From the changelog:
10.0.9 - 2018-07-17
Added
Added account module middleware to be able to plug in logic after authentication - #31883#31933
occ user:list now takes a list of attributes to display - #31115
Added Symfony events for user preference changes - #31266
Added Symfony events for public links shared by email - #31632
Added Symfony events for accept and reject for local shares - #31702
Added support for Imprint and Privacy Policy URLs in web UI and email footers - #31666#31699#31730#31766
Added HTML template for lost password email - #31144
Received local shares can now trigger a notification to accept or reject them, also visible in "Shared with you" section - #31613#31886
Rejected shares can now be accepted again in the "Shared with you" section - #31613
Provide original exception via logging events - #31623
Share autocomplete now displays useful tooltip when typing less characters - #31729
Added public Webdav API for versions using a new "meta" DAV endpoint - #31729#29637#31805#31801
Added support for retrieving file previews using Webdav endpoint - #29319#30192#31748#31788#31862#31865
Added versioning support for primary object store - #29607#31285#31595
Changed
Updated ca-bundle.crt - #31734
Bump symfony to 3.4.8 and other pending minor bumps - #31221
Bump karma from 2.0.0 to 2.0.2 in /build - #31253
Bump karma-jasmine from 1.1.1 to 1.1.2 in /build - #31378
Bump karma-coverage from 1.1.1 to 1.1.2 in /build - #31380
Bump zendframework/zend-inputfilter from 2.8.1 to 2.8.2 - #31431
Bump icewind/smb from 1.1.0 to 3.0.0 in /apps/files_external/3rdparty - #31521
Bump symfony 3.4.9 to 3.4.11 - #31571
Update jsdoc requirement to ~3.5.5 - #30036
Removed example theme which now lives in the theme-example repository - #31447
A user who is a member of multiple groups is now excluded from sharing if at least one of their group is configured for exclusion - #31737#31822
Changed back default minimum search characters to 2 for share autocomplete due to confusion - #31729
Files app UI now uses new versions API through the "meta" DAV endpoint - #29607
Removed
Removed old private ajax API for previews, deprecated by DAV endpoint support - #30254
Bookmarks certificate was removed - #31878
Fixed
Adjustments for the notifications messages of the sharing apps - #31947
Disable jquery globalEval - #31972
Work around Edge browser memory leak in web UI chunked upload - #31884
Don't fail if ISqlMigration doesn't return anything - #31779
Fixed restoring of versions for single file shares - #31681
Group admins are not able to create groups any more using provisioning API - #31738
Fix Oracle for queries using ILIKE operator - #31466
Improve user-sync command help description - #31691
Fix deletion and restoration of files in trashbin in some partial selection scenarios - #31700
Do not load the code of disabled theme apps - #31478
Fix encrypt-all and decrypt-all commands to keep shares when encrypting - #31600#31590
Proceed with encrypt-all command by enabling user-keys if no mode is selected by user - #31612
Validate maximum length of a username - #31664
Save timezone as given during login - #31493
Fix checksum computation to not apply on read-write streams to avoid potential mismatch results - #31619
Exclude uploads directory from read-only cache mask, fixes guest app chunked uploads - #31596
Properly normalize paths for event, no &$magic needed - #31689
Use the correct user id in login related Symfony events - #31605
Fix public link dialog issue when collaborative tags app is disabled - #31581
Fix updating public link share in transfer ownership command - #31176#31953
Do not set the password again if it hasn't changed - #31370
Use correct l10n to translate 'password was changed' email - #31553
Improve text in settings/personal App Password - #31539
Fix default language code example - #31448
Fix double slash in versioning file copy events - #31452
Split public password enforced capabilities based on a config - #31499
Fix bogus exceptions related to missing DAV nodes after deletion - #31479
Fix enabling of users by group admins in the web UI - #31489
Fix AccountMapper to return an object or throw an exception - #31445
Proper handling of exceptions in UserManager - #31446
Properly cache non-existing user in UserManager - #31446
Update verify checksums console output to flow more naturally - #31449
Subadmin shouldn't be able to add users to their groups via API - #31337
Catch duplicate inserts in token table - #31460#31794#32041
Fix overflowing public share names in the share panel - #31369
Fix occ user:sync to sync quota from preferences after upgrade if backend provided no quota - #31360
Fix for Redis dev editions - #31282
Fix mail debug message recipient field - #31227
Prevent infinite loop in case of error in "log" event handler - #31247
Fix HTTP status code when uploading virus-infected files - #31260
Add back robots.txt in the release - #31248
Changelog:
Changes in 10.0.8
Dear ownCloud administrator, please find below the changes and known issues in ownCloud Server 10.0.8 that need your attention. You can also read the full ownCloud Server changelog for further details on what has changed.
PHP 5.6 deprecation
PHP 5.6/7.0 active support has ended on January 19th 2017 / December 3rd 2017 and security support will be dropped by the end of 2018. Many libraries used by ownCloud (including the QA-Suite PHPUnit) will therefore not be maintained actively anymore which forces ownCloud to drop support in one of the next minor server versions as well. Please make sure to upgrade to PHP 7.1 as soon as possible. See the system requirements in the ownCloud documentation.
Personal note for public link mail notification
One of the usability enhancements of ownCloud Server 10.0.8 is the possibility for users to add a personal note when sending public links via mail. When using customized mail templates it is necessary to either adapt the shipped original template to the customizations or to add the code block for the personal note to customized templates in order to display the personal note in the mail notifications.
New mail notifications feature
ownCloud Server 10.0.8 introduces a new extensible notification framework. Apart from technical changes under the hood the Notifications app can now also send mails for all notifications that previously were only displayed within the web interfaces (notification bell) or on the Desktop client (notifications API) like incoming federated share or Custom Group notifications, for example. In the “General” settings section users can configure whether they want to receive mails for all notifications, only for those that require an action or decide not to get notifications via mail (by default users will only receive notifications when an action is required).
LDAP-related improvements
When disabling or deleting user accounts in LDAP, the administrator can choose to either delete or disable respective accounts in ownCloud when executing occ user:sync (-m, --missing-account-action=MISSING-ACCOUNT-ACTION). User accounts that are disabled in ownCloud can now be re-enabled automatically when running occ user:sync if they are enabled in LDAP. When this behavior is desired administrators just need to add the -r, --re-enable option to their cron jobs or when manually executing occ user:sync.
Furthermore it is now possible to execute occ user:sync only for single (-u, --uid=UID) or seen (-s, --seenOnly) users (users that are present in the database and have logged in at least once). These new options provide more granularity for administrators in terms of managing occ user:sync performance.
Another notable change in behavior of occ user:sync is that administrators now have to explicitly specify the option -c, --showCount to display the number of users to be synchronized.
New events for audit logging
New events have been added to be used for audit logging, among others. These include configuration changes by administrators and users, file comments (add/edit/delete) and updating existing public links. When logs are forwarded to external analyzers like Splunk, administrators can check to add the new events. The latest version of the Auditing extension (admin_audit) is required.
New command to verify and repair file checksums
With ownCloud 10 file integrity checking by computing and matching checksums has been introduced to ensure that transferred files arrive at their target in the exact state as their origin. In some rare cases wrong checksums can be written to the database leading to synchronization issues with e.g. the Desktop Client. To mitigate such situations a new command occ files:checksums:verify has been introduced. The command recalculates checksums either for all files of a user or for files within a specified path, and compares them with the values in the database. Naturally the command also offers an option to repair incorrect checksum values (-r, --repair). Please check the available options by executing occ files:checksums:verify --help. Note: Executing this command might take some time depending on the file count.
New config setting to specify minimum characters for sharing autocomplete
For security reasons the default value for minimum characters to trigger the sharing autocomplete mechanism has been set to “4” (previously it was set to “2”). This is to prevent people from easily downloading lots of email addresses or user names by requesting their first letters through the API. As it is a trade-off between security and usability for some scenarios this high security level might not be desirable. Therefore the value now is configurable via the config.php option 'user.search_min_length' => 4,. Please check which value fits your needs best.
