix deleted folders on client not showing up in trash
fix inability to delete files when quota is 0
Change WebDAV error to 500 instead of 403 on denying overwrite of read-only file
Fixed enforcing expiration date
Fix to Provisioning API
Fixing shared document editing by shared LDAP users
IE 8/9 fixes
Several smaller fixes
Version 8.0.3 May 1st 2015
Fix several Constrain Violation Exceptions
Fix misleading Maintenance mode message
Timezone fixes for countries with 0.5 and 0.75 offsets
Fix usage of default share folder location
Reenable trashbin after failed rename
Fix disabling of APCu
Do not show update notification on mobile
Fix "Only variables should be passed by reference" error log spam
Add timeout to curl
Makes repair errors and warnings visible for the user when upgrading on the command line or in the web UI
Cron shall not operate in case we are in maintenance mode
Disable the cache updater when doing the encryption migration
Fix "Error while updating app" error
Internal Server Error after attempting to do "occ files:scan"
Several smaller fixes
Changelog:
Version 8.0.2 March 11th 2015
Prevent DB errors in certain high load situations
Fix installation and updating of apps from the app store
Fix documentation links
Fix file move/copy when out of storage space
Disable 3rd party apps during upgrade to prevent breaking ownCloud if incompatible apps are used
Fix compatibility with certain MariaDB versions
Print app upgrade information to console
Detect broken APC versions
Fix certain incompatibilities with older PHP 5.4 versions
Several smaller fixes
* Include Calendar and Contacts apps
Changelog:
Version 8.0.0 Feb 9th 2015
Favorites
Federated cloud (Server 2 Server Sharing, Version 2)
Improved apps management page
Improved updater app
Improved search
Direct download support, Broker
More fine grain storage configuration
Provisioning API will be released as part of the community edition
Apps can now specify their dependencies in info.xml
Accessibility improvements
Improved Documents
LDAP/AD: command line functions for creating and deleting LDAP configurations.
LDAP/AD: subtle configuration wizard improvements, including user name attribute detection.
PDF viewer has been updated to a new version of PDF.js
Sharing links are now shorter and "look better"
Usermanagement improvements
Better structured settings and admin page
Performance improvements
App container can now automatically resolve dependencies
Various app API deprecations and features
Improved import for contacts
App development tutorial for building a notes app
Changelog:
Version 7.0.4 Dec 9th 2014
Added XMLWriter check
Better deleted outdated previews
Store storage credential in session only if needed
Don't disclose relative directory path for single shared files of user
Password reset fixes
Fix enable app only for a specific group
fixing port configuration in trusted domains
LDAP fixes
Make group search case sensitive
Allow admin to change users display name
ldap performance improvements
config.php can now be read only
Several smaller fixes
Changelog:
Release "7.0.3"
Oct 22. 2014
- Some OS X server fixes
- Several external storage fixes and improvements
- Close session early to speedup apps page loading
- Add overwrite.cli.url config option
- Fix finding old versions in special cases
- Make versions and encryption aware of copy operations
- Force loading encryption app in all needed cases
- Better filesystem scanning error messages
- LDAP wizard fixes
- Add configuration switch to enable preview mimetypes
- Create backup of all encryption keys before recovery
- Add displayname for admins
- Better config.sample documentation
- Better apps descriptions
- Improve visual feedback if recovery key password gets changed
- Fix some object store integration issues
- Improved data directory configuration
- Fix DAV permissions without create permissions
- Fix filepicker home icon being partly hidden
- Do only follow http and https redirects
- Properly delete old previews
- Prevent upgrades between more than one major versions
- Several security fixes
- Lots of smaller improvements
-----------------------------
Release "6.0.6"
Oct 22. 2014
- Fix finding old versions in special cases
- Make versions and encryption aware of copy operations
- Force loading encryption app in all needed cases
- Better filesystem scanning error messages
- LDAP wizard fixes
- Add configuration switch to enable preview mimetypes
- Create backup of all encryption keys before recovery
- Add displayname for admins
- Several security fixes
- Lots of smaller improvements
-----------------------------
Release "5.0.18"
Oct 22. 2014
- Only allow http and https redirects
- Documentation fixes
- Several security fixes
- Several smaller fixes
-----------------------------
Release "7.0.2"
Aug 26. 2014
- App upgrading stability improvements
- Make default share folder configurable
