Package Release Info

nextcloud-20.0.11-bp151.3.15.1

Update Info: openSUSE-2021-1068
Available in Package Hub : 15 SP1 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

nextcloud
nextcloud-apache

Change Logs

* Tue Jul 13 2021 ecsos <ecsos@opensuse.org>
- Update to 20.0.11
  - Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied
  - Fix boo#1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse
  - Fix boo#1188249 - CVE-2021-32680: share expiration date wasn't properly logged
  - Fix boo#1188250 - CVE-2021-32688: lacking permission check with application specific tokens
  - Fix boo#1188251 - CVE-2021-32703: lack of ratelimiting on the shareinfo endpoint
  - Fix boo#1188252 - CVE-2021-32705: lack of ratelimiting on the public DAV endpoint
  - Fix boo#1188253 - CVE-2021-32725: default share permissions were not being respected for federated reshares of files and folders
  - Fix boo#1188254 - CVE-2021-32726: webauthn tokens were not deleted after a user has been deleted
  - Fix boo#1188255 - CVE-2021-32734: possible full path disclosure on shared files
  - Fix boo#1188256 - CVE-2021-32741: lack of ratelimiting on the public share link mount endpoint
  - Bump handlebars from 4.7.6 to 4.7.7 (server#26900)
  - Bump lodash from 4.17.20 to 4.17.21 (server#26909)
  - Bump hosted-git-info from 2.8.8 to 2.8.9 (server#26920)
  - Don't break OCC if an app is breaking in it's Application class (server#26954)
  - Add bruteforce protection to the shareinfo endpoint (server#26956)
  - Ignore readonly flag for directories (server#26965)
  - Throttle MountPublicLinkController when share is not found (server#26971)
  - Respect default share permissions for federated reshares (server#27001)
  - Harden apptoken check (server#27014)
  - Use parent wrapper to properly handle moves on the same source/target storage (server#27016)
  - Fix error when using CORS with no auth credentials (server#27027)
  - Fix return value of getStorageInfo when 'quota_include_external_storage' is enabled (server#27108)
  - Bump patch dependencies (server#27183)
  - Use noreply@ as email address for share emails (server#27209)
  - Bump p-queue from 6.6.1 to 6.6.2 (server#27226)
  - Bump browserslist from 4.14.0 to 4.16.6 (server#27247)
  - Bump webpack from 4.44.1 to 4.44.2 (server#27297)
  - Properly use limit and offset for search in Jail wrapper (server#27308)
  - Make user:report command scale (server#27319)
  - Properly log expiration date removal in audit log (server#27325)
  - Propagate throttling on OCS response (server#27337)
  - Set umask before operations that create local files (server#27349)
  - Escape filename in Content-Disposition (server#27360)
  - Don't update statuses to offline again and again (server#27412)
  - Header must contain a colon (server#27456)
  - Activate constraint check for oracle / pqsql also for 20 (server#27523)
  - Only allow removing existing shares that would not be allowed due to reshare restrictions (server#27552)
  - Bump ws from 7.3.1 to 7.5.0 (server#27570)
  - Properly cleanup entries of WebAuthn on user deletion (server#27596)
  - Throttle on public DAV endpoint (server#27617)
  - Bump vue-loader from 15.9.3 to 15.9.7 (server#27639)
  - Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (server#27651)
  - Validate the theming color also on CLI (server#27680)
  - Downstream encryption:fix-encrypted-version for repairing bad signature errors (server#27728)
  - Remove encodeURI code (files_pdfviewer#396)
  - Only ask for permissions on HTTPS (notifications#998)
  - Fix sorting if one of the file name is only composed with number (photos#785)
  - Backport 20 fix Photos not shown in large browser windows #630 (#686) (photos#810)
  - Update File.vue (photos#813)
  - Update chart.js (serverinfo#309)
  - Only return workspace property for top node in a propfind request (text#1611)
  - ViewerComponent: pass on autofocus to EditorWrapper (text#1647)
  - Use text/plain as content type for fetching the document (text#1692)
  - Log exceptions that happen on unknown exception and return generic messages (text#1698)
  - Add fixup (viewer#924)
  - Fix: fullscreen for Firefox (viewer#929)
Version: 20.0.11-28.1
* Tue Jul 13 2021 ecsos@opensuse.org
- Update to 20.0.11
  - Fix boo#1188247 - CVE-2021-32678: OCS API response ratelimits are not applied
  - Fix boo#1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse
  - Fix boo#1188249 - CVE-2021-32680: share expiration date wasn't properly logged
  - Fix boo#1188250 - CVE-2021-32688: lacking permission check with application specific tokens
  - Fix boo#1188251 - CVE-2021-32703: lack of ratelimiting on the shareinfo endpoint
  - Fix boo#1188252 - CVE-2021-32705: lack of ratelimiting on the public DAV endpoint
  - Fix boo#1188253 - CVE-2021-32725: default share permissions were not being respected for federated reshares of files and folders
  - Fix boo#1188254 - CVE-2021-32726: webauthn tokens were not deleted after a user has been deleted
  - Fix boo#1188255 - CVE-2021-32734: possible full path disclosure on shared files
  - Fix boo#1188256 - CVE-2021-32741: lack of ratelimiting on the public share link mount endpoint
  - Bump handlebars from 4.7.6 to 4.7.7 (server#26900)
  - Bump lodash from 4.17.20 to 4.17.21 (server#26909)
  - Bump hosted-git-info from 2.8.8 to 2.8.9 (server#26920)
  - Don't break OCC if an app is breaking in it's Application class (server#26954)
  - Add bruteforce protection to the shareinfo endpoint (server#26956)
  - Ignore readonly flag for directories (server#26965)
  - Throttle MountPublicLinkController when share is not found (server#26971)
  - Respect default share permissions for federated reshares (server#27001)
  - Harden apptoken check (server#27014)
  - Use parent wrapper to properly handle moves on the same source/target storage (server#27016)
  - Fix error when using CORS with no auth credentials (server#27027)
  - Fix return value of getStorageInfo when 'quota_include_external_storage' is enabled (server#27108)
  - Bump patch dependencies (server#27183)
  - Use noreply@ as email address for share emails (server#27209)
  - Bump p-queue from 6.6.1 to 6.6.2 (server#27226)
  - Bump browserslist from 4.14.0 to 4.16.6 (server#27247)
  - Bump webpack from 4.44.1 to 4.44.2 (server#27297)
  - Properly use limit and offset for search in Jail wrapper (server#27308)
  - Make user:report command scale (server#27319)
  - Properly log expiration date removal in audit log (server#27325)
  - Propagate throttling on OCS response (server#27337)
  - Set umask before operations that create local files (server#27349)
  - Escape filename in Content-Disposition (server#27360)
  - Don't update statuses to offline again and again (server#27412)
  - Header must contain a colon (server#27456)
  - Activate constraint check for oracle / pqsql also for 20 (server#27523)
  - Only allow removing existing shares that would not be allowed due to reshare restrictions (server#27552)
  - Bump ws from 7.3.1 to 7.5.0 (server#27570)
  - Properly cleanup entries of WebAuthn on user deletion (server#27596)
  - Throttle on public DAV endpoint (server#27617)
  - Bump vue-loader from 15.9.3 to 15.9.7 (server#27639)
  - Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (server#27651)
  - Validate the theming color also on CLI (server#27680)
  - Downstream encryption:fix-encrypted-version for repairing bad signature errors (server#27728)
  - Remove encodeURI code (files_pdfviewer#396)
  - Only ask for permissions on HTTPS (notifications#998)
  - Fix sorting if one of the file name is only composed with number (photos#785)
  - Backport 20 fix Photos not shown in large browser windows #630 (#686) (photos#810)
  - Update File.vue (photos#813)
  - Update chart.js (serverinfo#309)
  - Only return workspace property for top node in a propfind request (text#1611)
  - ViewerComponent: pass on autofocus to EditorWrapper (text#1647)
  - Use text/plain as content type for fetching the document (text#1692)
  - Log exceptions that happen on unknown exception and return generic messages (text#1698)
  - Add fixup (viewer#924)
  - Fix: fullscreen for Firefox (viewer#929)
* Wed Feb 03 2021 ecsos@opensuse.org
- Update to 20.0.7
  - Catch NotFoundException when querying quota (server#25315)
  - CalDAV] Validate notified emails (server#25324)
  - Fix/app fetcher php compat comparison (server#25347)
  - Show the actual error on share requests (server#25352)
  - Fix parameter provided as string not array (server#25366)
  - The objectid is a string (server#25374)
  - 20.0.7 final (server#25387)
  - Properly handle SMB ACL blocking scanning a directory (server#25421)
  - Don't break completely when creating the digest fail for one user (activity#556)
  - Only attempt to use a secure view if hide download is actually set (files_pdfviewer#296)
  - Fix opening PDF files with special characters in their name (files_pdfviewer#298)
  - Fix PDF viewer failing on Edge (not based on Chromium) (files_pdfviewer#299)
  - Cannot unfold plain text notifications (notifications#846)
  - Remove EPUB mimetype (text#1391)
* Tue Jan 26 2021 ecsos@opensuse.org
- Update to 20.0.6
  - Make sure to do priority app upgrades first (server#25077)
  - Respect DB restrictions on number of arguments in statements and queries (server#25120)
  - Add a hint about the direction of priority (server#25143)
  - Do not redirect to logout after login (server#25146)
  - Fix comparison of PHP versions (server#25152)
  - Add "composer.lock" for acceptance tests to git (server#25178)
  - Update CRL due to revoked gravatar.crl (server#25190)
  - Don't log keys on checkSignature (server#25193)