New option to granularly configure public link password enforcement
With ownCloud 10 the “File Drop” feature has been merged with public link permissions. This kind of public link does not give recipients access to any content, but it gives them the possibility to “drop files”. As a result, it might not always be desirable to enforce password protection for such shares. Given that, passwords for public links can now be enforced based on permissions (read-only, read & write, upload only/File Drop). Please check the administration settings “Sharing” section and configure as desired.
New option to exclude apps from integrity check
By verifying signature files the integrity check ensures that the code running in an ownCloud instance has not been altered by third parties. Naturally this check can only be successful for code that has been obtained from official ownCloud sources. When providing custom apps (like theme apps) that do not have a signature, the integrity check will fail and notify the administrator. These apps can now be excluded from the integrity check by using the config.php option 'integrity.ignore.missing.app.signature' => ['app_id1', 'app_id2', 'app_id3'],. See config.sample.php for more information.
New occ command to modify user details
It is now possible to modify user details like display names or mail addresses via the command occ user:modify. Please append --help for more information.
occ files:scan can now be executed for groups
Apart from using the occ files:scan command for single users and whole instances it can now be executed for groups using -g, --groups=GROUPS. Please append --help for more information.
New configurable default format for syslog
When using syslog as the log type ('log_type' => 'syslog', in config.php) the default format hahe new format and config.sample.php on how to change it.
New config option to enable fallback to HTTP for federated shares
For security reasons federated sharing (sharing between different ownCloud instances) strictly requires HTTPS (SSL/TLS). When this g.federation.allowHttpFallback' => false, to true in config.php.
Migration related to auth_tokens (app passwords)
Upgrading to 10.0.8 includes migrations related to auth_tokens (app passwords). When users have created app passwords as separate passwords l autocomplete for public link share dialog
When the “Sharing” settings option Allow users to send mail notifications for shared files for public links is enabled, users can send public links via mail from within the web interface. The behavior of the autocomplete when entering mail addresses in the public link share dialog has been changed. Previously the autocomplete queried for local users, users from federated address books and contacts from CardDAV/Contacts App. As public links are not intended for sharing between ownCloud users (local/federated), those have been removed. Contacts synchronized via CardDAV or created in the Contacts app will still appear as suggestions.
Notifications sent by occ can now include links
The command occ notifications:generate can be used to send notifications to individual users or groups. With 10.0.8 it is also capable of including links to such notifications using the -l, --link=LINK option. Please append --help for more information. There is also Announcementcenter to conduct such tasks from the web interface but it is currently limited to send notifications to all users. For now administrators can use the occ command if more granularity is required.
Global option for CORS domains
For security reasons ownCloud has a Same-Origin-Policy that prevents requests to ownCloud resources from other domains than the domain the backend server is hosted on. If ownCloud resources should be accessible from other domains, e.g. for a separate web frontend operated on a different domain, administrators can now globally specify policy exceptions via CORS (Cross-Origin Resource Sharing) using 'cors.allowed-domains' in config.php. Please check config.sample.php for more information.
Solved known issues
Bogus “Login failed” log entries have been removed (see 10.0.7 known issues)
The Provisioning API can now properly set default or zero quota
User quota settings can be queried through Provisioning API
A regression preventing a user from setting their e-mail address in the settings page has been fixed
File deletion as a guest user works correctly (trash bin permissions are checked correctly)
Known issues
Issues with multiple theme apps and Mail Template Editor
As of ownCloud Server 10.0.5 it is only possible to have one theme app enabled simultaneously. When a theme app is enabled and the administrator attempts to enable a second one this will result in an error. However, when also having the Mail Template Editor enabled in this scenario the administrators “General” settings section will be displayed incorrectly. As a remedy administrators can either uninstall the second theme app or disable the Mail Template Editor app.
occ transfer:ownership does not transfer public link shares if they were created by the target user (reshare).
For developers
The global JS variable “oc_current_user” was removed. Please use the public method “OC.getCurrentUser()” instead.
Lots of new Symfony events have been added for various user actions, see changelog for details. Documentation ticket: <https://github.com/owncloud/documentation/issues/3738>`_
When requesting a private link there is a new HTTP response header “Webdav-Location” that contains the Webdav path to the requested file while the “Location” still points at the frontend URL for viewing the file.
Changes in 10.0.7
ownCloud Server 10.0.7 is a hotfix follow-up release that takes care of an issue regarding OAuth authentication.
Please consider the ownCloud Server 10.0.5 release notes.
Known issues
When using application passwords, log entries related to “Login Failed” will appear and can be ignored. For people using fail2ban or other account locking tools based on log parsing, please apply this patch with patch -p1 < 50c78a4bf4c2ab4194f40111b8a34b7e9cc17a14.patch (original pull request here).
Changes in 10.0.6
ownCloud Server 10.0.6 is a hotfix follow-up release that takes care of an issue during the build process (https://github.com/owncloud/core/pull/30265). Please consider the ownCloud Server 10.0.5 release notes.
Changes in 10.0.5
Dear ownCloud administrator, please find below the changes and known issues in ownCloud Server 10.0.5 that need your attention. You can also read the full ownCloud Server changelog for further details on what has changed.
Technology preview for PHP 7.2 support
ownCloud catches up with new web technologies. This has mainly been introduced for the open-source community to test and give feedback. PHP 7.2 is not yet supported nor recommended for production scenarios. ownCloud is going to fully support PHP 7.2 with the next major release.
php-intl now is a hard requirement
Please make sure to have the PHP extension installed before upgrading.
Changed: Only allow a single active theme app
The theming behavior has been changed so that only a single theme can be active concurrently. This change ensures that themes can not interfere in any way (e.g., override default theming in an arbitrary order). Please make sure to have the desired theme enabled after upgrading.
Removed old Dropbox external storage backend (Dropbox API v1)
Please switch to the new External Storage: Dropbox app (https://marketplace.owncloud.com/apps/files_external_dropbox) with Dropbox API v2 support to continue providing Dropbox external storages to your users.
Fixed: Only set CORS headers on WebDAV endpoint when Origin header is specified
ownCloud Server 10.0.4 known issue is resolved.
Fixes and improvements for the Mail Template Editor
Known issues are resolved: Mail Template Editor works again, got support for app themes and additional templates were added for customization.
Mail Template Editor is still bundled with ownCloud Server but will soon be released as a separate app to ownCloud Marketplace.
Changelog: https://github.com/owncloud/templateeditor/blob/release/0.2.0/CHANGELOG.md
Known issues
When using application passwords, log entries related to “Login Failed” will appear, please upgrade to 10.0.7 and check the fix mentionned in its release notes.
Changes in 10.0.4¶
Dear ownCloud administrator, please find below the changes and known issues in ownCloud Server 10.0.4 that need your attention. You can also read the full ownCloud Server 10.0.4 changelog for further details on what has changed.
More granular sharing restrictions
The “Restrict users to only share with users in their groups” option, in the Sharing settings, restricts users to only share with groups which they are a member of, while simultaneously prohibiting sharing with single users that do not belong to any of the users’ groups.
To make this more granular, we split this option into two parts and added “Restrict users to only share with groups they are member of”, which differentiates between users and groups. Doing so makes it possible to restrict users from sharing with all users of an installation, limiting them to only being able to share with groups which they are a member of, and vice versa.
Configurable solution for indistinguishable user display names
The ownCloud sharing dialog displays users according to their display name. As users can choose their display name in self-service (which can be disabled in config.php) and display names are not unique, it is possible that a user can’t distinguish sharing results. To cover this case the displayed user identifiers are now configurable. In the Sharing settings administrators can now configure the display of either mail addresses or user ids.
Added “occ files:scan” repair mode to repair filecache inconsistencies
We recommend to use this command when directed to do so in the upgrade process. Please refer to the occ command’s files:scan –repair documentation for more information.
Detailed mode for “occ security:routes”
Administrators can use the output of this command when using a network firewall, to check the appropriateness of configured rules or to get assistance when setting up.
