

You patched the annoying “crash-on-start” bug! 😍 I was collecting diagnostics to help nail it down, but you guys were faster. Keep up the great work! 👍👍👍


You patched the annoying “crash-on-start” bug! 😍 I was collecting diagnostics to help nail it down, but you guys were faster. Keep up the great work! 👍👍👍
Thank you! While that does allay most security concerns, it does beg the question how useful such a vulnerability tracker is if it doesn’t actually show any relevant vulnerabilies and you constantly have to second-guess what it says. Warning signs that aren’t actually warnings because it’s “just a false alarm” quickly teach personell to not take warnings seriously - unti, onel day, it’s not a false alarm…
Thanks for your detailed reply!
To make that happen, the attacker must […] already have access to the server to upload and process the file, which means that security has already failed.
Do I correctly assume that by axis you mean shell or even root level access? If not, any of my regular users (turned rogue…) could upload a poisoned raw file which nextcloud would process to, for instance, generate a thumbnail.
I don’t see the problem with that. It’s what I’ve done with every single disk I own. Why would I bother with badly-written menus, pointless extra content and tons of ads and copyright warnings I need to sit through before I can watch what I paid for?