  - Update 3rdparty after Archive_Tar (server#25199)
  - Bump CA bundle (server#25219)
  - Update handling of user credentials (server#25225)
  - Fix encoding issue with OC.Notification.show (server#25244)
  - Also use storage copy when dav copying directories (server#25261)
  - Silence log message (server#25263)
  - Extend ILDAPProvider to allow reading arbitrairy ldap attributes for users (server#25276)
  - Do not obtain userFolder of a federated user (server#25278)
  - Bump pear/archive_tar from 1.4.11 to 1.4.12 (3rdparty#603)
  - Add gitignore entry for .github folder of dependencies (3rdparty#604)
  - Clear event array on getting them (activity#551)
* Thu Jan 14 2021 ecsos@opensuse.org
- Update to 20.0.5
  - Don't log params of imagecreatefromstring (server#24546)
  - Use storage copy implementation when doing dav copy
    (server#24590)
  - Use in objectstore copy (server#24592)
  - Add tel, note, org and title search (server#24697)
  - Check php compatibility of app store app releases
    (server#24698)
  - Fix #24682]: ensure federation cloud id is retruned if FN
    property not found (server#24709)
  - Do not include non-required scripts on the upgrade page
    (server#24714)
  - LDAP: fix inGroup for memberUid type of group memberships
    (server#24716)
  - Cancel user search requests to avoid duplicate results being
    added (server#24728)
  - Also unset the other possible unused paramters (server#24751)
  - Enables the file name check also to match name of mountpoints
    (server#24760)
  - Fixes sharing to group ids with characters that are being url
    encoded (server#24763)
  - Limit getIncomplete query to one row (server#24791)
  - Fix Argon2 descriptions (server#24792)
  - Actually set the TTL on redis set (server#24798)
  - Allow to force rename a conflicting calendar (server#24806)
  - Fix IPv6 localhost regex (server#24823)
  - Catch the error on heartbeat update (server#24826)
  - Make oc_files_trash.auto_id a bigint (server#24853)
  - Fix total upload size overwritten by next upload (server#24854)
  - Avoid huge exception argument logging (server#24876)
  - Make share results distinguishable if there are more than one
    with the exact same display name (server#24878)
  - Add migration for oc_share_external columns (server#24963)
  - Don't throw a 500 when importing a broken ics reminder file
    (server#24972)
  - Fix unreliable ViewTest (server#24976)
  - Update root.crl due to revocation of transmission.crt
    (server#24990)
  - Set the JSCombiner cache if needed (server#24997)
  - Fix column name to check prior to deleting (server#25009)
  - Catch throwable instead of exception (server#25013)
  - Set the user language when adding the footer (server#25019)
  - Change defaultapp in config.sample.php to dashboard to improve
    docs and align it to source code (server#25030)
  - Fix clearing the label of a share (server#25035)
  - Update psalm-baseline.xml (server#25066)
  - Don't remove assignable column for now (server#25074)
  - Add setup check to verify that the used DB version is still
    supported? (server#25076)
  - Correctly set the user for activity parsing when preparing
    a notifica? (activity#542)
  - Bump vue-virtual-grid from 2.2.1 to 2.3.0 (photos#597)
  - Catch possible database exceptions when fetching document data
    (text#1221)
  - Make sure we have the proper PHP version installed before
    running composer (text#1234)
  - Revert removal of transformResponse (text#1235)
  - Bump prosemirror-view from 1.16.1 to 1.16.5 (text#1255)
  - Bump @babel/preset-env from 7.12.1 to 7.12.11 (text#1257)
  - Bump babel-loader from 8.1.0 to 8.2.2 (text#1259)
  - Bump eslint-plugin-standard from 4.0.2 to 4.1.0 (text#1261)
  - Bump vue-loader from 15.9.5 to 15.9.6 (text#1263)
  - Bump prosemirror-model from 1.12.0 to 1.13.1 (text#1265)
  - Bump core-js from 3.7.0 to 3.8.1 (text#1266)
  - Bump stylelint from 13.7.2 to 13.8.0 (text#1269)
  - Bump @babel/plugin-transform-runtime from 7.12.1 to 7.12.10
    (text#1271)
  - Bump sass-loader from 10.0.5 to 10.1.0 (text#1273)
  - Bump webpack-merge from 5.3.0 to 5.7.2 (text#1274)
  - Bump @babel/core from 7.12.3 to 7.12.10 (text#1277)
  - Bump cypress from 5.1.0 to 5.6.0 (text#1278)
  - Bump @vue/test-utils from 1.1.1 to 1.1.2 (text#1279)
  - Bump webpack-merge from 5.7.2 to 5.7.3 (text#1303)
* Tue Dec 15 2020 ecsos@opensuse.org
- The apache subpackage must require the main package, otherwise it
  will not be uninstalled when the main package is uninstalled.
* Mon Dec 14 2020 ecsos@opensuse.org
- Update to 20.0.4
  - Avoid dashboard crash when accessibility app is not installed (server#24636)
  - Bump ini from 1.3.5 to 1.3.7 (server#24649)
  - Handle owncloud migration to latest release (server#24653)
  - Use string for storing a OCM remote id (server#24654)
  - Fix MySQL database size calculation (serverinfo#262)
  - Bump cypress-io/github-action@v2 (viewer#722)
  - Fix] sidebar opening animation (viewer#723)
  - Fix not.exist cypress and TESTING checks (viewer#725)
* Mon Dec 14 2020 ecsos@opensuse.org
- Put apache configuration files in separate subpackage.
* Thu Dec 10 2020 ecsos@opensuse.org
- Use apache-rpm-macros for SUSE.
- Change oc_* macros to nc_* macros.
- Insert macro apache_serverroot also in cron files.
* Thu Dec 10 2020 michael@stroeder.com
- Update to 20.0.3
  * Check quota of subdirectories when uploading to them (server#24181)
  * CircleId too short in some request (server#24196)
  * Missing level in ScopedPsrLogger (server#24212)
  * Fix nextcloud logo in email notifications misalignment (server#24228)
  * Allow selecting multiple columns with SELECT DISTINCT (server#24230)
  * Use file name instead of path in 'not allowed to share' message (server#24231)
  * Fix setting images through occ for theming (server#24232)
  * Use regex when searching on single file shares (server#24239)
  * Harden EncryptionLegacyCipher a bit (server#24249)
  * Update ScanLegacyFormat.php (server#24258)
  * Simple typo in comments (server#24259)
  * Use correct year for generated birthdays events (server#24263)
  * Delete files that exceed trashbin size immediately (server#24297)
  * Update sabre/xml to fix XML parsing errors (server#24311)
  * Only check path for being accessible when the storage is a object home (server#24325)
  * Avoid empty null default with value that will be inserted anyways (server#24333)
  * Fix contacts menu position and show uid as a tooltip (server#24342)
  * Fix the config key on the sharing expire checkbox (server#24346)
  * Set the display name of federated sharees from addressbook (server#24353)
  * Catch storage not available in versions expire command (server#24367)
  * Use proper bundles for files client and fileinfo (server#24377)
  * Properly encode path when fetching inherited shares (server#24387)
  * Formatting remote sharer should take protocol, path into account (server#24391)
  * Make sure we add new line between vcf groups exports (server#24443)
  * Fix public calendars shared to circles (server#24446)
  * Store scss variables under a different prefix for each theming config version (server#24453)
  * External storages: save group ids not display names in configuration (server#24455)
  * Use correct l10n source in files_sharing JS code (server#24462)
  * Set frame-ancestors to none if none are filled (server#24477)
  * Move the password fiels of chaging passwords to post (server#24478)
  * Move the global password for files external to post (server#24479)
  * Only attempt to move to trash if a file is not in appdata (server#24483)
  * Fix loading mtime of new file in conflict dialog in firefox (server#24491)
  * Harden setup check for TLS version if host is not reachable (server#24502)
  * Fix file size computation on 32bit platforms (server#24509)
  * Allow subscription to indicate that a userlimit is reached (server#24511)
  * Set mountid for personal external storage mounts (server#24513)
  * Only execute plain mimetype check for directories and do the fallback? (server#24517)
  * Fix vsprint parameter (server#24527)
  * Replace abandoned log normalizer with our fork (server#24530)
  * Add icon to user limit notification (server#24531)
  * Also run repair steps when encryption is disabled but a legacy key is present (server#24532)
  * [3rdparty][security] Archive TAR to 1.4.11 (server#24534)
  * Generate a new session id if the decrypting the session data fails (server#24553)
  * Revert "Do not read certificate bundle from data dir by default" (server#24556)
  * Dont use system composer for autoload checker (server#24557)
  * Remember me is not an app_password (server#24563)
  * Do not load nonexisting setup.js (server#24582)
  * Update sabre/xml to fix XML parsing errors (3rdparty#529)
  * Use composer v1 on CI (3rdparty#532)
  * Bump pear/archive_tar from 1.4.9 to 1.4.11 (3rdparty#536)
  * Replace abandoned log normalizer with our fork (3rdparty#543)
  * Allow nullable values as subject params (activity#535)
  * Don't log when unknown array is null (notifications#803)
  * Feat/virtual grid (photos#550)
  * Make sure we have a string to localecompare to (photos#583)
  * Always get recommendations for dashboard if enabled (recommendations#336)
  * Properly fetch oracle database information (serverinfo#258)
  * Also register to urlChanged event to update RichWorkspace (text#1181)
  * Move away from GET (text#1214)
* Thu Nov 19 2020 michael@stroeder.com
- Update to 20.0.2
  * CVE-2020-8293: Fixed input validation which allowed users to store unlimited
    data in workflow rules (boo#1181445).