Added mode of operations to differentiate between single-instance or clustered setup
As ownCloud needs to behave differently when operating in a clustered setup versus a single instance setup, the new config.php option operation.mode has been added. It can take one of two values: single-instance and clustered-instance. For example: 'operation.mode' => 'clustered-instance',.
Currently the Market App (ownCloud Marketplace integration) does not support clustered setups and can do harm when used for installing or updating apps. The new config setting prevents this and other actions that are undesired in cluster mode.
When operating in a clustered setup, it is mandatory to set this option. Please check the config_sample_php_parameters documentation for more information.
Added occ dav:cleanup-chunks command to clean up expired uploads
When file uploads are interrupted for any reason, already uploaded file parts (chunks) remain in the underlying storage so that the file upload can resume in a future upload attempt. However, resuming an upload is only possible until the partial upload is expired and deleted, respectively.
To clean up chunks (expire and delete) originating from unfinished uploads, administrators can use this newly introduced command. The default expiry time is two days, but it can be specified as a parameter to the command. It is recommended to configure CRON to execute this background job regularly.
It is not included in the regular ownCloud background jobs so that the administrators have more flexibility in scheduling it. Please check the background jobs configuration documentation for more information.
Administrators can now exclude files from integrity check in config.php¶
When administrators did intentional changes to the ownCloud code they now have the ability to exclude certain files from the integrity checker. Please check “config.sample.php” for the usage of 'integrity.excluded.files'.
Modification time value of files is now 64 bits long
When upgrading to 10.0.4 migrations may increase update duration dependent on number of files.
Updated minimum supported browser versions
Users with outdated browsers might get warnings. See the list of supported browser versions.
Known issues
When using application passwords, log entries related to “Login Failed” will appear, please upgrade to 10.0.7 and check the fix mentioned in its release notes.
10.0.3 resolved known issues
SFTP external storages with key pair mode work again
Added support for MariaDB 10.2.7+
Encryption panel in admin settings fixed to properly detect current mode after upgrade to ownCloud 10
Removed double quotes from boolean values in status.php output
Known issues
Impersonate app 0.1.1 does not work with ownCloud Server 10.0.4. Please update to Impersonate 0.1.2 to be able to use the feature with ownCloud 10.0.4.
Mounting ownCloud storage via davfs does not work
Changelog:
Version 10.0.2 May 30 2017
[major] Fix issue with database.xml migration being triggered twice on market app install - core/#27982
[major] Apps formerly marked as shipped can now be uninstalled - core/#27985
[major] Market now properly updates app version when using multiple apps paths - core/#28002
Version 10.0.1 May 23 2017
[major] Clear cached app info before installing app - core/#27953
[major] Fix to allow admin login when using home object store mode - core/#27963
[major] Skeleton files correct copied for shibboleth - core/#27935
[major] Automatically enable market app when upgrading from OC < 10 - core/#27930
[major] Fix issue where market would run app migrations twice in some scenarios - market/#76
[major] Fetch search terms from user backend (ex: LDAP) for more extended user search ability - core/#27906
[major] Added support for upload-only link shares - core/#27548
[major] When enabling default encryption module the admin must now explicitly choose encryption type (master key vs user key) - core/#27512
[major] Fix missing "publicuri" field when upgrading from 9.1.5 - core/#27754
[major] Add options to the user:sync command to handle missing accounts - core/#27798
[major] Maintenance mode now properly blocks syncing on new DAV endpoint - core/#27821
[major] Copy button for multiple link share now copies the correct link - core/#27863
[major] Fix upload issues with IE11 - core/#27875
[major] Allow apps to register multiple settings panels - core/#27885
[major] Account table doesn't sync from user backends that have no listing support - core/#27862
[major] Add events for password validation - core/#27883
[major] Add JS event after external storage mount config is loaded, for UI extensions - core/#27740
[major] Fix theming of setup page by autoloading default_enable theme apps - core/#27819
[major] Allow apps to register custom settings page sections in info.xml - core/#27634
[major] Add admin sharing option to restrict autocomplete to membership groups but still allow typing full name if known - core/#27869
[minor] Market app update now doesn't overwrite local git checkouts - core/#27973
[minor] Delete "appstoreenabled" config value when enabling market - core/#27956
[minor] Do not verify email address when entered by an admin on their personal page - core/#27921
[minor] Fix default share permission issue in public API core/#27927
[minor] Properly rethrow exception when error occurred when enabling an app - core/#27970
[minor] Remove own shares from "Shared with you" section - core/#27972
[minor] Fix updating to daily from 10.0.0 with web updater - updater/#422
[minor] Fix updating to 10.0.1 with web updater - core/#27965
[minor] Removed unused and non-working auto-login after setup - core/#27971
[minor] Fix SMB storage to return false if stat failed - core/#27859
[minor] Update swiftmailer - core/#27897
[minor] Escape filter in search - core/#27900
[minor] Fix file name output in error pages - core/#27808
[minor] Support for alternative login buttons through config.php - core/#27607
[minor] Example theme app renamed to "theme-example" by convention - core/#27632
[minor] Fix missing translation of built-in section names - core/#27645
[minor] Add ability to disable password reset form in config - core/#27676
[minor] Add support for themed radio buttons - core/#27681
[minor] Fix customjs extension handling for external storage apps - core/#27683
[minor] Fix upgrade error with mod_fcgid and PHP 7 - core/#27553
[minor] Remove sharing subtab when link sharing is disallowed - core/#27708
[minor] Add privacy warning in link shares panel - core/#27844
[minor] Fix files app name in navigation menu - core/#27843
[minor] Fix mimetype table code to ignore folder extensions - core/#27668
[minor] Automatically focus the password field in password reset page - core/#27889
[minor] Trashbin restore warnings due to missing entries now logged as debug - core/#27826
[minor] Remove obsolete repair step RemoveOldShares - core/#27737
[minor] "local link" was renamed to "private link" - core/#27594
[minor] Fix column sorting in public file list page - core/#27308
[minor] Don't display error when not connected to market - market/#51
[minor] Fix issue with some apps info formats - market/#49
[minor] Add ability to uninstall apps in market app UI - market/#67
[minor] Improve visual feedback when installing market apps - market/#64
[minor] Don't display license key in config report - configreport/#27
Version 10.0.0 Apr 27 2017
General
Allows users to add the app to the Android homescreen - core/#25438
Compatible with PHP 7.1 - core/#25436
MySQL 4-byte UTF8 support: (utf8mb4 for e.g. Emoticons) - core/#17978
Admin, personal pages and app management are now merged together into a single "Settings" entry - core/#26449
Admin page displays the output of the server's status.php - core/#27238
Also allow using email address for password recovery - core/#27168
Support Redis Cluster - core/#26407
ownCloud log entry reorder - core/#27562
ownCloud log file rules to split into separate files - core/#27443
occ scanner optimized memory usage for large scans by using autocommits - core/#27527
Filesystem
Ability to exclude folders from being processed, like snapshot folders - core/#19235
Checksum is computed on the fly and verified - core/#26655
Files App
Share Link can be copied to the clipboard - core/#25418
Display version sizes in versions panel - core/#26511
Transfer ownership now works for individual folders - core/#27343
Favorite star indicator now visible in the file lists related to sharing (ex: "Shared with you") - core/#19753
User management
Ability to disable users in the users page (enable column first under cog icon) - core/#27333
When changing personal email, an email confirmation is now sent - core/#7326
When password is changed through any means, the user will now receive an email - core/#27498
Change user preferences through OCC - core/#24770
External storage
"Local" storage type can now be disabled by sysadmin in config.php - core/#26653
External storage backends must use the core external storage API to work without files_external - core/#18160
FTP external storage moved to a separate app files_external_ftp
Dav App
CalDAV calendar public sharing - core/#2ultiple link shares - core/#27337
When a recipient moves a file or folder out of a received share, the owner now receives a backup in their trashbin - core/#27042
User avatars now visible in sharing autocomplete dropdown - core/#25976
Minor chang7473
provisioning API now also returns the user's home path - core/#26850