- Improve readability of error messages
- Log failed authentication
- S3 key fixes
- Fix range requests with encryption
- Several LDAP fixes
- Remove obsolete 'Download preparing' message for zip downloads
- Remove not working checks from code checker
- No error if we try to delete a file which no longer exists
- Fix detection of system wide mount points
- Simplify App navigation
- Add group management to public api
- Remove confusing 'automatic logon rejected' message
- Implement a txt preview fallback for the case that ttf is not support
- Fix tiny thumbnail bug
- Don't display share permission if resharing was disabled by the admin
- Close session right before the download starts
- Fix date display in filepicker
- Don't touch non-oc tables when doing the InnoDB repair step
- Several Documents fixes
- Correctly handle public uploads activities
- Add better 4 image previews to gallery
-----------------------------
Release "6.0.5"
Aug 26. 2014
- Documentation improvements
- fix anonymous upload if logged-in
- Fix handling of special characters in group names
- Fix downloading of big files in special situations
- More consistent handling of debug mode
- Fix sharing email notifications
- Disabling upload button if upload is not possible
- Fix detection of system wide mount points
- Handle video viewer in sharing links correctly
- Update encryption keys recursively if a folder was moved
- Enable download button for public folders
- Handle exceptions if file to too big for trash-bin correctly
- Quota fixes
- Avoid unnecessary writing to the DB when preferences are not changed
- Disable download button if zip download is disabled
- Fix searching for users in special situations
- Mount-point handling fixes
- Correctly handle storage stats for trash bin
- Remove etag warning for trash bin
- Hardened SFTP host verification
-----------------------------
Release "7.0.1"
Aug 4. 2014
- Set maximum width for notification so they don´t overlap the whole header
- Don't preload videos on public sharing
- Fix preview size calculation under certain conditions
- Fix to always show all available versions in the versions dropdown
- Support WebDAV copy operation and make encryption aware of it
- Make sure to set the expire date if a date is set as default
- Improved link icon for better UX
- Fix rendering of blank template
- Only call exec if is is enabled by PHP
- Limit app menu icon size
- Show a warning in the personal settings and admin settins if the encyption keys are not yet initialized
- Always remove share permission if user is excluded from sharing
- Add OCS api call to set expire date for link shares
- Improved db schema migration for sqlite
- Don't try to execute background jobs that no longer exist
- Improve look of search on mobile, save space in top bar
- Set core version after a successful update to make upgrade more robust of app upgrades fail
- Verify whether download URLs are valid
- Fix preview animation on uploading
- Prevent cron.php to trigger apps updating
- Fix remote share when remote server is installed at the root
- Fix files sorting
- Fix calendar import
- Fix gallery pause icon
- Several contacts fixes specifically for PHP 5.3
- Make updater more robust
-----------------------------
Release "7.0.0"
July 23. 2014
- New files view including sorting and endless scrolling
- Server to Server sharing
- Sharing overview
- Improved sharing admin control
- No more mandatory Shared folder
- Improved ownCloud Documents features
- Hugely improved Activity app including email notifications
- Mobile optimized webinterface
- Password strength indicator
- Significant speed improvements
- New user-management
- Support for Swift object stores
- Email configuration wizard
- Email template editor
- Improved upgrade process`
* I gave up subdirectory installation with nginx... (MESSAGES)
Changelog:
Version 6.0.4 June 23rd 2014
Fixed a security issue (Will be disclosed two weeks after this release)
Several LDAP fixes and improvements
Add deprecated warning to load function
File scanner fixes
Heart beat fixes
Encryption fixes for some corner cases
Fix conflict dialog translations
Fix button text overflow
Fix search with Oracle
Php upload errors are written to log
OCS status code fixes
Add PostgreSQL version warning
Version 6.0.3 April 29rd 2014
Several security fixes. (Will be disclosed 2 weeks after the release)
Appframework extensions to improve the compatibility with 3rdparty apps
LDAP performance improvements
Fix updating of email adresses from LDAP
Fix WebDAV timestamp format handling
Disable internet connection check if a proxy is configured
Fix a potential file chunking problem on a server that is running out of storage
Do not expire file chunks while checking their existence
Fix loading of authentication apps in any case
Performance improvements by reducing the number of chmod operations.