  * CVE-2020-8294: Fixed a missing link validation (boo#1181803).
  * Inidicate preview availability in share api responses (server#23419)
  * CalDavBackend: check if timerange is array before accessing (server#23563)
  * Some emojis are in CHAR_CATEGORY_GENERAL_OTHER_TYPES (server#23575)
  * Also expire share type email (server#23583)
  * Only use index of mount point when it is there (server#23611)
  * Only retry fetching app store data once every 5 minutes in case it fails (server#23633)
  * Bring back the restore share button (server#23636)
  * Fix updates of NULL appconfig values (server#23641)
  * Fix sharing input placeholder for emails (server#23646)
  * Use bigint for fileid in filecache_extended (server#23690)
  * Enable theming background transparency (server#23699)
  * Fix sharer flag on ldap:show-remnants when user owned more than a single share (server#23702)
  * Make sure the function signatures of the backgroundjob match (server#23710)
  * Check if array elements exist before using them (server#23713)
  * Fix default quota display value in user row (server#23726)
  * Use lib instead if core as l10n module in OC_Files (server#23727)
  * Specify accept argument to avatar upload input field (server#23732)
  * Save email as lower case (server#23733)
  * Reset avatar cropper before showing (server#23736)
  * Also run the SabreAuthInitEvent for the main server (server#23745)
  * Type the \OCP\IUserManager::callForAllUsers closure with Psalm (server#23749)
  * Type the \OCP\AppFramework\Services\IInitialState::provideLazyInitial? (server#23751)
  * Don't overwrite the event if we use it later (server#23753)
  * Inform the user when flow config data exceeds thresholds (server#23759)
  * Type the \OCP\IUserManager::callForSeenUsers closure with Psalm (server#23763)
  * Catch errors when closing file conflict dialog (server#23774)
  * Document the backend registered events of LDAP (server#23779)
  * Fetch the logger and system config once for all query builder instances (server#23787)
  * Type the event dispatcher listener callables with Psalm (server#23789)
  * Only run phpunit when "php" changed (server#23794)
  * Remove bold font-weight and lower font-size for empty search box (server#23829)
  * No need to check if there is an avatar available, because it is gener? (server#23846)
  * Ensure filepicker list is empty before populating (server#23850)
  * UserStatus: clear status message if message is null (server#23858)
  * Fix grid view toggle in tags view (server#23874)
  * Restrict query when searching for versions of trashbin files (server#23884)
  * Fix potentially passing null to events where IUser is expected (server#23894)
  * Make user status styles scoped (server#23899)
  * Move help to separate stylesheet (server#23900)
  * Add default font size (server#23902)
  * Do not emit UserCreatedEvent twice (server#23917)
  * Bearer must be in the start of the auth header (server#23924)
  * Fix casting of integer and boolean on Oracle (server#23935)
  * Skip already loaded apps in loadApps (server#23948)
  * Fix repair mimetype step to not leave stray cursors (server#23950)
  * Improve query type detection (server#23951)
  * Fix iLike() falsely turning escaped % and _ into wildcards (server#23954)
  * Replace some usages of OC_DB in OC\Share\* with query builder (server#23955)
  * Use query builder instead of OC_DB in trashbin (server#23971)
  * Fix greatest/least order for oracle (server#23975)
  * Fix link share label placeholder not showing (server#23992)
  * Unlock when promoting to exclusive lock fails (server#23995)
  * Make sure root storage is valid before checking its size (server#23996)
  * Use query builder instead of OC_DB in OC\Files\* (server#23998)
  * Shortcut to avoid file system setup when generating the logo URL (server#24001)
  * Remove old legacy scripts references (server#24004)
  * Fix js search in undefined ocs response (server#24012)
  * Don't leave cursors open (server#24033)
  * Fix sharing tab state not matching resharing admin settings (server#24044)
  * Run unit tests against oracle (server#24049)
  * Use png icons in caldav reminder emails (server#24050)
  * Manually iterate over calendardata when oracle is used (server#24058)
  * Make is_user_defined nullable so we can store false on oracle (server#24079)
  * Fix default internal expiration date enforce (server#24081)
  * Register new command db:add-missing-primary-keys (server#24106)
  * Convert the card resource to a string if necessary (server#24114)
  * Don't throw on SHOW VERSION query (server#24147)
  * Bump dompurify to 2.2.2 (server#24153)
  * Set up FS before querying storage info in settings (server#24156)
  * Fix default internal expiration date (server#24159)
  * CircleId too short in some request (server#24178)
  * Revert "circleId too short in some request" (server#24183)
  * Missing level in ScopedPsrLogger (server#24212)
  * Fix activity spinner on empty activity (activity#523)
  * Add OCI github action (activity#528)
  * Disable download button by default (files_pdfviewer#257)
  * Feat/dependabot ga/stable20 (firstrunwizard#442)
  * Fix loading notifications without a message on oracle (notifications#796)
  * Do not setup appdata in constructor to avoid errors causing the whole instance to stop working (text#1105)
  * Bump eslint-plugin-standard from 4.0.1 to 4.0.2 (text#1125)
  * Bump sass-loader from 10.0.1 to 10.0.5 (text#1134)
  * Bump webpack from 4.44.1 to 4.44.2 (text#1140)
  * Bump dependencies to version in range (text#1164)
  * Validate link on click (text#1166)
  * Add migration to fix oracle issues with the database schema (text#1177)
  * Bump cypress from 4.12.1 to 5.1.0 (text#1179)
  * Fix URL escaping of shared files (viewer#681)
  * Fix component click outside and cleanup structure (viewer#684)
* Sat Oct 24 2020 ecsos@opensuse.org
- Update to 20.0.1
  No changelog from upstream at this time.
Version: 20.0.0-bp151.3.12.1
* Tue Oct 06 2020 ecsos <ecsos@opensuse.org>
- Version 20.0.0 fix some security issues:
  - NC-SA-2020-037
    PIN for passwordless WebAuthm is asked for but not verified
  - NC-SA-2020-033 (CVE-2020-8228)
    Missing rate limit on signup page
  - NC-SA-2020-029 (CVE-2020-8233, boo#1177346)
    Re-Sharing allows increase of privileges
  - NC-SA-2020-026
    Passowrd of share by mail is not hashed when given on the create share call
  - NC-SA-2020-023
    Increase random used for encryption
* Sat Oct 03 2020 ecsos <ecsos@opensuse.org>
- Update to 20.0.0
  * Changes
    The three biggest features we introduce with Nextcloud 20 are:
  - Our new dashboard provides a great starting point for the day
    with over a dozen widgets ranging from Twitter and Github to
    Moodle and Zammad already available
  - Search was unified, bringing search results of Nextcloud apps
    as well as external services like Gitlab, Jira and Discourse
    in one place
  - Talk introduced bridging to other platforms including MS Teams,
    Slack, IRC, Matrix and a dozen others
  * Some other improvements we want to highlight include:
  - Notifications and Activities were brought together, making
    sure you won?t miss anything important
  - We added a ?status? setting so you can communicate to other
    users what you are up to
  - Talk also brings dashboard and search integration, emoji picker,
    upload view, camera and microphone settings, mute and more
  - Calendar integrates in dashboard and search, introduced a list
    view and design improvements
  - Mail introduces threaded view, mailbox management and more
  - Deck integrates with dashboard and search, introduces Calendar
    integration, modal view for card editing and series of smaller
    improvements
  - Flow adds push notification and webhooks so other web apps
    can easily integrate with Nextcloud
  - Text introduced direct linking to files in Nextcloud
  - Files lets you add a description to public link shares
  + Read the full announcement on our blog
- NC-SA-2020-037
    PIN for passwordless WebAuthm is asked for but not verified
  - NC-SA-2020-033 (CVE-2020-8228)
    Missing rate limit on signup page
  - NC-SA-2020-029 (CVE-2020-8233, boo#1177346)
    Re-Sharing allows increase of privileges
  - NC-SA-2020-026
    Passowrd of share by mail is not hashed when given on the create share call
  - NC-SA-2020-023
    Increase random used for encryption
- CVE-2020-8295: Fixed Denial of service attack when resetting the password for a user(boo#1181804)
- Upgrade apps during update process.