web updater shows link to changelog in admin page - core/#26796
For developers
Users from all user backends are now stored in a central account table, improves perform Added first login event - core/#26206
Added postLogout hook - core/#27048
New column in oc_jobs table to store last duration - core/#27144
Ability to specify offset and limit when doing a REPORT query on a files endpoint - core/#26507
Avatar API via WebDAV - core/#26872
Improve return value support for two factor auth providers API - core/#26593
Apps can now register Sabre plugins in info.xml - core/#26195
REPORT method for files endpoint now allows searching for favorites - core/#26099
Group backends can now return group display names (partial support, only used by sharing autocomplete) - core/#26750
Changelog:
Version 9.1.4 Feb 2 2017
[major] Make error message for password reset form more generic - core/#27011
[major] When sharing autocomplete is disabled, also disable for the email field - core/#26504
[major] Add command to clean up invalid/expired remote storages - core/#26379
[major] Fix encryption key storage when using LDAP home folder rules - core/#26820
[major] Properly react on memcache errors - core/#25692
[major] Fix random normalizedPathCache log messages / garbage collection issues from PHP 7 - core/#22370
[major] Properly deal with inconsistent LDAP/memcache or user/group manager responses - core/#26871
[major] Added configreport app which will help with better bug reports - configreport/#6
[minor] Fix syncing of file names with colon followed by a number - core/#25479
[minor] Prevent empty user uid from LDAP - user_ldap/#6
[minor] Prevent repeated log messages when dealing with broken picture files - core/#26758
[minor] Fix group-enable option in apps page when memcache is enabled - core/#26638
[minor] Add AVMaxFileSize config option - files_antivirus/#133
[minor] Reduce number of federated share requests when dealing with non-existing entries - core/#26324
[minor] Remove obsolete legacy storage repair routine - core/#26774
[minor] Fix broken remote avatar image in activities tab - activity/#529
[minor] When grouping duplicate shares, sort by stime then id - core/#25830
[minor] Make file upload post hooks consistent between chunking and non-chunking mode - core/#26387
[minor] Fix wrong German translation in upload progress bar by using momentjs library - core/#26804
[minor] Skip unavailable storages in background file scan instead of failing - core/#26055
[minor] Update PHP 7.1 incompatibility warning - core/#26982
[minor] Warning notification when uploading 4+ GB file in IE11 - core/#27004
Update DEPENDS(upstream dropped php-5.3 support)
Upstream changes:
Version 9.1.3 Dec 13 2016
[major] UI: File list now works properly with many hidden entries - core/#26518
[major] Transfer ownership fails in some sharing scenario - core/#26523
[major] Transfer ownership fails if external storage with user-specified password - core/#26530
[major] Transfer ownership fails with file shares with invalid permissions - core/#26541
[major] Transfer ownership must skip trashed shares - core/#26525
[major] Versions on external storage never expire - core/#24161
[major] Properly convert public upload OCS params - core/#26691
[major] Properly load object store apps at install time when required in config - core/#26299
[major] Fix issue in sharing API that can happen with Galera Cluster - core/#26700
[major] Cannot delete file in share link from global external storage - core/#25618
[major] Fix issue where first run wizard made web UI unusable in IE11 - core/#26438
[major] Cannot upload to federated share when only create/update permission given - core/#26173
[major] Auth header in new DAV endpoint can break with Windows Webdav - core/#26412
[minor] Transfer ownership don't bail out on error - core/#26524
[minor] Don't scan received shares in OCC files scan or background jobs - core/#26590
[minor] Remove useless warning in log when accessing public shares - core/#25455
[minor] Fix disappearance of share info when clicking favorite star - core/#26241
[minor] Don't bother fetching preview images if previews disabled in config.php - core/#26705
Version 9.1.2 Nov 8 2016
Core: Adjusted documentation link to issue template - core/#26087
Core: Display feedback in users page when changing password - core/#25532
Core: Fix mime type detection in hidden directories - core/#26133
Core: Change forum URL to central - core/#25644
Core: Fix share array format passed to "post_unshareFromSelf" hook - core/#26390
Core: Release mount info memory after running background jobs - core/#26223
Core: Improve users page performance by not sorting after every add - core/#26234
Core: Escape special chars in some queries - core/#25429
Core: Redirect to two factor challenge page when only a single provider exists - core/#26134
Core: Fix bogus PasswordLoginForbidden DAV error when logging in as non-existing user - core/#26123
Core: Change the minimum log level to FATAL - core/#26131
Core: Fix issue with "(2)" appearing on shares when querying avatar with wrong casing - core/#26271
Core: Enabling an app now also analyzes dependencies at this time instead of only at install - core/#26295
Core: Reuse cached app info to avoid high load on some environments - core/#25603
Core: Show warning instead of exception when trying to run ownCloud on Windows - core/#26208
Core: Fix misleading SSL/TLS SMTP email configuration - core/#26447
Core: Fix malformed attribute in files app page - core/#26480
DAV: Improve chunk assembly performance for new DAV endpoint - core/#26062
DAV: New chunking now returns Etag and OC-Etag on the final MOVE - core/#25682
DAV: Do not print exception messages in HTML - core/#26460
DAV: Sanitize length headers when validating quota - core/#26366
Files: Allow uploading empty files in the web UI - core/#19116
Files: Properly translate file summary in lists - core/#26221
Files: Exclude more invalid chars in path - core/#26461
Sharing: Let the share owner increase permissions - core/#25542
Federation: Fix sharing with remote user names containing spaces - core/#25955
Federation: Save some memory in sync job by releasing mount info after each user - core/#26204
Federation: Fix federated address book syncing by using the correct background job name - core/#26202
CalDAV: Add Schedule and IMip plugins when receiving webdav v1 api calendar calls - core/#23600
CardDAV: Unset photo before setting a new one - core/#26242
CardDAV: Fix for birthday entries - core/#25636
CardDAV: Limit image export mime types - core/#26459
Updater: Fix web UI update in some environments - updater/#378
Updater: Retrigger integrity check after update - updater/#405
User_LDAP: Added OCC command to update group mappings - user_ldap/#14
User_LDAP: Fix issue with "(2)" appearing on shares when refreshing users in some scenarios - core/#25718
User_external: Double verify the SMB response - apps/#2198
Firstrunwizard: Only display the wizard when in files app - firstrunwizard/#52
Gallery: Do not display technical error messages - gallery/#707
* Remove contact and calendar distfiles
* Remove replace commands for code sining, fix PR pkg/51032
Changelog:
Version 9.1.1 Sep 20 2016
Core: Remove OCS response body for HTTP status 204 and 304 which disturbed some firewalls - core/#25835
Core: Map Oracle driver options to params - core/#23938
Core: Log cron job class name for easier troubleshooting - core/#25743
Core: Skip version and trash expiry for users that never logged in - core/#25741
Core: Added white download icons for apps to use - core/#23891
Core: Fix warning about undefined offset in LoginController - core/#25714
Core: Fix warning about undefined two factor providers - core/#25606
Core: Load app before executing its repair steps - core/#25674
Core: Fix "defaultapp" setting - core/#25562
Core: Fix issue when opening some file app links received in share emails - core/#25200
Core: Reconnect DB in occ files:scan to avoid DB timeouts - core/#25853
Core: Fix status.php page redirection with non-standard port - core/#25946
Core: Improve users page loading performance with many groups - core/#25922
Core: Don't log credentials from tryLogin - core/#25895
Core: Fix password recovery with case sensitive user names - core/#25684
Core: Fix two factor page cyclic reload with some providers - core/#25893
Core: Add visual feedback when updating password in users page - core/#25532
Core: Fix useless warning when overwriting file when open_basedir is set - core/#26033
Files: Display hidden files in footer and selection summary - core/#25855
Files: Fix hidden files handling with insertion or selection - core/#25856
DAV: Faster classification migration in CalDAV - core/#25638
DAV: Error message about forbidden password login is now logged in debug level - core/#25486
DAV: Return "data-fingerprint" property on any file related element - core/#25482
DAV: Fix missing properties in CalDAV subscriptions - core/#24469
DAV: Improve performance of chunking in new DAV endpoint- core/#26072
Sharing: Fixed wrong insufficient storage error - core/#25582
Sharing: Prevent shared storage recursions to avoid memory issues and crashes - core/#25557
Sharing: Group received shares which have same source and target - core/#25113
Sharing: Fix sharing over API when dealing with trailing slashes - core/#25464
Sharing: Fix public upload issue with quota in some scenarios - core/#24751
