Pydio Core / Pydio Enterprise 8.2.2 - Security Release

Created on 2018/10/11
Release Type: 

This release provides security fixes and upgrade is highly recommended.

For more details about the vulnerabilities, see existing CVE 2018-1999018 and other CVE's publications are on their way (CVE-2018-14772). See also the credits below to the security researchers that reported them. 

This release also brings fixes for the mp3 player that was a bit buggy, and prepares the way for migrating Pydio to Pydio Cells. 


Patches are provided for all last stable for the major versions:  

Pydio 8.2.1

Upgrade to 8.2.2 can be done using the in-app engine or via the Linux Package Manager. Make sure to be on the "Stable" channel. 

Pydio 7.0.4 - Pydio 6.4.2

Please download the attached security patch for this version and simply unzip its content inside your pydio installation. Use for example :

`$ cp -r --verbose -i unzipped-security-patch /path/to/pydio/installation`

Please note that Pydio 6 and 7 will be End-Of-Life at the end of 2018. There will not be anymore security patches, and basically you should urgently consider upgrading to a newer version. Maybe a good time to give Pydio Cells a test ?


Many thanks to Spencer Dodd, Simon Scannell (RIPS Technologies), Robin Peraglie (RIPS Technologies), and Mike Gultieri for reporting these vulnerabilities in a responsible and cooperative manner.


Display Share Block: 

Need to Balance Ease-of-Use with Security? Pydio Cells Can Help.

If your organization is serious about secure document sharing and collaboration you need to check out Pydio Cells. Cells was developed specifically to help enterprises balance the need to collaborate effectively with the need to keep data secure.

With robust admin controls, advanced automation capabilities, and a seamless, intuitive end-user experience Pydio is the right choice for organizations looking to balance performance and security without compromising on either. Try Cells live for yourself. Or click on the button below to talk to a Pydio document sharing specialist.