* Thu Sep 10 2020 ecsos <ecsos@opensuse.org>
- Update to 19.0.3
  - Fix possible leaking scope in Flow (server#22410)
  - Combine body-login rules in theming and fix twofactor and guest styling on bright colors (server#22427)
  - Show better quota warning for group folders and external storage (server#22442)
  - Add php docs build script (server#22448)
  - Fix clicks on actions menu of non opaque file rows in acceptance tests (server#22503)
  - Fix writing BLOBs to postgres with recent contacts interaction (server#22515)
  - Set the mount id before calling storage wrapper (server#22519)
  - Fix S3 error handling (server#22521)
  - Only disable zip64 if the size is known (server#22537)
  - Change free space calculation (server#22553)
  - Do not keep the part file if the forbidden exception has no retry set (server#22560)
  - Fix app password updating out of bounds (server#22569)
  - Use the correct root to determinate the webroot for the resource (server#22579)
  - Upgrade icewind/smb to 3.2.7 (server#22581)
  - Bump elliptic from 6.4.1 to 6.5.3 (notifications#732)
  - Fixes regression that prevented you from toggling the encryption flag (privacy#489)
  - Match any non-whitespace character in filesystem pattern (serverinfo#229)
  - Catch StorageNotAvailable exceptions (text#1001)
  - Harden read only check on public endpoints (text#1017)
  - Harden check when using token from memcache (text#1020)
  - Sessionid is an int (text#1029)
  - Only overwrite Ctrl-f when text is focussed (text#990)
  - Set the X-Requested-With header on dav requests (viewer#582)
* Fri Aug 28 2020 ecsos <ecsos@opensuse.org>
- Update to 19.0.2
  - [stable19] lower minimum search length to 2 characters (server#21782)
  - [stable19] Call openssl_pkey_export with $config and log errors. (server#21804)
  - [stable19] Improve error reporting on sharing errors (server#21806)
  - [stable19] Do not log RequestedRangeNotSatisfiable exceptions in DAV (server#21840)
  - [stable19] Fix parsing of language code (server#21857)
  - [stable19] fix typo in revokeShare() (server#21876)
  - [stable19] Discourage webauthn user interaction (server#21917)
  - [stable19] Encryption is ready if master key is enabled (server#21935)
  - [stable19] Disable fragile comments tests (server#21939)
  - [stable19] Do not double encode the userid in webauthn login (server#21953)
  - [stable19] update icewind/smb to 3.2.6 (server#21955)
  - [stable19] Respect default share permissions (server#21967)
  - [stable19] allow admin to configure the max trashbin size (server#21975)
  - [stable19] Fix risky test in twofactor_backupcodes (server#21978)
  - [stable19] Fix PHPUnit deprecation warnings (server#21981)
  - [stable19] fix moving files from external storage to object store trashbin (server#21983)
  - [stable19] Ignore whitespace in sharing by mail (server#21991)
  - [stable19] Properly fetch translation for remote wipe confirmation dialog (server#22036)
  - [stable19] parse_url returns null in case a parameter is not found (server#22044)
  - Bump elliptic from 6.5.2 to 6.5.3 (server#22050)
  - [stable19] Correctly remove usergroup shares on removing group members (server#22053)
  - [stable19] Fix height to big for iPhone when using many apps (server#22064)
  - [stable19] reset the cookie internally in new API when abandoning paged results op (server#22069)
  - [stable19] Add Guzzle's InvalidArgumentException (server#22070)
  - [stable19] contactsmanager shall limit number of results early (server#22091)
  - [stable19] Fix browser freeze on long password input (server#22094)
  - [stable19] Search also the email and displayname in user mangement for groups (server#22118)
  - [stable19] Ensured large image is unloaded from memory when generating previews (server#22121)
  - [stable19] fix display of remote users in incoming share notifications (server#22131)
  - [stable19] Reuse cache for directory mtime/size if filesystem changes can be ignored (server#22171)
  - [stable19] Remove unexpected argument (server#22178)
  - [stable19] Do not exit if available space cannot be determined on file transfer (server#22181)
  - [stable19] Fix empty 'more' apps navigation after installing an app (server#22183)
  - [stable19] Fix default log_rotate_size in config.sample.php (server#22192)
  - [stable19] shortcut in reading nested group members when IN_CHAIN is available (server#22203)
  - [stable19] Fix chmod on file descriptor (server#22208)
  - [stable19] Do clearstatcache() on rmdir (server#22209)
  - [stable19] SSE enhancement of file signature (server#22210)
  - [stable19] remove logging message carrying no valuable information (server#22215)
  - [stable19] Add app config option to disable "Email was changed by admin" activity (server#22232)
  - [stable19] Delete chunks if the move on an upload failed (server#22239)
  - [stable19] Silence duplicate session warnings (server#22247)
  - [3rdparty] Doctrine: Fix unquoted stmt fragments backslash escaping (server#22252)
  - [stable19] Allow to disable share emails (server#22300)
  - [stable19] Show disabled user count in occ user:report (server#22302)
  - Bump 3rdparty to last stable19 commit (server#22303)
  - [stable19] fixing a logged deprecation message (server#22309)
  - [stable19] CalDAV: Add ability to limit sharing to owner (server#22333)
  - [stable19] Only copy the link when updating a share or no password was forced (server#22337)
  - [stable19] Remove encryption option for nextcloud external storage (server#22341)
  - [stable19] l10n:Correct appid for WebAuthn (server#22348)
  - [stable19] Properly search for users when limittogroups is enabled (server#22355)
  - [stable19] SSE: make legacy format opt in (server#22381)
  - [stable19] Update the CRL (server#22387)
  - [stable19] Fix missing FN from federated contact (server#22400)
  - [stable19] fix event icon sizes and text alignment (server#22414)
  - [stable19] Bump stecman/symfony-console-completion from 0.8.0 to 0.11.0 (3rdparty#457)
  - [stable19] Add Guzzle's InvalidArgumentException (3rdparty#474)
  - [stable19] Doctrine: Fix unquoted stmt fragments backslash escaping (3rdparty#486)
  - [stable19] Fix cypress (viewer#545)
  - Move to webpack vue global config & bump deps (viewer#558)
* Wed Jul 15 2020 ecsos <ecsos@opensuse.org>
- Update to 19.0.1
  - Security update
    Fix (CVE-2020-8183, NC-SA-2020-026, CWE-256)
    A logic error in Nextcloud Server 19.0.0 caused a plaintext
    storage of the share password when it was given on the initial
    create API call.
- No changelog from upstream at this time.
* Wed Jun 03 2020 ecsos <ecsos@opensuse.org>
- Update to 19.0.0
  * Changes
    Nextcloud Hub v19, code name ?home office?, represents a big step forward
    for remote collaboration in teams.
    This release brings document collaboration to video chats,
    introduces password-less login and improves performance.
    As this is a major release, the changelog is too long to put here.
    Users can look at github milestones to find what has been merged.
    A quick overview of what is new:
  - password-less authentication and many other security measures
  - Talk 9 with built-in office document editing courtesy of Collabora, a grid view & more
  - MUCH improved performance, Deck integration in Calendar, guest account groups and more!
Version: 20.0.0-25.1
* Tue Oct 06 2020 ecsos@opensuse.org
- Version 20.0.0 fix some security issues:
  - NC-SA-2020-037
    PIN for passwordless WebAuthm is asked for but not verified
  - NC-SA-2020-033 (CVE-2020-8228)
    Missing rate limit on signup page
  - NC-SA-2020-029 (CVE-2020-8233, boo#1177346)
    Re-Sharing allows increase of privileges
  - NC-SA-2020-026
    Passowrd of share by mail is not hashed when given on the create share call
  - NC-SA-2020-023
    Increase random used for encryption
* Sat Oct 03 2020 ecsos@opensuse.org
- Update to 20.0.0
  * Changes
    The three biggest features we introduce with Nextcloud 20 are:
  - Our new dashboard provides a great starting point for the day
    with over a dozen widgets ranging from Twitter and Github to
    Moodle and Zammad already available
  - Search was unified, bringing search results of Nextcloud apps
    as well as external services like Gitlab, Jira and Discourse
    in one place
  - Talk introduced bridging to other platforms including MS Teams,
    Slack, IRC, Matrix and a dozen others
  * Some other improvements we want to highlight include:
  - Notifications and Activities were brought together, making
    sure you won?t miss anything important
  - We added a ?status? setting so you can communicate to other
    users what you are up to
  - Talk also brings dashboard and search integration, emoji picker,
    upload view, camera and microphone settings, mute and more
  - Calendar integrates in dashboard and search, introduced a list
    view and design improvements
  - Mail introduces threaded view, mailbox management and more
  - Deck integrates with dashboard and search, introduces Calendar
    integration, modal view for card editing and series of smaller
    improvements
  - Flow adds push notification and webhooks so other web apps
    can easily integrate with Nextcloud
  - Text introduced direct linking to files in Nextcloud
  - Files lets you add a description to public link shares
  + Read the full announcement on our blog
- NC-SA-2020-037
    PIN for passwordless WebAuthm is asked for but not verified
  - NC-SA-2020-033 (CVE-2020-8228)
    Missing rate limit on signup page
  - NC-SA-2020-029 (CVE-2020-8233, boo#1177346)
    Re-Sharing allows increase of privileges
  - NC-SA-2020-026
    Passowrd of share by mail is not hashed when given on the create share call
  - NC-SA-2020-023
    Increase random used for encryption
- CVE-2020-8295: Fixed Denial of service attack when resetting the password for a user(boo#1181804)
- Upgrade apps during update process.
