Forum

Pydio Cells & Enterprise 2.1.11

Created on 2020/12/16
Component: 
Pydio Cells
License: 
AGPL v3
Release Type: 
Stable

This release is a security fix for 2.1 branch.

It fixes a vulnerability discovered in one GO standard library that only affects users of the SAML SSO connector (Enterprise Edition). This release also rolls out a couple of minor fixes and improvements. 

  • Fix vulnerability linked to xml encoding/decoding affecting the SAML connector. Upgrade is highly recommended if you are using this connector.
  • Fix logging overflow that could create a lock on some circumstances.
  • Additional failsafe mechanisms on datasource sync to avoid false-deletes detection.
  • Lower down "tasks pruning limit" in scheduler, to prevent on-file logs from growing too fast.
  • For backward-compatibility with some existing Pydio 8 installation being migrated to Cells, we introduced a new "loginCI" flag in the pydio.grpc.user service, to make login management case-insentive.
    Please beware that it could slow down some queries.

Credits

A big thanks to the Mattermost security team (@Juho Nurminem)  who alerted us on the possibility of being affected by the xml encoding issue in the go standard library.

Downloads

Téléchargement

Display Share Block: 

Need to Balance Ease-of-Use with Security? Pydio Cells Can Help.

If your organization is serious about secure document sharing and collaboration you need to check out Pydio Cells. Cells was developed specifically to help enterprises balance the need to collaborate effectively with the need to keep data secure.

With robust admin controls, advanced automation capabilities, and a seamless, intuitive end-user experience Pydio is the right choice for organizations looking to balance performance and security without compromising on either. Try Cells live for yourself. Or click on the button below to talk to a Pydio document sharing specialist.