Make the trusted domain upgrade feature more robust.
Don't allow creating a "Shared" folder.
Fixed "select all" + download on public page
Fix share as link with email multiple users
Reset time of last update feed polling to fix the updater
Share API fixes
Admin option for public upload with encryption enabled
Fix CIFS with home shares
Detect a missing "data" directory mount
Fix the filesize calculation of encrypted files
Fixes in the OpenStack support
Fixes in the SWIFT support
Don't block PHP sessions during download
Fix sharing oc addressbooks
Several ownCloud Documents improvements and fixes
Several smaller bugfixes
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
* Update MESSAGE to use nginx and php-fpm.
I cannot enable with apache24 (yet).
Changelog:
Version 6.0.2 March 3rd 2014
Several security fixes
Improved trash bin performance for deleting lots of files
Mobile interface improvements
Fix key problems in encryption mode in rare situations
Smaller LDAP improvements
Fix the keep-alive ping for non standard php session lifetimes
Cleanup storage table when deleting an entry
Fix compatibility with xsendfile mode
Fix file size calculation in encryption mode
Fix image previews in trash bin
Fix public upload with enabled enryption
Added APC enabled check
Correctly localise date in notification emails
Improve compatibility with some CIFS servers
Fix shared files and Gallery
Several Contacts compatibility improvements
Several Documents improvements
A lot of smaller bug fixes
Changelog:
Version 6.0.1 Jan 22th 2014
Fix handling of encryption keys
Disable xcache in case admin auth is disabled
Speed DB improvements in user home directory location fetching
Fix some APC configuration problems
Fix duplicate .exe mime-type detection
Support DECIMAL DB schema statement
Fix some API response code problems
Added download workaround for some Android versions.
Turn off not working mod_pagespeed extension
Command line tool option to show user number
Some LDAP fixes for certain configurations
Fix previews for reshared files
Fix unshare on delete behaviour
Fix a CIFS mounting timezone problem
File Trash handling fixes
Fix potential data corruption problem during massive parallel uploads of the same file
Fix versions expiration logic
Fix public upload progress bar
Fix issues with intermittent “Insufficient Storage” message when quota is enabled
* Switch to 6 branch
* Replace interpreters with REPLACE_*
Changelog:
Version 6.0.0a Dec 14th 2013
Remove wrong warnings from logfile
Fix LDAP authentication
Fix LDAP configuration
Fix Share dialog
Fix migration under certain conditions
Fix database encoding for old PHP versions
Fix select all checkbox
Fix migration with lucene search enabled
Fix migration for postgresql
Version 6.0.0 Dec 11th 2013
User Avatars
Previews in files app and other places
Updated design, less clutter and more whitespace
Public gallery sharing
Activities
Better file conflict handling dialog
Improved public App API
Sharing API
Example Files
Share Email Notifications
New Doctrine based database layer
Plural translations
Refactored OC.dialogs (both code and design wise)
Priorize often used languages in personal-settings language selection
Update jquery to 1.10.0 and add jquery-migrate 1.2.1
Show a summary as the last filelist entry
Improve app-management (more verbose error-messages)
Show ‘More apps’ link to app administration directly in app navigation
Templates for newly created files
Add MB indicator to size column
Google Drive external storage uses a new library
New icons for shared and external folders
File uploads conflicts dialog
Possibility to prepopulate a new users home with a skeleton
Public upload with encryption enabled
Users now can decrypt the files again if their encryption app was enabled
Many quota related fixes
Total used space (with quota) now only counts user’s own files
Many external storage fixes, improved performance
Improved file navigation performance by using Ajax calls (no full page reload for each folder)
The file owner can now also restore deleted shared files