* Thu Sep 10 2020 ecsos@opensuse.org
- Update to 19.0.3
  - Fix possible leaking scope in Flow (server#22410)
  - Combine body-login rules in theming and fix twofactor and guest styling on bright colors (server#22427)
  - Show better quota warning for group folders and external storage (server#22442)
  - Add php docs build script (server#22448)
  - Fix clicks on actions menu of non opaque file rows in acceptance tests (server#22503)
  - Fix writing BLOBs to postgres with recent contacts interaction (server#22515)
  - Set the mount id before calling storage wrapper (server#22519)
  - Fix S3 error handling (server#22521)
  - Only disable zip64 if the size is known (server#22537)
  - Change free space calculation (server#22553)
  - Do not keep the part file if the forbidden exception has no retry set (server#22560)
  - Fix app password updating out of bounds (server#22569)
  - Use the correct root to determinate the webroot for the resource (server#22579)
  - Upgrade icewind/smb to 3.2.7 (server#22581)
  - Bump elliptic from 6.4.1 to 6.5.3 (notifications#732)
  - Fixes regression that prevented you from toggling the encryption flag (privacy#489)
  - Match any non-whitespace character in filesystem pattern (serverinfo#229)
  - Catch StorageNotAvailable exceptions (text#1001)
  - Harden read only check on public endpoints (text#1017)
  - Harden check when using token from memcache (text#1020)
  - Sessionid is an int (text#1029)
  - Only overwrite Ctrl-f when text is focussed (text#990)
  - Set the X-Requested-With header on dav requests (viewer#582)
* Fri Aug 28 2020 ecsos@opensuse.org
- Update to 19.0.2
  - [stable19] lower minimum search length to 2 characters (server#21782)
  - [stable19] Call openssl_pkey_export with $config and log errors. (server#21804)
  - [stable19] Improve error reporting on sharing errors (server#21806)
  - [stable19] Do not log RequestedRangeNotSatisfiable exceptions in DAV (server#21840)
  - [stable19] Fix parsing of language code (server#21857)
  - [stable19] fix typo in revokeShare() (server#21876)
  - [stable19] Discourage webauthn user interaction (server#21917)
  - [stable19] Encryption is ready if master key is enabled (server#21935)
  - [stable19] Disable fragile comments tests (server#21939)
  - [stable19] Do not double encode the userid in webauthn login (server#21953)
  - [stable19] update icewind/smb to 3.2.6 (server#21955)
  - [stable19] Respect default share permissions (server#21967)
  - [stable19] allow admin to configure the max trashbin size (server#21975)
  - [stable19] Fix risky test in twofactor_backupcodes (server#21978)
  - [stable19] Fix PHPUnit deprecation warnings (server#21981)
  - [stable19] fix moving files from external storage to object store trashbin (server#21983)
  - [stable19] Ignore whitespace in sharing by mail (server#21991)
  - [stable19] Properly fetch translation for remote wipe confirmation dialog (server#22036)
  - [stable19] parse_url returns null in case a parameter is not found (server#22044)
  - Bump elliptic from 6.5.2 to 6.5.3 (server#22050)
  - [stable19] Correctly remove usergroup shares on removing group members (server#22053)
  - [stable19] Fix height to big for iPhone when using many apps (server#22064)
  - [stable19] reset the cookie internally in new API when abandoning paged results op (server#22069)
  - [stable19] Add Guzzle's InvalidArgumentException (server#22070)
  - [stable19] contactsmanager shall limit number of results early (server#22091)
  - [stable19] Fix browser freeze on long password input (server#22094)
  - [stable19] Search also the email and displayname in user mangement for groups (server#22118)
  - [stable19] Ensured large image is unloaded from memory when generating previews (server#22121)
  - [stable19] fix display of remote users in incoming share notifications (server#22131)
  - [stable19] Reuse cache for directory mtime/size if filesystem changes can be ignored (server#22171)
  - [stable19] Remove unexpected argument (server#22178)
  - [stable19] Do not exit if available space cannot be determined on file transfer (server#22181)
  - [stable19] Fix empty 'more' apps navigation after installing an app (server#22183)
  - [stable19] Fix default log_rotate_size in config.sample.php (server#22192)
  - [stable19] shortcut in reading nested group members when IN_CHAIN is available (server#22203)
  - [stable19] Fix chmod on file descriptor (server#22208)
  - [stable19] Do clearstatcache() on rmdir (server#22209)
  - [stable19] SSE enhancement of file signature (server#22210)
  - [stable19] remove logging message carrying no valuable information (server#22215)
  - [stable19] Add app config option to disable "Email was changed by admin" activity (server#22232)
  - [stable19] Delete chunks if the move on an upload failed (server#22239)
  - [stable19] Silence duplicate session warnings (server#22247)
  - [3rdparty] Doctrine: Fix unquoted stmt fragments backslash escaping (server#22252)
  - [stable19] Allow to disable share emails (server#22300)
  - [stable19] Show disabled user count in occ user:report (server#22302)
  - Bump 3rdparty to last stable19 commit (server#22303)
  - [stable19] fixing a logged deprecation message (server#22309)
  - [stable19] CalDAV: Add ability to limit sharing to owner (server#22333)
  - [stable19] Only copy the link when updating a share or no password was forced (server#22337)
  - [stable19] Remove encryption option for nextcloud external storage (server#22341)
  - [stable19] l10n:Correct appid for WebAuthn (server#22348)
  - [stable19] Properly search for users when limittogroups is enabled (server#22355)
  - [stable19] SSE: make legacy format opt in (server#22381)
  - [stable19] Update the CRL (server#22387)
  - [stable19] Fix missing FN from federated contact (server#22400)
  - [stable19] fix event icon sizes and text alignment (server#22414)
  - [stable19] Bump stecman/symfony-console-completion from 0.8.0 to 0.11.0 (3rdparty#457)
  - [stable19] Add Guzzle's InvalidArgumentException (3rdparty#474)
  - [stable19] Doctrine: Fix unquoted stmt fragments backslash escaping (3rdparty#486)
  - [stable19] Fix cypress (viewer#545)
  - Move to webpack vue global config & bump deps (viewer#558)
* Wed Jul 15 2020 ecsos@opensuse.org
- Update to 19.0.1
  - Security update
    Fix (CVE-2020-8183, NC-SA-2020-026, CWE-256)
    A logic error in Nextcloud Server 19.0.0 caused a plaintext
    storage of the share password when it was given on the initial
    create API call.
- No changelog from upstream at this time.
* Wed Jun 03 2020 ecsos@opensuse.org
- Update to 19.0.0
  * Changes
    Nextcloud Hub v19, code name ?home office?, represents a big step forward
    for remote collaboration in teams.
    This release brings document collaboration to video chats,
    introduces password-less login and improves performance.
    As this is a major release, the changelog is too long to put here.
    Users can look at github milestones to find what has been merged.
    A quick overview of what is new:
  - password-less authentication and many other security measures
  - Talk 9 with built-in office document editing courtesy of Collabora, a grid view & more
  - MUCH improved performance, Deck integration in Calendar, guest account groups and more!
Version: 18.0.4-bp152.1.1
* Thu Apr 25 2019 ecsos@opensuse.org
- Update to 16.0.0
  Nextcloud 16 is smarter than ever, with machine learning to
  detect suspicious logins and offering clever recommendations.
  Group Folders now sport access control lists so system
  administrators can easily manage who has access to what in
  organization-wide shares. We also introduce Projects, a way to
  easily relate and find related information like files,
  chats or tasks.
  As this is a major release, the changelog is very long.
  Find an overview of what has been improved in this series of blog
  posts:
  - Nextcloud 16 becomes smarter with Machine Learning for security
    and productivity
  - ACL permissions for Groupfolders
  - Nextcloud 16 allows you to link resources to keep track of your
    projects
  - Talk 6.0 brings commands, improved user experience and more
  - Coming soon, seems the github API can't deal with the size of
    our changelog.