Sharing: Fix issue where videos did not play from share links with PHP 7 - core/#25483
Sharing: Fix BadMethodCallException in cron or scanner - core/#25506
Sharing: Prevent ghost mounts for deleted/orphaned shares - core/#26001
Sharing: Fix fatal error for users with older existing shares from OC <= 8.2 - core/#25933
Sharing: Always allow share owner to increase permissions - core/#25542
Sharing: Properly retry federated shares after they were unavailable - core/#26037
Sharing: Reallow spaces in federated share autocomplete in share dialog - core/#25955
Encryption: OCC command for decryption now doesn't decrypt received shares - core/#25599
Files_external: Removed reference magic to avoid potential infinite loops - core/#25844
Files_external: Added conditional trace logging for debugging SMB on production systems - core/#25758
Files_external: Fix config database issue when using Oracle - core/#25764
Files_external: SMB subfolders with read-only attribute are now writeable in OC to match spec - core/#24608
Files_external: Fix "save in session" mode when using Webdav without cookies/session - core/#25511
Files_external: Respect theme for external folder icon - core/#25461
Files_external: Disable NFD encoding wrapper that was enabled by mistake for local storages - core/#25819
Files_external: Some SMB fixes and better debug logging - core/#25817
Files_trashbin: Add occ command to trigger trashbin retention expiration - core/#25878
Files_versions: Add occ command to trigger versions retention expiration - core/#25878
LDAP: Fix login issue when dealing with display name of deleted users - core/#23248
LDAP: Prevent triggering email change events at login time for unchanged email - core/#25553
LDAP: Fix login and logging issue with big avatars by reducing their size - core/#25857
LDAP: Hide LDAP admin password in wizard - core/#25702
Provisioning API: Fixed issue where subadmins could not change group memberships - core/#25496
Provisioning API: Added flag to enable/disable two-factor auth for users - core/#25876
Activity: Fix owner name processing for received federated shares - core/#24938
Updater: Fix web update issue with filesystem apps - updater/#371
Antivirus: Fix incorrect report of file size - files_antivirus/#120
Antivirus: Fix background scan - files_antivirus/#109
Version 9.1.0 Jul 21 2016
General
Background jobs (cron) can now run in parallel
Update notifications in client via API - You can now be notified in your desktop client about available updates for core and apps. The notifications are made available via the notifications API.
Multi bucket support for primary objectstore integration
Authentication
Pluggable authentication: plugin system that supports different authentication schemes
Token-based authentication
Ability to invalidate sessions
List connected browsers/devices in the personal settings page. Allows the user to disconnect browsers/devices.
Device-specific passwords/tokens, can be generated in the personal page and revoked
Disable users and automatically revoke their sessions
Detect disabled LDAP users or password changes and revoke their sessions
Log in with email address
Configuration option to enforce token-based login outside the web UI
Two Factor authentication plug-in system
OCC command added to (temporarily) disable/enable two-factor authentication for single users
Note: the current desktop and mobile client versions do not support two-factor yet, this will be added later. It is already possible to generate a device specific password and enter that in the current client versions.
Files app
Ability to toggle displaying hidden files
Remember sort order
Permalinks for internal shares
Visual cue when dragging in files app
Autoscroll file list when dragging files
Upload progress estimate
Federated sharing
Ability to create federated shares with CRUDS permissions
Resharing a federated share does not create a chain of shares any more but connects the share owner's server to the reshare recipient
External storage
UTF-8 NFD encoding compatibility support for NFD file names stored directly on external storages (new mount option in external storage admin page)
Direct links to the configuration pages for setting up a GDrive or Dropbox app for use with ownCloud
Some performance and memory usage improvements for GDrive, stream download and chunk upload
Performance and memory usage improvements for Dropbox with stream download
GDrive library update provides exponential backoff which will reduce rate limit errors
Minor additions
Support for print style sheets
Command line based update will now be suggested if the instance is bigger to avoid potential timeouts
Web updater will be disabled if LDAP or shibboleth are installed
DB/app update process now shows better progress information
Added occ files:scan --unscanned to only scan folders that haven't yet been explored on external storages
Chunk cache TTL can now be configured
Added warning for wrongly configured database transactions, helps prevent "database is locked" issues
Use a capped memory cache to reduce memory usage especially in background jobs and the file scanner
Allow login by email
Respect CLASS property in calendar events
Allow addressbook export using VCFExportPlugin
Birthdays are also generated based on shared addressbooks
For developers
New DAV endpoint with a new chunking protocol aiming to solve many issues like timeouts (not used by clients yet)
New webdav property for share permissions
Background repair steps can be specified info.xml
Background jobs (cron) can now be declared in info.xml
Apps can now define repair steps to run at install/uninstall time
Export contact images via sabre dav plugin
Sabre DAV's browser plugin is available in debug mode to allow easier development around webdav
Technical debt
PSR-4 autoloading forced for OC\ and OCP\, optional for OCA\ docs at https://doc.owncloud.org/server/9.1/developer_manual/app/classloader.html
More cleanup of the sharing code (ongoing)
Changelog:
Version 9.0.0 March 8 2016
Major new ownCloud release, more info announcement and upgrading blogs. Summary:
New: Comments on files
New: Tags for files
New: Notifications (separate from Activity feed)
New: (Federation) Auto-complete of user names
New: (Federation) Trusted Servers
New: Code signing, checked when updating or installing core and apps
New: Stand-alone updater for more reliable upgrading
Improved sharing behavior and performance
New External Storage API's for improved scalability
Calendar and Contacts Apps were rewritten. The CalDAV and CardDAV backends are now part of core
Security hardening
ownCloud API work to improve scalability
Many small improvements
* Remove databases/php-mysql dependency, it is not used
Changelog:
Version 8.2.2 December 22 2015
Sharing improvements
Passing an empty base in this diagnosis call will not result in LDAP errors
Send sharing link to more than one recipient
Cannot share at all when share with link is disabled globally
Delete share hotspot not wide enough
Can't access a shared folder on external storage
Fix S2S error handling, making WebDAV work and get rid of undeletable files
Files/folders created while the users group was included in 'Exclude groups from sharing' cannot be shared even if the group is removed from the excluded groups.
"unshare" action should be called "unshare" in the action menu and not "delete"
Fix shared files of deleted users, detect DN change when checking for existence on LDAP
Etag isn't propagated to the root of the share owner if the file is uploaded to a group reshare
Empty etag after moving shared file into a commonly received share
The ajax code path unshares a link share when updating the password
Other fixes
MySQL file socket not working during initial setup
Multiple PUT requests to new DAV backend results in locked file
Dont output paths in scan.php
Activity oracle sql error for favorites
Check the expiration date for null
Stray locks not being cleaned: server replied: Locked
Login attributes tab. Other attributes combobox does not keep the selection if the users click away
Fix trashbin wrapper when no user is logged in
Handle non existing files in version previews
Properly preserve home folder naming enforcement setting
User details not saved unless click Enter
User management: Password change error display behavior
Add listener for URL change and then close the PDF viewer - files_pdfviewer
Remove white area below pdf viewer on public page - files_pdfviewer
Unable to move /srv/http/owncloud/_oc-upgrade/8.2.1.4/core/resources to /srv/http/owncloud/resources - updater
Fix minification quirks - updater
Accessibility Bug for 8.2 UI
Several UI improvements
Security improvements
Many small improvements
Version 8.2.1 November 18 2015
Sharing improvements:
Show path to file in error message about sharing with owner
Replaced error numbers with details in the sharing error message
Fix pagination on public link share page
Deal with NoUserException in sharing code
Fix cannot change share info after switching sections
Fix changing expiration date of shared link breaks password
Various other fixes
Performance improvements:
Optimize multiple shared locks for a single process
Don't lock if we're only reading cache metadata
Escape like parameter in cache operations
Storage improvements:
Improve dealing with Dropbox and Google Drive
Moving files makes them disappear (SWIFT object store)
Transactional file locking database backend warning is only shown when there is another warning.