New version drop-down with previews and the ability to downloading versions directly
* Fix MESSAGE for sqlite3
Changelog:
Version 5.0.13 Nov 8th 2013
SECURITY: Fix a possible security bypass on admin page under certain circumstances and MariaDB
Correctly update database schema during app update
Fix automatic login rejecion error message
Several Oracle fixes
Fixing serverroot/webroot calculation
Adding detection for aborted uploads for chunked uploads
Fixing directory handling that end with a space
Fixing home storage handling
Allow to share a file/folder as public link also if one of it parents was already shared as link
Fix search in shared folders
Fix check for uploads into Shared folder
Several Shared folder handling fixes
Prefere them PNGs over core SVGs
Fall back to default log file of specified logfile doesn't exist
Several IE fixes
Fix LDAP login for certain circumstances
Fixed chunk size calculation for encrypted files
Fix recursive delete for smb
Fix using touch for creating files for smb
Support OCS Share API
Fix updating ETAGs
Don't write user passwords into logfile
Enable configuration of timezones for logfile timestamps
Cleanup share database table for files that no longer exist
Adding privilege check on move and rename operations
Changelog:
Version 5.0.11 Sep 10th 2013
Fixing upload in shared folders with create privileges
Making ldap more robust in certain situations
Handing quota violation earlier to make the desktop clients more robust
Several quota fixes
Fix issues with certain file names like 0 or false
Disable smb in files_External on windows servers
Enable user to decrypt files again after encryption app was disabled
Improved Encryption messages
Add a searchByMime call to API
Fix multiselects for Firefox on Mac in groups management
Reduce the number of ldap connections
Show a “password incorrect” notice when used shared password is wrong
Switch to the completely new Google Drive SDK.
Scanner: additional tests for reusing etags during scanning
Fix accessing files that are newly created by setting the right mime type
Several Calendar bugfixes
Fixed “Show on Map” in Contacts
A lof of Contacts fixes
Several “Tasks” fixes
Changelog:
Version 5.0.10 Aug 12th 2013
Configurable logfile date format
Several Oracle fixes
Several MSSQL fixes
Make default language configurable
New CLI upgrade script
Correctly calculate folder size
Fix display of search results
Database upgrade fixes
Smaller filesystem cache fixes
Remember password fixes
Encryption fixes
Fix problems with german “Umlauts” in folder name
IE fixes
Improved upgrade logging
Improved external storage status display
Flicker free versions dropdown
Don’t create empty versions
Less noisy debug logfile
Don’t show firstrunwizard during upgrade
Several Calendar fixes
Contacts fixes
Fixes for Gallery
Several smaller fixes
Changelog:
Version 5.0.9 July 15th 2013
Fixes for mounting an WebDAV into an ownCloud
Improved expiration of older versions in the case of a full storage
IE8 fixes
Increased speed when syncing shared files
Oracle compatibility fixes
Make upgrade routine more robust
Fix gallery for certain php configurations
Fix pdf viewer close button
user_external fixes
Several smaller fixes
Version 5.0.8 July 10th 2013
SECURITY: XSS vulnerability in “Share Interface” (oC-SA-2013-029)
SECURITY: Authentication bypass in “user_webdavauth” (oC-SA-2013-030)
New anonymous upload feature
Fix syncing of external filesystems
External filesystems performance improvements
Improve compatibility with Oracle
Improved and simplified theming
Internet explorer 8 fixes
Fixes for partial file uploads
LDAP: fix handling of User and Group Bases
Improved and more robust upgrade system
A lot of encryption system fixes
Do not add groups if user has no groups
Several Contacts fixes
A lot of smaller bugfixes all over the place
Changelog:
Version 5.0.7 June 6th 2013
SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-028)
New encryption app as preview included. WARNING: This is not yet ready for production use but testing and feedback is welcome.