Version: 18.0.4-bp151.3.9.1
* Wed May 13 2020 ecsos <ecsos@opensuse.org>
- Add missing security issues for 18.0.3:
    Fix (CVE-2020-8154, NC-SA-2020-018, boo#1171579) and
    (CVE-2020-8155, NC-SA-2020-019, boo#1171572)
- Add missing changelog for 18.0.4
* Sun Apr 12 2020 Olav Reinert <seroton10@gmail.com>
- Make core/js/mimetypelist.js writable
  * Fixes "occ maintenance:mimetype:update-js" command
  * Allows apps to register new mimetypes
- Make core/img/filetypes/ writable
  * Allows apps to register new file icons
- Use standard a2enmod command to manipulate Apache module list
* Sun Mar 29 2020 Olav Reinert <seroton10@gmail.com>
- Enable Apache PHP module on first install only, not on updates
- Make crontab and timer consistent: 5 minutes between jobs
* Tue Mar 24 2020 Michael Ströder <michael@stroeder.com>
- Update to 18.0.3
  - Security update
    Fix (CVE-2020-8154, NC-SA-2020-018, boo#1171579) and
    (CVE-2020-8155, NC-SA-2020-019, boo#1171572)
* Wed Aug 21 2019 Mathias Homann <Mathias.Homann@opensuse.org>
- Update to 16.0.4
  - Always set the display name for user shares (server#16254)
  - Prevent undefined offset 0 in findByUserIdOrMail (server#16325)
  - Use HTTP1.1 to read S3 objects (server#16330)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (server#16338)
  - Bump lodash.merge from 4.6.1 to 4.6.2 (server#16341)
  - Bump lodash from 4.17.11 to 4.17.13 (server#16352)
  - Addsubtag should push to array (server#16405)
  - Add catch for RuntimeException (server#16414)
  - Only prevent disabling encrytion via the API (server#16425)
  - Do not keep searching for recent (server#16432)
  - Update operationprogressbar.js (server#16437)
  - Fix File#putContents(string) on ObjectStorage (server#16444)
  - Pass $configargs to openssl_pkey_export (server#16500)
  - Nested recursion breaking max nested level for parent comment calculation (server#16524)
  - Allow hidden smb shares (server#16527)
  - Allow to provide supported calendar component set internally as a string (server#16536)
  - Lock SCSS so we only run 1 job at a time (server#16541)
  - Fix max contrast retrieval to limit minimum color for relative time (server#16543)
  - Supresses disclosing the userid for LDAP users in the welcome mail (server#16561)
  - Use a pattern to identify sensitive config keys (server#16562)
  - Do not log locked files (server#16564)
  - Log email shares in admin_audit log (server#16566)
  - Change send to sent (server#16567)
  - Do not log all locked exceptions (server#16578)
  - Check the if we can actually access the storage cache for recent files (server#16598)
  - Set proper defaults for v-tooltip usages (server#16607)
  - Fix/xss/on favorite file (server#16610)
  - Log circles and remote shares in admin_audit (server#16627)
  - Make sure we only fetch the file by id for the actual owner (server#16630)
  - Remove unncessary code block in share recommendations, fixed undefined var error (server#16633)
  - Files_external: proper user context for sharing (server#16637)
  - Properly return an int in the getId function of the cache (server#16689)
  - Fix enable/disable user audit message (server#16691)
  - Delay sending event from app init to when they are needed (server#16695)
  - Fix download button shown in public share page with hidden downloads (files_pdfviewer#145)
  - Change name from 'Text editor' to 'Plain text editor' to prevent confusion with 'Text' (files_texteditor#169)
  - Run drone for webpack build (files_texteditor#176)
  - Bump lodash from 4.17.11 to 4.17.14 (files_videoplayer#135)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (firstrunwizard#199)
  - Bump lodash.merge from 4.6.1 to 4.6.2 (firstrunwizard#200)
  - Bump lodash from 4.17.11 to 4.17.14 (firstrunwizard#202)
  - Bump fstream from 1.0.11 to 1.0.12 (firstrunwizard#205)
  - Bump lodash from 4.17.11 to 4.17.13 (notifications#376)
  - Trim the subject before encrypting the subject (notifications#384)
  - Align the notification subject vertically to the icon (notifications#390)
  - Fix notification body text alignment and text contrast (notifications#391)
  - Fix mention and actions layout (notifications#392)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (recommendations#105)
  - Bump lodash from 4.17.11 to 4.17.14 (recommendations#107)
  - Bump tar from 2.2.1 to 2.2.2 (recommendations#120)
  - Bump cypress-image-snapshot from 3.0.1 to 3.0.2 (viewer#102)
  - Bump babel-loader from 8.0.5 to 8.0.6 (viewer#103)
  - Bump cypress-file-upload from 3.1.1 to 3.1.2 (viewer#104)
  - Bump @babel/preset-env from 7.4.4 to 7.4.5 (viewer#109)
  - Bump eslint-plugin-node from 9.0.1 to 9.1.0 (viewer#116)
  - Bump cypress-testing-library from 3.0.1 to 4.0.0 (viewer#119)
  - Bump nextcloud-vue from 0.11.3 to 0.11.4 (viewer#121)
  - Bump webpack-cli from 3.3.2 to 3.3.3 (viewer#127)
  - Bump file-loader from 3.0.1 to 4.0.0 (viewer#130)
  - Bump cypress-image-snapshot from 3.1.0 to 3.1.1 (viewer#131)
  - Bump webpack from 4.33.0 to 4.34.0 (viewer#135)
  - Bump cypress-file-upload from 3.1.2 to 3.1.3 (viewer#137)
  - Bump webpack-cli from 3.3.3 to 3.3.4 (viewer#138)
  - Bump nextcloud-server from 0.15.9 to 0.15.10 (viewer#139)
  - Bump webpack from 4.34.0 to 4.35.0 (viewer#144)
  - Bump eslint-plugin-vue from 5.2.2 to 5.2.3 (viewer#152)
  - Bump webpack-cli from 3.3.4 to 3.3.5 (viewer#153)
  - Bump eslint-plugin-promise from 4.1.1 to 4.2.1 (viewer#154)
  - Bump url-loader from 2.0.0 to 2.0.1 (viewer#155)
  - Bump eslint-plugin-import from 2.17.3 to 2.18.0 (viewer#156)
  - Bump eslint-loader from 2.1.2 to 2.2.1 (viewer#165)
  - Bump webpack from 4.35.2 to 4.35.3 (viewer#176)
  - Bump stylelint-scss from 3.8.0 to 3.9.1 (viewer#178)
  - Bump eslint-plugin-import from 2.18.0 to 2.18.2 (viewer#182)
  - Bump webpack-cli from 3.3.5 to 3.3.6 (viewer#187)
  - Bump vue-loader from 15.7.0 to 15.7.1 (viewer#188)
  - Bump webpack from 4.35.3 to 4.36.1 (viewer#189)
  - Bump webpack from 4.36.1 to 4.38.0 (viewer#194)
  - Bump url-loader from 2.0.1 to 2.1.0 (viewer#196)
  - Bump lodash from 4.17.11 to 4.17.15 (viewer#201)
  - Bump webpack from 4.38.0 to 4.39.0 (viewer#202)
  - Bump webpack from 4.39.0 to 4.39.1 (viewer#204)
  - Detect and switch fullscreen (viewer#47)
  - Update version on master (viewer#66)
  - Test actions (viewer#67)
  - Revert "Test actions" (viewer#68)
  - Bump nextcloud-vue from 0.9.5 to 0.10.0 (viewer#69)
  - Bump eslint-plugin-import from 2.16.0 to 2.17.2 (viewer#70)
  - Bump eslint-import-resolver-webpack from 0.11.0 to 0.11.1 (viewer#71)
  - Bump webpack from 4.29.6 to 4.30.0 (viewer#72)
  - Fix/loading/race condition (viewer#73)
  - Bump webpack-cli from 3.3.1 to 3.3.2 (viewer#90)
  - Bump eslint-plugin-node from 8.0.1 to 9.0.1 (viewer#92)
  - Bump webpack from 4.30.0 to 4.31.0 (viewer#96)
Version: 18.0.4-22.1
* Wed May 13 2020 ecsos@opensuse.org
- Add missing security issues for 18.0.3:
    Fix (CVE-2020-8154, NC-SA-2020-018, boo#1171579) and
    (CVE-2020-8155, NC-SA-2020-019, boo#1171572)
- Add missing changelog for 18.0.4
* Thu Apr 23 2020 ecsos@opensuse.org
- Update to 18.0.4
  - [stable18] Use contacts name on federated activities (server#19879)
  - [stable18] Allow to edit admin/own user in the user management (server#19882)
  - [stable18] Fix hostname in Apple configuration profile (server#19884)
  - [stable18] Don't break when one remote share is down (server#19886)
  - [stable18] Properly emit Viewer event on files and files_sharing (server#19897)
  - [stable18] Get correct mimetype on objectstores (server#19916)
  - [stable18] Properly respect hide download on sharebymail (server#19921)
  - [stable18] Use placeholder values for password fields in external storage webui (server#19922)
  - [stable18] Do not use the instance name as user part of from mail addresses (server#19924)
  - [stable18] Don't allow anchors and queries in remote urls (server#19933)
  - [stable18] fix external storage controller tests (server#19940)
  - Bump acorn from 6.3.0 to 6.4.1 (server#19945)
  - [stable18] properly set 'hide_download' as integer (server#19950)
  - [stable18] fix safari useragent for versions with 3 digits (server#19966)
  - [stable18] Fix default action for deleted shares (server#19982)
  - [stable18] Default value of lookupServerEnabled should be the same everywhere (server#19998)
  - [stable18] Only do regular polling of storage statistics if session_keepalive is enabled (server#19999)
  - [stable18] Fix single "ScopeContext" passed to "setScopes" (server#20001)
  - [stable18] Fix invalid instantiation of TemplateResponse if client not found (server#20008)
  - [stable18] Update the target when it isempty after sharing (server#20016)
  - [stable18] remove the requirement that everything that looks like a placeholder ? (server#20021)
  - [stable18] Handle long dav property paths by hashing them (server#20030)
  - [stable18] Allow the video player on the hide download (server#20044)
  - [stable18] fixes auto-detecting UUID attributes (server#20046)
  - [stable18] Force compatible dependency versions in acceptance tests (server#20051)
  - [stable18] Adjust acceptance tests to incoming shares being accepted by default (server#20060)
  - [stable18] fix OCA\DAV\CalDAV\CalDavBackend search $options (server#20102)
  - [stable18] fix dav browser error page not styled (server#20104)
  - [stable18] Fix language multiselect action (server#20136)
  - [stable18] Remove admin_notifications since it is obsolete since Nextcloud 14 (server#20140)
  - [stable18] change quota design (server#20144)
  - [stable18] RefreshWebcalService: randomly generate calendar-object uri server#20148)
  - [stable18] Close updatenotification channel selector on click outside (server#20155)
  - [stable18] Add app config to disable user flows (server#20158)
  - [stable18] Auto accept group shares for users added to a group (server#20161)
  - [stable18] Use global used space in quota wrappen when external storage is included (server#20163)
  - [stable18] Check the user on remote wipe (server#20166)
  - [stable18] Bugfix - Prevent PHP Warning for count on null on LDAP (server#20175)
  - Bump version on stable18 (server#20195)
  - [stable18] Actually check if the owner is not null (server#20202)
  - [stable18] Remove Acrobat logo from PDF filetype icon (server#20238)
  - [stable18] Dont always use the current users quota when calculating storage info (server#20258)
  - Silence LDAP deprecation logs in NC 18 (server#20274)
  - [stable18] Check for empty authorization headers for office requests (server#20282)
  - [stable18] fixes the return type of BeforeUserLoggedInEvent (server#20296)
  - [stable18] Properly catch NoUserException during upload cleanup (server#20334)
  - [stable18] Catch NotFoundException when getting the user folder (server#20335)
  - [stable18] Try to use the display name of file transfers (server#20366)
  - [stable18] Clear comment on successful post (server#20382)
  - [stable18] Fix systemtags overflow (server#20387)
  - [stable18] update icewind/smb to 3.2.3 (server#20405)
  - [stable18] Add text restore after restore icon (server#20407)
  - [18] Use a normal string to translate. (server#20420)
  - [stable18] Make sure group management works with all types of group names (server#20433)
  - [stable18] Properly display share error messages (server#20471)
  - [stable18] Handle unset owner in sharing (server#20483)
  - [stable18] Update root.crl due to revocation of spgverein.crt (server#20485)
  - [stable18] Close the streams in `writeStream` even when there is an exception (server#20493)
  - [stable18] Fix absolute redirect (server#20495)
  - [stable18] Provide the proper language to the mailer (server#20512)
  - [stable18] do not advertise nulled userId for for systemwide credentials (server#20516)
  - [18] Allow to edit admin user (server#20530)
  - [stable18] Update list of multiple properties (server#20531)
  - [stable18] Fix jsunit tests (server#20548)
  - [stable18] Set fileInfo correctly for LegacyTabs (server#20588)
  - [stable18] Fix Sharing recommendation user display (server#20596)
  - [stable18] Fix IE11 upload fallback methods (server#20602)
  - [stable18] Email activity is missing information (activity#441)
  - [stable18] catch new notfound exception while trying to get owner (activity#446)
  - [stable18] Skip notifications for users with invalid email address. (activity#449)
  - [stable18] Bump pdf.js to 2.1.266 (files_pdfviewer#169)
  - Bump acorn from 7.1.0 to 7.1.1 (firstrunwizard#301)
  - [stable18] Hide slide for app store if disabled (firstrunwizard#313)
  - Bump acorn from 6.4.0 to 6.4.1 (notifications#592)
  - [stable18] Request the permissions for notifications via user interaction (notifications#608)
  - Bump acorn from 6.4.0 to 6.4.1 (recommendations#196)
  - [stable18] Update DefaultOs.php (serverinfo#189)
  - Public pages compatibility (viewer#422)
  - Move cypress to gh actions (viewer#423)
  - Bump acorn from 5.7.3 to 5.7.4 (viewer#425)
  - [stable18] Fix trying to open the sidebar when not available (viewer#428)
  - [stable18] Add public testing (viewer#435)
  - [stable18] Fix public preview url cropping (viewer#450)
  - [stable18] Fix babel transpile settings (viewer#453)
  - [stable18] Await sidebar (viewer#467)
  - [stable18] Change sidebar icon to proper understandable one (viewer#469)
  - [stable18] Fix sidebar full state (viewer#470)
- Add nextcloud-rpmlintrc to reduce build warnings.
