Pydio Core / Pydio Enterprise 8.2.3 - Security Release
This release provides bugfixes and security fixes for Pydio 8, upgrade is highly recommended.
CVE IDS: CVE-2019-10049, CVE-2019-10048, CVE-2019-10045, CVE-2019-10047, CVE-2019-10046, CVE-2019-10046, CVE-2019-9642
- Fix zoho display in IE11
- Fix download multiple files on windows env
- Fix download all on smb workspace
- Fix php72 compatibility
- Remove unused variables
- Replace deprecated function
- Bypass writing error in text log
- Fix permission merging with mask
- Let video player add its own cookie
- Remove support for legacyShares
- Seed the version number with server uuid
- Prevent opening html content-types in external window
- Set WebDAV force basic auth to true by default
- Move some more configs in inc file
Upgrade
Patches are provided for all last stable for the major versions:
Pydio 8.2.2
Upgrade to 8.2.3 can be done using the in-app engine or via the Linux Package Manager. Make sure to be on the "Stable" channel.
Older versions
Please note that Pydio 6 and 7 are End-Of-Life since end 2018. There are no more patches provided, urgently consider upgrading to a new version of Pydio. Maybe a good time to give Pydio Cells a try?
Credits
Many thanks to Etienne Gervais, and Ramiro Molina from SecureAuth who reported the vulnerabilities.
Téléchargement
- Pydio Core 8.2.3 - Zip Archive - No Arch : Téléchargement
- Pydio Core 8.2.3 - Tgz Archive - No Arch : Téléchargement
- [auth] Pydio Enterprise 8.2.3 - Zip Archive - No Arch : Téléchargement
- [auth] Pydio Enterprise 8.2.3 - Tar.gz Archive - No Arch : Téléchargement
- Pydio Enterprise 8.2.3 - OVF - No Arch : Téléchargement