Several LDAP compatibility fixes
Several performance improvements of file handling
Trashbin fixes for Safari
Internet Explorer fixes
Several Contacts fixes
New check for magic_quotes
External Filesystem fixes
Add support for copying/moving folders between storages
Several smaller fixes
Version 5.0.6 May 14th 2013
SECURITY: SQL Injection (oC-SA-2013-019)
SECURITY: Multiple directory traversals (oC-SA-2013-020)
SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-021)
SECURITY: Open redirector (oC-SA-2013-022)
SECURITY: Password autocompletion (oC-SA-2013-023)
SECURITY: Privilege escalation in the calendar application (oC-SA-2013-024)
SECURITY: Privilege escalation and CSRF in the API (oC-SA-2013-025)
SECURITY: Incomplete blacklist vulnerability (oC-SA-2013-026)
SECURITY: Information disclosure: CSRF token + username (oC-SA-2013-027)
Fix renaming of shared files
Fix UUID handling with LDAP
Fix several undelete files issues
Fix LDAP cachekey handling
Several OCS API fixes
Dropbox mounting fixes
Remove ldap group name restrictions
Fix fetching of the userlist with multiple user backends
Turn off password autocompletion
Translation fixes of the Shared folder
Fix the fileactions order for filetypes
Allow to ship a default theme
Disallow URLs containing “@”
Smaller layout improvemens
Log an upgrade warning
Log a trash bin cleanup message
Improved quota calculation
Allow to set Quota to zero
Fix performance regression for uploading of big files
Several Calendar fixes
Use displaynames in contacts
Check for existing address books during migrate->import
Texteditor fixes
Increase the SQLite database timeout
Order images in Gallery
* Fix MESSAGE based on wen@'s patch
Remove duplicated arguments, fix MySQL version.
Changelog:
Version 5.0.5 April 19th 2013
Fix navigation hover effect
Fix database migration
Add a warning in the logfile when doing a migration
Fix renaming of shared files
Improved quota calculation
Fix free space calculation
Several layout fixes
Better save mode check
Cleanup database after user deletion
Fix touch for creating new files
Several trash bin fixes
Update MediaElement.js
Fix double address book problem
Fix layout problem triggered by impress
Several smaller fixes
Security: XSS in flashmediaelement.swf (oC-SA-2013-017)
Security: Authentication bypass in Contacts (oC-SA-2013-018)
Version 5.0.4 April 11th 2013
Fix file renames
Improved compatibility with PostgreSQL
Fixed upgrade for PostgreSQL users
Improved LDAP compatibility
Fix the upgrade hint
Make upgrade more robust fix maintainance mode
Smaller CSS fixes
Fix internet check for proxy users
Manually disable files_archive app to fix upgrade
Fix touch() for local storage
Fix versioning check to allow installation of 3rd party apps
Fix default quota
Several contacts fixes
Several calendar fixes
Fixed ampache support in media player
Improve mail function in antivirus app
Fix setting of user quotas
Fix deleted files size calculation
Fix “You do not have write permissions here” warning
Fix asynchronous loading of users
Fix notice from the nullbyte check
XSS vulnerability in jPlayer (oC-SA-2013-014)
PostgreSQL: Insecure database password generator (oC-SA-2013-015)
Windows: Local file disclosure (oC-SA-2013-016)
Version 5.0.3 April 3th 2013
Correctly handle .part files
Improve PostgreSQL support
Fix database upgrading from old versions
Improved app styles
Version 5.0.2 April 2th 2013
Fix versioning string
Fix compatibility with older MySQL versions
Version 5.0.1 April 2th 2013
Fixed classnames and improved autoloaded to improve compatibility with older PHP versions
Show a warning if an insecure PHP version is used
Filesizes are displayed correctly
Fixed groups in usermanagement
Several Internet Explorer fixes
Use display-names in more places
Fix upgrading of cache
Fix navigation scrollbar for lots of apps
Fixed ETag handling to prevent wrong conflict files
Fix public link handling
Better indexes to improve performance
Several Windows server fixes
Fix renames of shared files
Fix PostgreSQL compatibility
Improve error reporting for app installation
Improved compatibility with Novell eDirectory
Several LDAP fixes
Improved sorting in usermanagement
Improved background jobs
Several CardDAV contacts fixes
Several mediaplayer fixes
Fixes for text editor
Several lucene search fixes
Several smaller fixes
Contacts: SQL Injection (oC-SA-2013-012)
Multiple XSS vulnerabilities (oC-SA-2013-011)
* Change to 5.0 branch.