- Fix RewriteRules in apache_secure_data.
* Sun Apr 12 2020 seroton10@gmail.com
- Make core/js/mimetypelist.js writable
  * Fixes "occ maintenance:mimetype:update-js" command
  * Allows apps to register new mimetypes
- Make core/img/filetypes/ writable
  * Allows apps to register new file icons
- Use standard a2enmod command to manipulate Apache module list
* Sun Mar 29 2020 seroton10@gmail.com
- Enable Apache PHP module on first install only, not on updates
- Make crontab and timer consistent: 5 minutes between jobs
* Tue Mar 24 2020 michael@stroeder.com
- Update to 18.0.3
  - Security update
    Fix (CVE-2020-8154, NC-SA-2020-018, boo#1171579) and
    (CVE-2020-8155, NC-SA-2020-019, boo#1171572)
* Wed Mar 11 2020 ecsos@opensuse.org
- Update to 18.0.2
  - No changelog from upstream at this time.
* Wed Feb 12 2020 ecsos@opensuse.org
- Update to 18.0.1
  * Changes
  - [stable18] Fix cursor on disabled contenteditable divs (server#18961)
  - Bump style-loader from 1.1.2 to 1.1.3 (server#18982)
  - [stable18] Increase the timeout for app downloads (server#19025)
  - [stable18] Fix loaded controller check (server#19060)
  - [stable18] Allow to await the sidebar (server#19089)
  - [stable18] expose Argon2 options (as we did for bcrypt) (server#19094)
  - [stable18] fix multiselect actions for files (server#19108)
  - [stable18] Adjust filelist color handling to new dark theme value (server#19117)
  - [stable18] Reduce legacy event log level to debug (server#19118)
  - [stable18] New file menu needs to be above the filelist header (server#19119)
  - [stable18] Do not invert avatar colors when dark theme is enabled (server#19121)
  - [stable18] Use the target for file notifications (server#19149)
  - [stable18] Use correct appid for talk (server#19150)
  - [stable18] add hub bundle for easy installation on upgraded instances (server#19153)
  - [stable18] apps can have polyamorous relationships with bundles (server#19166)
  - [stable18] Use themed favicon-fb (server#19189)
  - [stable18] Fix "Call to undefined method
    OCA\\WorkflowEngine\\Entity\\File::t()" (server#19190)
  - [stable18] Fix query selector for inverted icons (server#19206)
  - [stable18] Do not encode contacts menu mailto links (server#19207)
  - [stable18] Give the sharing tab a unique id so it also opens properly
    on other languages (server#19212)
  - [stable18] WebcalRefreshJob: Fix reading refresh rate (server#19228)
  - [stable18] Make sure to catch php errors during job execution (server#19269)
  - [stable18] Center Buttons (server#19271)
  - [stable18] Use the l10n from settings (server#19277)
  - [stable18] Use proper andwhere clause (server#19278)
  - [stable18] Add move (and firstlogin) option to transferownership
    service (server#19279)
  - [stable18] for the DB ot pick an index specify the object_type (server#19283)
  - [stable18] owner transfer multiselect fixes (server#19291)
  - [stable18] Allow respecting PASSWORD_DEFAULT (server#19292)
  - [stable18] Keep the modification time during decryptFile (server#19297)
  - [stable18] Fix data Apache2 .htaccess typo (server#19302)
  - [stable18] Fix display of DTEND for multi-day all-day event (server#19308)
  - [stable18] do not overwrite global user auth credentials with
    empty values (server#19315)
  - [stable18] Fix occ maintenance:install database connect failure (server#19326)
  - [stable18] Fix event type (server#19330)
  - [stable18] Array access on int will fail on php7.4 (server#19332)
  - [stable18] Make sure the default share provider does not execute
    for other things (server#19334)
  - [stable18] Disable link shares of disabled users (server#19340)
  - [stable18] Prevent archieved download on secure view (server#19360)
  - [stable18] Log Flow activity (server#19396)
  - [stable18] Allow to serve static webm directly (server#19420)
  - 18.0.1 final (server#19422)
  - [stable18] Allow to serve static mp4 directly (server#19428)
  - [stable18] Update master php testing versions (activity#417)
  - Update stable18 target versions (activity#418)
  - [stable18] Update master php testing versions (files_pdfviewer#164)
  - Update stable18 target versions (files_pdfviewer#165)
  - Update stable18 target versions (files_texteditor#194)
  - Update stable18 target versions (firstrunwizard#274)
  - Update stable18 target versions (logreader#313)
  - [stable18] Update master php testing versions (nextcloud_announcements#64)
  - Update stable18 target versions (nextcloud_announcements#65)
  - Update stable18 target versions (notifications#547)
  - [stable18] Add linting via github actions (notifications#555)
  - [stable18] Support Strict VoIP push notifications for
    iOS 13 SDK (notifications#565)
  - [stable18] Update master php testing versions (password_policy#93)
  - Update stable18 target versions (password_policy#94)
  - [stable18] Lint with github actions (photos#153)
  - [stable18] No more drone. Do it all on github actions (photos#158)
  - [stable18] Respect .noimage and .nomedia files (photos#160)
  - [stable18] added headers for your photos and favs (photos#172)
  - [stable18] Fix/actions (photos#174)
  - [stable18] Fix url escaping (photos#175)
  - [stable18] Use actions from tutorial (photos#181)
  - Update stable18 target versions (privacy#323)
  - Update stable18 target versions (recommendations#182)
  - Update stable18 target versions (serverinfo#170)
  - [stable18] Update master php testing versions (survey_client#104)
  - Update stable18 target versions (survey_client#105)
  - [stable18] GitHub actions/lint (viewer#368)
  - Fix url escaping (viewer#370)
  - [stable18] Adjust tests syntax & formatting (viewer#379)
  - [stable18] Use actions from tutorial (viewer#385)
  - [stable18] Revert "Fix url escaping" (viewer#396)
* Fri Jan 17 2020 ecsos@opensuse.org
- Update to 18.0.0
  As this is a major release, the changelog is too long to put here.
  Users can look at github milestones to find what has been merged.
  A quick overview of what is new:
  - Files - features an improved sidebar, accepting internal
    shares & folder owner transfership
  - Workspaces brings context to your folders, facilitating
    collaboration in one place.
  - File locking prevents conflicts editing shared files with
    others
  - Flow - Brings extensive, easy to use workflow capabilities to
    Nextcloud. Automatically turn documents in PDFs, send messages
    to chat rooms and more!
  - ONLYOFFICE - Built in ONLYOFFICE makes collaborative editing of
    Microsoft Office documents accessible to everyone
  - Photos - A brand new image gallery makes finding, browsing and
    sharing your images easier than ever before.
  - Calendar 2.0 - Calendar 2.0 books Talk meetings, brings busy
    view for meetings and resource booking and more
  - Mail - Mail 1.0 recognizes itineraries, handles rich text mails
    and more
  - Talk - rewritten user interface brings message delivery notifications,
    circles support, message replies and flow integration
- Add "occ maintenance:repair" during package update to fix possible (db) errors.