Don't lock /$user/files
Include the final update in the transaction when moving a folder in the cache
WebDAV MOVE on a non existing file results in Internal Server Error #20069
Catch all exception if table doesn't exist #19884#19893
Various other objectstore fixes
Usability and UI:
Made error message about file not found more specific in federated sharing
Improved CSS, fonts, text color on various buttons, login screen, menu and settings
Hide strength indication after password change and hide notifications after time-out or on delete
Fixes to inconsistent language and translation support, show language code for unknown languages
Fix icons for share/public folders, fix spinner positions in share tab
Close user menu when clicking on other menus
Sidebar fixes and hiding sidebar for trashbin view
Move alt text for favorite action to image
Sidebar should not open, when renaming a file on mobile
Do not register sidebar panels when no sidebar
Update process: state which step we are going to start and warn if it might be slow
User Management and LDAP fixes:
LDAP fixes for quota, user mapper, initial user creation and connectivity
Fix group admin settings, group assignment when group name is a number
Enable proper CardDAV cookie authentication
Documentation, reliability and stability fixes:
Expose syslog tag in the configuration
Update list of deprecated methods (documentation)
Fixes to text editor
Fixes to activity app
Create several repair steps in update process to clean up shares
Update certificate bundle
Fix multiple issues for IE 8 and 9
Memcache warning with memcached
Fix File versioning with encryption
Update the unencrypted size for versions
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
Make sure that remote shares use the correct uid casing
Variables don't have a class, so we can't use toString() on it
Use IRequest's `getScriptName` functionality instead of $_SERVER
Don't trigger the scroll event of every single item we filter in the file list
Changelog:
Version 8.2.0 October 20th 2015
Major new ownCloud release, more info in announcement blog. Summary:
Updated design
New sidebar
Rewritten Gallery app
Updated text editor
Notifications
Policy for retaining deleted files and file versions
Encrypt/decrypt commands
Many additions to occ command tool for admins
Improved mime type handling
Security Hardening
ownCloud API work: Modular Authentication support, Capabilities Manager and Query Builder and more
Many small improvements
Changelog:
Version 8.1.0 July 6th 2015
Much polishing, stability and performance improvements
Encryption 2.0
Updated Documents
New Mount Options for External Storage
Federated Cloud ID
Integrated documentation
LDAP Wizard Improvements
Security Improvements
App store improvements
Release channels
ownCloud API work: 190 new calls, 50 replaced
Many small improvements
Changelog:
Version 8.0.4 June 9th 2015
occ can now optionally run the update routines without disabling all third party apps
Database handling changes which should improve performance on big systems
better support for very old cURL versions (for QNAP users)
Extended X-Accel-Redirect functionality in nginx
Added work-around for file transfers on 32bit systems
Improved quota calculation
Many fixes and improvements to sharing
Several fixes to upgrade process
Fix deleted folders on client not showing up in trash
fix inability to delete files when quota is 0
Change WebDAV error to 500 instead of 403 on denying overwrite of read-only file
Fixed enforcing expiration date
Fix to Provisioning API
Fixing shared document editing by shared LDAP users
IE 8/9 fixes
Several smaller fixes
Version 8.0.3 May 1st 2015
Fix several Constrain Violation Exceptions
Fix misleading Maintenance mode message
Timezone fixes for countries with 0.5 and 0.75 offsets
Fix usage of default share folder location
Reenable trashbin after failed rename
Fix disabling of APCu
Do not show update notification on mobile
Fix "Only variables should be passed by reference" error log spam
Add timeout to curl
Makes repair errors and warnings visible for the user when upgrading on the command line or in the web UI
Cron shall not operate in case we are in maintenance mode
Disable the cache updater when doing the encryption migration
Fix "Error while updating app" error
Internal Server Error after attempting to do "occ files:scan"
Several smaller fixes
Changelog:
Version 8.0.2 March 11th 2015
Prevent DB errors in certain high load situations
Fix installation and updating of apps from the app store
Fix documentation links
Fix file move/copy when out of storage space
Disable 3rd party apps during upgrade to prevent breaking ownCloud if incompatible apps are used
Fix compatibility with certain MariaDB versions
Print app upgrade information to console
Detect broken APC versions
Fix certain incompatibilities with older PHP 5.4 versions
Several smaller fixes
* Include Calendar and Contacts apps
Changelog:
Version 8.0.0 Feb 9th 2015
Favorites
Federated cloud (Server 2 Server Sharing, Version 2)
Improved apps management page
Improved updater app
Improved search
Direct download support, Broker
More fine grain storage configuration
Provisioning API will be released as part of the community edition
Apps can now specify their dependencies in info.xml
Accessibility improvements
Improved Documents
LDAP/AD: command line functions for creating and deleting LDAP configurations.
LDAP/AD: subtle configuration wizard improvements, including user name attribute detection.
PDF viewer has been updated to a new version of PDF.js
Sharing links are now shorter and "look better"
Usermanagement improvements
Better structured settings and admin page
Performance improvements
App container can now automatically resolve dependencies
Various app API deprecations and features
Improved import for contacts
App development tutorial for building a notes app
Changelog:
Version 7.0.4 Dec 9th 2014
Added XMLWriter check
Better deleted outdated previews
Store storage credential in session only if needed
Don't disclose relative directory path for single shared files of user
Password reset fixes
Fix enable app only for a specific group
fixing port configuration in trusted domains
LDAP fixes
Make group search case sensitive
Allow admin to change users display name
ldap performance improvements
config.php can now be read only
Several smaller fixes
Changelog:
Release "7.0.3"
Oct 22. 2014
- Some OS X server fixes
- Several external storage fixes and improvements
- Close session early to speedup apps page loading
- Add overwrite.cli.url config option
- Fix finding old versions in special cases
- Make versions and encryption aware of copy operations
- Force loading encryption app in all needed cases
- Better filesystem scanning error messages
- LDAP wizard fixes
- Add configuration switch to enable preview mimetypes
- Create backup of all encryption keys before recovery
- Add displayname for admins
- Better config.sample documentation
- Better apps descriptions
- Improve visual feedback if recovery key password gets changed
- Fix some object store integration issues
- Improved data directory configuration
- Fix DAV permissions without create permissions
- Fix filepicker home icon being partly hidden
- Do only follow http and https redirects
- Properly delete old previews
- Prevent upgrades between more than one major versions
- Several security fixes
- Lots of smaller improvements
-----------------------------
Release "6.0.6"
Oct 22. 2014
- Fix finding old versions in special cases
- Make versions and encryption aware of copy operations
- Force loading encryption app in all needed cases
- Better filesystem scanning error messages
- LDAP wizard fixes
- Add configuration switch to enable preview mimetypes
- Create backup of all encryption keys before recovery
- Add displayname for admins
- Several security fixes
- Lots of smaller improvements
-----------------------------
Release "5.0.18"
Oct 22. 2014
- Only allow http and https redirects
- Documentation fixes
- Several security fixes
- Several smaller fixes
-----------------------------
Release "7.0.2"
Aug 26. 2014
- App upgrading stability improvements
- Make default share folder configurable
- Improve readability of error messages
- Log failed authentication
- S3 key fixes
- Fix range requests with encryption
- Several LDAP fixes
- Remove obsolete 'Download preparing' message for zip downloads
- Remove not working checks from code checker
- No error if we try to delete a file which no longer exists
- Fix detection of system wide mount points
- Simplify App navigation
- Add group management to public api
- Remove confusing 'automatic logon rejected' message
- Implement a txt preview fallback for the case that ttf is not support
- Fix tiny thumbnail bug
- Don't display share permission if resharing was disabled by the admin
- Close session right before the download starts
- Fix date display in filepicker
- Don't touch non-oc tables when doing the InnoDB repair step
- Several Documents fixes
- Correctly handle public uploads activities
- Add better 4 image previews to gallery
-----------------------------
Release "6.0.5"
Aug 26. 2014
- Documentation improvements
- fix anonymous upload if logged-in
- Fix handling of special characters in group names
- Fix downloading of big files in special situations
- More consistent handling of debug mode
- Fix sharing email notifications
- Disabling upload button if upload is not possible
- Fix detection of system wide mount points
- Handle video viewer in sharing links correctly