Changelog:
Version 5.0.0 March 14th 2013
New design
Restore deleted files
New fulltext search
Display names
New photo gallery
Improved calendar and contacts
Improved bookmarks
New documentation system
Improved file cache
Improved security checks
Security hardening in templates
Security hardening: Implemented Content Security Policy
Better versioning of better autoexpire
Extended external storage
New OCS REST API support
Improved apps management
Changelog:
Version 4.5.7 Feb 20th 2013
Fix for 3rd party apps dropping the database
Fix SubAdmins management
Fix PHP warnings
Fix compatibility with some CIFS shares
More robust apps management
Remove not needed AWS tests
Improved mime type parsing
Several sharing fixes
Offer the option to change the password only supported by the backend
More robust auto language detection
Revoke DB rights on install only if the db is newly created
Fix rendering of database connection error page
LDAP: update quota more often
Multiple XSS vulnerabilities (oC-SA-2013-003)
Multiple CSRF vulnerabilities (oC-SA-2013-004)
PHP settings disclosure (oC-SA-2013-005)
Multiple code executions (oC-SA-2013-006)
Privilege escalation in the calendar application (oC-SA-2013-007)
* Add PostgreSQL support, not tested.
Changelog:
Version 4.5.6 Jan 22th 2013
Improved language detection
Improved translations
Fix link to bugtracker
Several IE 6/7/8 fixes
SabreDAV updated to 1.6.6
Improved error reporting
Support special characters in mountpoint
Interpret http 403 and 401 as not authorized in user_webdavauth
Several fixes for special characters in files and folders
Improved PostgreSQL support
Check database names for valid characters
Fix default email address calculation
Remove debug output on send password page
Add SMTP port configuration option
Only show the max possible upload of 2GB on a 32 bit system
Show progress during file downloads
Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203
Security: Fix Code execution in external storage: CVE-2013-0204
Security: Removed remoteStorage app because of unfixed security problems.
Changelog:
Version 4.5.5 Dec 20th 2012
Show drag and drop shadow for Firefox
Fix Knowledgebase under certain conditions
Fix setting of sharing password
Fix setting of sharing password
Several sharing fixes
Fixversioning during sharing
Fix mounting of external filesystems especially CIFS
Fix several PHP warnings
Show /Shared as standard directory
Fix session management for running several ownClouds on the same host
Fix WebDAV quota enforement
Fix CalDAV with LDAP users
Better warning about missing dependencies
Add warning about conflicting WebDAV auth and LDAP backend
Restore send sharing link my email
Fix encoding problem with mounting of CIFS filesystems
Fix mimetype icons for new files
Fix the folder size calculation
Fix for deleting multiple files
Fix for controling the data dir with LDAP
Security: Auth bypass in user_webdavauth and user_ldap (oC-SA-2012-006)
Security: XSS vulnerability in bookmarks (oC-SA-2012-007)
Changelog:
Version 4.5.4 Dec 3th 2012
Fix a regression for system where output buffering is disabled
Fix a problem with old file versions stored in the filesystem cache
Fix group and subadmin ajax bug
Important LDAP fix
Improved Updater
* Change to 4.5 branch
Changelog:
Version 4.5.3 Nov 27th 2012
Fix the new from url button
Fix a memory overflow with downloading of big files via WebDAV
Better error output in case of DB problems
Fix problems with uploading files who have special characters in the name
Improved reverse proxy and load balancer support
Fix wrong folder size calculation
Improved share link generation
Fix the syncing of the Shared folder
Fix Sharing by link from within Shared folder
Several LDAP integration fixes
Fix support for PostgreSQL
Several WebDAV fixes
Fix drag and drop uploading
Improved translations
Several Gallery fixes
Several Contacts fixes
Smaller fixes
Version 4.5.2 Nov 14th 2012
Fix syncing of shared folder
Various sharing bugs fixed
Fix bug with deleting users
Fix check if resharing is allowed
Fix webdavauth app
Several ldap fixes
Fix data migration
Fix folder uploads
Fix generatino of etags
Fix user specific mount configuration
Several PostgreSQL fixes
Improved performance of file updates
Fix some php warnings
Fix filesize calculation
Add visual feedback if password is set
Various smaller fixes
Several critical security fixes
XSS vulnerability in user_webdavauth (oC-SA-2012-003)
Code Execution in /lib/migrate.php (oC-SA-2012-004)
Code Execution in /lib/filesystem.php (oC-SA-2012-005)
Changelog:
Version 4.0.8 Oct 10th 2012
Show Login Button when user and password are autocompleted
Sanitize LDAP base, user and groups
Security: Fix for insufficiently Random Values (CVE-2008-4107)
Security: Fixed multiple XSS vulnerabilities (CVE-2012-5056)
Security: Fixed a HTTP header injection (CVE-2012-5057)
Security: Fixed an Auth bypass in /lib/base.php (CVE-2012-5336)
* php-sqlite is no longer needed at least fresh installation
* Tested with php54 and apache24
* php-xml is needed
* Update MESSAGE
Changelog:
Version 4.0.4 June 28rd 2012
Fix assigning several groups to a user.
Fix LDAP connector with AD servers
Conserve some memory in Contacts App
Fix a warning in Gallery when deleting files
Fix a bug in the music scanner
Version 4.0.3 June 23rd 2012
Added a check if the .htaccess file is working and the data directory is protected or not.
Added a check if a user is allowed to edit a bookmark or not.
Fix the bookmarklet
Fix the timezone in the datepicker
Fix mimetype detection for cdr files
Fix the filecache for the /Shared folder
Fix a potential data corruption bug in the encryption app
Don¡t show other users filenames during filesystem cache rebuild
Fix several XSS bugs
Performance improvements for WebDAV and Desktop Syncing
Fix quota calculation
Improve the LDAP integration and group management
Fix problems with the pdf viewer
Fix user account migration
Implement several CSRF security checks
Fix a gallery bug where first picture is repeated in the last picture.
Lot¡s of calendar fixes
Fix problem with ¡È/¡É in filenames
Updated translations
Several fixes in Contacts
Lot¡s of fixes in the Tasks App
Fix a bug in the filesystem cache with ghost entries
Version 4.0.2 June 11th 2012
Lot¡Çs of gallery fixes
More 3rd party apps visible
Fixed update notifications
Several calendar fixes
Several XSS fixes in calendar
Several improvements in contacts
Fix infinite redirect during setup for windows hosts
Several XSS fixes in contacts
New user password salting
Several LDAP fixes
Fix duplicate emails in sharing
Improved compatibility with Android browser
Fixed calendar links
Fixed logging
Allow ¡È/¡É in filenames
Updated translations
Fixed reverse proxy and custom hosts configuration
Fix contact photo editing
Don¡Çt allow renaming, deleting and resharing of shared folder
Previously, I added a dependency on pdo_sqlite3 because an owncloud
instance failed to run without PDO. This commit moves the dependency
to be conditional on the sqlite option, so that it doesn't apply if
mysql is selected.
The upstream method selection code is hard to follow, and in
particular I don't understand how dbtype=sqlite is expected to use
MDB2 and dbtype=sqlite3 PDO. So with the sqlite option both chunks of
code are availale. I suspect there is an upstream bug lurking, but I
can't point to it.
Changelog:
from http://owncloud.org/owncloud-4-0-1-release/
Verify if user exists when loggin (oc-863)
More efficient log file handling
PDO requirement check
Check if apps folder is writable
prevent division by zero problem during output of free space
better mysql error message
correctly configure ldap group backend (oc-887)
sort users and groups (oc-779)
LDAP. correctly handle group filter (oc-867)
try to switch magic quotes of globally
fix ategory error reporting (oc-874)
correctly handle reverse proxy / load balancer https handling
prevent session already started warning
fix the files breadcrumb
don¡Çt try to use smtp auth if config files says no
fix versioning path
security: fix a XSS problem in calendar
make LDAP pqsql compatible
fix pqsql database migration
fix ldap config interface
support for LDAP ¡Èmember¡É
don¡Çt hardcode /tmp
fix potential security problem for requested apps parameter
fix notes in contacts properly
fix timezone detection
fix interti_id in calendar
set DB prefix for pqsql
security: fix a XSS problem in contacts
correctly encode caldav link
allow longer path in gallery
disable not compatible apps during upgrade
fix HEAD request for downloads
fix private link sharing via email
use UTC as default timezone
style fixes for tasks app
* Add .htaccess file to package
* Fix MESSAGES, to be more useful
Changelog:
changelog is not available officially. The following is provided by SuSE.
- Security: Several CSRF fixes
- Security: .htaccess uploading blacklist
- Backport link in the Help center to the online documentatio
- Backport link in the Help center to the "Big Files" howto
- Check if JSon module is installed
- Check if GD module is installed