- Update encryption keys recursively if a folder was moved
- Enable download button for public folders
- Handle exceptions if file to too big for trash-bin correctly
- Quota fixes
- Avoid unnecessary writing to the DB when preferences are not changed
- Disable download button if zip download is disabled
- Fix searching for users in special situations
- Mount-point handling fixes
- Correctly handle storage stats for trash bin
- Remove etag warning for trash bin
- Hardened SFTP host verification
-----------------------------
Release "7.0.1"
Aug 4. 2014
- Set maximum width for notification so they don´t overlap the whole header
- Don't preload videos on public sharing
- Fix preview size calculation under certain conditions
- Fix to always show all available versions in the versions dropdown
- Support WebDAV copy operation and make encryption aware of it
- Make sure to set the expire date if a date is set as default
- Improved link icon for better UX
- Fix rendering of blank template
- Only call exec if is is enabled by PHP
- Limit app menu icon size
- Show a warning in the personal settings and admin settins if the encyption keys are not yet initialized
- Always remove share permission if user is excluded from sharing
- Add OCS api call to set expire date for link shares
- Improved db schema migration for sqlite
- Don't try to execute background jobs that no longer exist
- Improve look of search on mobile, save space in top bar
- Set core version after a successful update to make upgrade more robust of app upgrades fail
- Verify whether download URLs are valid
- Fix preview animation on uploading
- Prevent cron.php to trigger apps updating
- Fix remote share when remote server is installed at the root
- Fix files sorting
- Fix calendar import
- Fix gallery pause icon
- Several contacts fixes specifically for PHP 5.3
- Make updater more robust
-----------------------------
Release "7.0.0"
July 23. 2014
- New files view including sorting and endless scrolling
- Server to Server sharing
- Sharing overview
- Improved sharing admin control
- No more mandatory Shared folder
- Improved ownCloud Documents features
- Hugely improved Activity app including email notifications
- Mobile optimized webinterface
- Password strength indicator
- Significant speed improvements
- New user-management
- Support for Swift object stores
- Email configuration wizard
- Email template editor
- Improved upgrade process`
* I gave up subdirectory installation with nginx... (MESSAGES)
Changelog:
Version 6.0.4 June 23rd 2014
Fixed a security issue (Will be disclosed two weeks after this release)
Several LDAP fixes and improvements
Add deprecated warning to load function
File scanner fixes
Heart beat fixes
Encryption fixes for some corner cases
Fix conflict dialog translations
Fix button text overflow
Fix search with Oracle
Php upload errors are written to log
OCS status code fixes
Add PostgreSQL version warning
Version 6.0.3 April 29rd 2014
Several security fixes. (Will be disclosed 2 weeks after the release)
Appframework extensions to improve the compatibility with 3rdparty apps
LDAP performance improvements
Fix updating of email adresses from LDAP
Fix WebDAV timestamp format handling
Disable internet connection check if a proxy is configured
Fix a potential file chunking problem on a server that is running out of storage
Do not expire file chunks while checking their existence
Fix loading of authentication apps in any case
Performance improvements by reducing the number of chmod operations.
Make the trusted domain upgrade feature more robust.
Don't allow creating a "Shared" folder.
Fixed "select all" + download on public page
Fix share as link with email multiple users
Reset time of last update feed polling to fix the updater
Share API fixes
Admin option for public upload with encryption enabled
Fix CIFS with home shares
Detect a missing "data" directory mount
Fix the filesize calculation of encrypted files
Fixes in the OpenStack support
Fixes in the SWIFT support
Don't block PHP sessions during download
Fix sharing oc addressbooks
Several ownCloud Documents improvements and fixes
Several smaller bugfixes
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
* Update MESSAGE to use nginx and php-fpm.
I cannot enable with apache24 (yet).
Changelog:
Version 6.0.2 March 3rd 2014
Several security fixes
Improved trash bin performance for deleting lots of files
Mobile interface improvements
Fix key problems in encryption mode in rare situations
Smaller LDAP improvements
Fix the keep-alive ping for non standard php session lifetimes
Cleanup storage table when deleting an entry
Fix compatibility with xsendfile mode
Fix file size calculation in encryption mode
Fix image previews in trash bin
Fix public upload with enabled enryption
Added APC enabled check
Correctly localise date in notification emails
Improve compatibility with some CIFS servers
Fix shared files and Gallery
Several Contacts compatibility improvements
Several Documents improvements
A lot of smaller bug fixes
Changelog:
Version 6.0.1 Jan 22th 2014
Fix handling of encryption keys
Disable xcache in case admin auth is disabled
Speed DB improvements in user home directory location fetching
Fix some APC configuration problems
Fix duplicate .exe mime-type detection
Support DECIMAL DB schema statement
Fix some API response code problems
Added download workaround for some Android versions.
Turn off not working mod_pagespeed extension
Command line tool option to show user number
Some LDAP fixes for certain configurations
Fix previews for reshared files
Fix unshare on delete behaviour
Fix a CIFS mounting timezone problem
File Trash handling fixes
Fix potential data corruption problem during massive parallel uploads of the same file
Fix versions expiration logic
Fix public upload progress bar
Fix issues with intermittent “Insufficient Storage” message when quota is enabled
* Switch to 6 branch
* Replace interpreters with REPLACE_*
Changelog:
Version 6.0.0a Dec 14th 2013
Remove wrong warnings from logfile
Fix LDAP authentication
Fix LDAP configuration
Fix Share dialog
Fix migration under certain conditions
Fix database encoding for old PHP versions
Fix select all checkbox
Fix migration with lucene search enabled
Fix migration for postgresql
Version 6.0.0 Dec 11th 2013
User Avatars
Previews in files app and other places
Updated design, less clutter and more whitespace
Public gallery sharing
Activities
Better file conflict handling dialog
Improved public App API
Sharing API
Example Files
Share Email Notifications
New Doctrine based database layer
Plural translations
Refactored OC.dialogs (both code and design wise)
Priorize often used languages in personal-settings language selection
Update jquery to 1.10.0 and add jquery-migrate 1.2.1
Show a summary as the last filelist entry
Improve app-management (more verbose error-messages)
Show ‘More apps’ link to app administration directly in app navigation
Templates for newly created files
Add MB indicator to size column
Google Drive external storage uses a new library
New icons for shared and external folders
File uploads conflicts dialog
Possibility to prepopulate a new users home with a skeleton
Public upload with encryption enabled
Users now can decrypt the files again if their encryption app was enabled
Many quota related fixes
Total used space (with quota) now only counts user’s own files
Many external storage fixes, improved performance
Improved file navigation performance by using Ajax calls (no full page reload for each folder)
The file owner can now also restore deleted shared files
New version drop-down with previews and the ability to downloading versions directly
* Fix MESSAGE for sqlite3
Changelog:
Version 5.0.13 Nov 8th 2013
SECURITY: Fix a possible security bypass on admin page under certain circumstances and MariaDB
Correctly update database schema during app update
Fix automatic login rejecion error message
Several Oracle fixes
Fixing serverroot/webroot calculation
Adding detection for aborted uploads for chunked uploads
Fixing directory handling that end with a space
Fixing home storage handling
Allow to share a file/folder as public link also if one of it parents was already shared as link
Fix search in shared folders
Fix check for uploads into Shared folder
Several Shared folder handling fixes
Prefere them PNGs over core SVGs
Fall back to default log file of specified logfile doesn't exist
Several IE fixes
Fix LDAP login for certain circumstances
Fixed chunk size calculation for encrypted files
Fix recursive delete for smb
Fix using touch for creating files for smb
Support OCS Share API
Fix updating ETAGs
Don't write user passwords into logfile
Enable configuration of timezones for logfile timestamps
Cleanup share database table for files that no longer exist
Adding privilege check on move and rename operations
Changelog:
Version 5.0.11 Sep 10th 2013
Fixing upload in shared folders with create privileges
Making ldap more robust in certain situations
Handing quota violation earlier to make the desktop clients more robust
Several quota fixes
Fix issues with certain file names like 0 or false
Disable smb in files_External on windows servers
Enable user to decrypt files again after encryption app was disabled
Improved Encryption messages
Add a searchByMime call to API
Fix multiselects for Firefox on Mac in groups management
Reduce the number of ldap connections
Show a “password incorrect” notice when used shared password is wrong
Switch to the completely new Google Drive SDK.
Scanner: additional tests for reusing etags during scanning
Fix accessing files that are newly created by setting the right mime type
Several Calendar bugfixes
Fixed “Show on Map” in Contacts
A lof of Contacts fixes
Several “Tasks” fixes
Changelog:
Version 5.0.10 Aug 12th 2013
Configurable logfile date format
Several Oracle fixes
Several MSSQL fixes
Make default language configurable
New CLI upgrade script
Correctly calculate folder size
Fix display of search results
Database upgrade fixes
Smaller filesystem cache fixes
Remember password fixes
Encryption fixes
Fix problems with german “Umlauts” in folder name
IE fixes
Improved upgrade logging
Improved external storage status display
Flicker free versions dropdown
Don’t create empty versions
Less noisy debug logfile
Don’t show firstrunwizard during upgrade
Several Calendar fixes
Contacts fixes
Fixes for Gallery
Several smaller fixes
Changelog:
Version 5.0.9 July 15th 2013
Fixes for mounting an WebDAV into an ownCloud
Improved expiration of older versions in the case of a full storage
IE8 fixes
Increased speed when syncing shared files
Oracle compatibility fixes
Make upgrade routine more robust
Fix gallery for certain php configurations
Fix pdf viewer close button
user_external fixes
Several smaller fixes
Version 5.0.8 July 10th 2013
SECURITY: XSS vulnerability in “Share Interface” (oC-SA-2013-029)
SECURITY: Authentication bypass in “user_webdavauth” (oC-SA-2013-030)
New anonymous upload feature
Fix syncing of external filesystems
External filesystems performance improvements
Improve compatibility with Oracle
Improved and simplified theming
Internet explorer 8 fixes
Fixes for partial file uploads
LDAP: fix handling of User and Group Bases
Improved and more robust upgrade system
A lot of encryption system fixes
Do not add groups if user has no groups
Several Contacts fixes
A lot of smaller bugfixes all over the place
Changelog:
Version 5.0.7 June 6th 2013
SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-028)
New encryption app as preview included. WARNING: This is not yet ready for production use but testing and feedback is welcome.
Several LDAP compatibility fixes
Several performance improvements of file handling
Trashbin fixes for Safari
Internet Explorer fixes
Several Contacts fixes
New check for magic_quotes
External Filesystem fixes
Add support for copying/moving folders between storages
Several smaller fixes
Version 5.0.6 May 14th 2013
SECURITY: SQL Injection (oC-SA-2013-019)
SECURITY: Multiple directory traversals (oC-SA-2013-020)
SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-021)
SECURITY: Open redirector (oC-SA-2013-022)
SECURITY: Password autocompletion (oC-SA-2013-023)
SECURITY: Privilege escalation in the calendar application (oC-SA-2013-024)
SECURITY: Privilege escalation and CSRF in the API (oC-SA-2013-025)
SECURITY: Incomplete blacklist vulnerability (oC-SA-2013-026)
SECURITY: Information disclosure: CSRF token + username (oC-SA-2013-027)
Fix renaming of shared files
Fix UUID handling with LDAP
Fix several undelete files issues
Fix LDAP cachekey handling
Several OCS API fixes
Dropbox mounting fixes
Remove ldap group name restrictions
Fix fetching of the userlist with multiple user backends
Turn off password autocompletion
Translation fixes of the Shared folder
Fix the fileactions order for filetypes
Allow to ship a default theme
Disallow URLs containing “@”
Smaller layout improvemens
Log an upgrade warning
Log a trash bin cleanup message
Improved quota calculation
Allow to set Quota to zero
Fix performance regression for uploading of big files
Several Calendar fixes
Use displaynames in contacts
Check for existing address books during migrate->import
Texteditor fixes
Increase the SQLite database timeout
Order images in Gallery
* Fix MESSAGE based on wen@'s patch
Remove duplicated arguments, fix MySQL version.
Changelog:
Version 5.0.5 April 19th 2013
Fix navigation hover effect
Fix database migration
Add a warning in the logfile when doing a migration
Fix renaming of shared files
Improved quota calculation
Fix free space calculation
Several layout fixes
Better save mode check
Cleanup database after user deletion
Fix touch for creating new files
Several trash bin fixes
Update MediaElement.js
Fix double address book problem
Fix layout problem triggered by impress
Several smaller fixes
Security: XSS in flashmediaelement.swf (oC-SA-2013-017)
Security: Authentication bypass in Contacts (oC-SA-2013-018)
Version 5.0.4 April 11th 2013
Fix file renames
Improved compatibility with PostgreSQL
Fixed upgrade for PostgreSQL users
Improved LDAP compatibility
Fix the upgrade hint
Make upgrade more robust fix maintainance mode
Smaller CSS fixes
Fix internet check for proxy users
Manually disable files_archive app to fix upgrade
Fix touch() for local storage
Fix versioning check to allow installation of 3rd party apps
Fix default quota
Several contacts fixes
Several calendar fixes
Fixed ampache support in media player
Improve mail function in antivirus app
Fix setting of user quotas
Fix deleted files size calculation
Fix “You do not have write permissions here” warning
Fix asynchronous loading of users
Fix notice from the nullbyte check
XSS vulnerability in jPlayer (oC-SA-2013-014)
PostgreSQL: Insecure database password generator (oC-SA-2013-015)
Windows: Local file disclosure (oC-SA-2013-016)
Version 5.0.3 April 3th 2013
Correctly handle .part files
Improve PostgreSQL support
Fix database upgrading from old versions
Improved app styles
Version 5.0.2 April 2th 2013
Fix versioning string
Fix compatibility with older MySQL versions
Version 5.0.1 April 2th 2013
Fixed classnames and improved autoloaded to improve compatibility with older PHP versions
Show a warning if an insecure PHP version is used
Filesizes are displayed correctly
Fixed groups in usermanagement
Several Internet Explorer fixes
Use display-names in more places
Fix upgrading of cache
Fix navigation scrollbar for lots of apps
Fixed ETag handling to prevent wrong conflict files
Fix public link handling
Better indexes to improve performance
Several Windows server fixes
Fix renames of shared files
Fix PostgreSQL compatibility
Improve error reporting for app installation
Improved compatibility with Novell eDirectory
Several LDAP fixes
Improved sorting in usermanagement
Improved background jobs
Several CardDAV contacts fixes
Several mediaplayer fixes
Fixes for text editor
Several lucene search fixes
Several smaller fixes
Contacts: SQL Injection (oC-SA-2013-012)
Multiple XSS vulnerabilities (oC-SA-2013-011)
* Change to 5.0 branch.
Changelog:
Version 5.0.0 March 14th 2013
New design
Restore deleted files
New fulltext search
Display names
New photo gallery
Improved calendar and contacts
Improved bookmarks
New documentation system
Improved file cache
Improved security checks
Security hardening in templates
Security hardening: Implemented Content Security Policy
Better versioning of better autoexpire
Extended external storage
New OCS REST API support
Improved apps management
mef
adam
hauke
wiz
ryoon
wen
fhajny
joerg
taca
bouyer
jperkin