* Thu Dec 19 2019 ecsos@opensuse.org
- Update to 17.0.2
  - Actually return the quote when getting global storage info (server#17851)
  - Also set X-OC-Mtime header for files that are smaller than 10MB (server#17858)
  - FIX: horizontal scrolling on mobile due to tab accessibility
    navigation 'skip to content' positioned at a fixed position (server#17883)
  - Fix reshare with circle (server#17916)
  - Bump icewind/searchdav (server#17919)
  - Make timeout a optional parameter (server#17925)
  - Check quota before transfer ownership (server#17928)
  - Re-acquired expired shared locks on large file uploads (server#17945)
  - Pass through ServerNotAvailableException on app init (server#17952)
  - Do not check for updates if we have no internet (server#18036)
  - Convert more columns to bigint (server#18040)
  - Fix installing with MySQL 8.0.4+ (server#18043)
  - Uid can be false when the user record does not exit (server#18047)
  - Update the CRL (server#18050)
  - Make chunksize (used to check for gone LDAP users) configurable (server#18054)
  - Remove objectstore credentials (server#18075)
  - Incorrect integer value: '' for column 'password_invalid' while migra? (server#18100)
  - Trim the login name (server#18156)
  - Delay creation of the cert bundle (server#18186)
  - Handle token insert conflicts (server#18189)
  - Throw an invalid token exception is token is marked outdated (server#18198)
  - Backport #18120 (server#18205)
  - Mark "Talk" active on /call/token URLs (server#18221)
  - Allow to unfavorite all files (server#18247)
  - Hide the tooltip if the list row is rerendered (server#18252)
  - Move overwritehost check to isTrustedDomain (server#18306)
  - Convert various columns in oc_mounts to bigint (server#18307)
  - Do not disable authentication apps (server#18332)
  - Sharee API GS fixes (server#18337)
  - Handle IPv6 addresses with an explict incoming interface at the end (server#18352)
  - Adding share type circles (server#18355)
  - Fix restoring shared versions (server#18358)
  - Support more IPv6 addresses in the RefreshWebcalJob (server#18366)
  - Bump the CRL (server#18375)
  - Allow to detect mimetype by content (server#18386)
  - Bump serialize-javascript and handlebars (server#18419)
  - Update icewind/searchdav to 1.0.2 (3rdparty#351)
  - Is_dir can be null on blacklisted files (activity#407)
  - Remove debug log (activity#412)
  - Stable17 Use @nextcloud/axios so the csrf token gets refreshed (notifications#471)
  - Fix header icon hover & focus feedback (notifications#495)
  - Fix cutting of multibyte characters (notifications#499)
  - Do not send push notifications when nothing was deleted (notifications#506)
* Thu Nov 07 2019 ecsos@opensuse.org
- Update to 17.0.1
  - Always use the folder icon depending on the mount type if not a share mount (server#17156)
  - Fix "create folder" icon overlaying home icon (server#17219)
  - Fix directory detection for s3 (server#17273)
  - Fix user with id 0 to be able to comment (server#17274)
  - Handle moveFromStorage within the same storage even when storage wrap? (server#17277)
  - Dont delete cache entries if deleting an object from object store failed (server#17281)
  - Correctly detect the mimetype from uploads (server#17295)
  - Add (hidden) option to configure smb timeout (server#17298)
  - Position fixed for .toastify.toast (server#17300)
  - Fix fetching additional search results on scrolling down (server#17305)
  - Bring the default font size up to 15px (server#17309)
  - Use handlebars from node_modules (on CI) (server#17348)
  - Reduce adressbook change events and handling (server#17351)
  - Fix typo in "which" (server#17358)
  - Fix updating and deleting authtokens (server#17415)
  - Allow removing federated shares of locally reshared files (server#17418)
  - Fix oauth client redirect (server#17438)
  - Don't call basename on null (server#17444)
  - Fix axios csrf token update event (server#17453)
  - Use @nextcloud/axios to keep the CSRF token in sync (server#17455)
  - Kill ui-regression ci job (server#17457)
  - Force hide tooltips on sidebar close (server#17493)
  - Only cache the mimetype if the file exists (server#17538)
  - Set the proper filename for version downloads (server#17541)
  - Load additional scripts on help page (server#17578)
  - Let SCSS cleanup only run once (server#17579)
  - Pass on direct query parameter during login (server#17581)
  - Added documentation links on settings pages (server#17589)
  - Include the share in the Files_Sharing::loadAdditionalScripts event (server#17597)
  - Treat LDAP error 50 as auth issue, prevents lost server connection errors (server#17617)
  - Hide strange Everyone and Disabled group numbers with LDAP (server#17621)
  - Fix browser back button (server#17638)
  - Fix filename overlapping on mobile (server#17676)
  - Harden middleware check (server#17681)
  - Fix jsConfigHelper lang/locale mixup (server#17686)
  - Fix weird KDE bug with loginflowv2 (server#17688)
  - Make sure limit is never negative (server#17716)
  - Fix DAV mimetype search (server#17731)
  - Return null from migration to match with typehint (server#17742)
  - Do not show 'Get your own free account' on services under subscription (server#17748)
  - Fix action menu on mobile (server#17766)
  - Bring back external storage group select delete (server#17767)
  - Switch to Files Node API for zip generation (server#17840)
  - Use correct route to generate (nextcloud_announcements#56)
  - Name of the collector is `Php`. (survey_client#98)
  - Update version on master (viewer#232)
  - Bump eslint-plugin-node from 9.2.0 to 10.0.0 (viewer#235)
  - Bump @babel/core from 7.5.5 to 7.6.0 (viewer#236)
  - Bump @babel/preset-env from 7.5.5 to 7.6.0 (viewer#237)
  - Bump webpack-cli from 3.3.7 to 3.3.8 (viewer#238)
  - Bump webpack from 4.39.3 to 4.40.1 (viewer#242)
  - Bump webpack from 4.40.1 to 4.40.2 (viewer#245)
  - Bump webpack-cli from 3.3.8 to 3.3.9 (viewer#250)
  - Bump eslint-config-nextcloud from 0.0.5 to 0.0.6 (viewer#258)
  - Bump url-loader from 2.1.0 to 2.2.0 (viewer#259)
* Wed Oct 02 2019 ecsos@opensuse.org
- Add missing CronJob for Nextcloud.
* Tue Oct 01 2019 ecsos@opensuse.org
- Update to 17.0.0
  Nextcloud 17 introduces a series of secure collaboration features
  including a collaborative text editor, remote wipe, updated
  secure view, improved two-factor-authentication and easier access
  than ever with deeper integration of large-scale storage like S3
  and IBM Spectrum Scale.
  As this is a major release, the changelog is too long to put
  here.
  Users can look at github milestones to find what has been merged.
  A quick overview of what is new:
  - Remote Wipe allows users and administrators to forcibly clean
    files from remote devices, for example in case they are stolen.
  - Nextcloud Text, our new distraction-free, collaborative rich t
    ext editor
  - Improvements to secure view like enforcable watermarks enable
    virtual data room use
  - Setup two-factor authentication after first login, admins can
    create one-time login tokens in the web UI and delegate this
    to group admins
  - secure mailbox in Outlook Add-in
  - LDAP write support makes it possible to manage users from
    Nextcloud
  - S3 versioning support, IBM Spectrum Scale integration and
    Global Scale with Collabora Online
* Wed Sep 25 2019 ecsos@opensuse.org
- Update to 16.0.5
  - Make possible to focus grid/list view toggle via keyboard (server#16745)
  - Fix tracking of auto disabled apps in Updater (server#16753)
  - Filter more configs (server#16802)
  - Correctly remove apps without any releases (server#16818)
  - Undefined variable response when server is no nextcloud anymore (server#16826)
  - Change access handling of projects (server#16837)
  - Only add the app-itunes-app tag if the id is set (server#16848)
  - Use custom client URL in welcome emails (server#16883)
  - Properly redirect if accessing invalid file though /f/ entrypoint (server#16891)
  - Bump mixin-deep from 1.3.1 to 1.3.2 (server#16896)
  - Only run integration tests when PHP was modified (server#16909)
  - Ignore Enter key up event on menu button toggles (server#16921)
  - Be sure to get the jailed path if the storage is a jail (server#16991)
  - Remove orphaned calendar data from deleted subscriptions (server#16994)
  - Only run code coverage CI on merge (server#16995)
  - Returns 404 (server#16997)
  - Properly initialize the CacheJail for sharing (server#17061)
  - Fix SMB availability status + higher delay on auth issues (server#17070)
  - When you click on thumbnail of a file, it should open the file not the sidebar (server#17091)
  - Emit moveToTrash event only for the deleting user (server#17099)
  - Fix opening apps with Ctrl+click (server#17103)
  - Always use the folder icon depending on the mount type if not a share mount (server#17155)
  - Don't send executionContexts for Clear-Site-Data (server#17157)
  - Add uid to delete temp token query (server#17197)
  - Fix l10n in federated file sharing (server#17211)
  - Nextcloud 16.0.5 (server#17250)
  - Fix spaces being collapsed in move dialog (server#17257)
  - Better dark theme support (activity#389)
  - Fix travis database tests (activity#390)
  - Bump lodash from 4.17.11 to 4.17.14 (files_texteditor#174)
  - Translate menu action (files_texteditor#183)
  - Bump mixin-deep from 1.3.1 to 1.3.2 (files_videoplayer#138)
  - Bump mixin-deep from 1.3.1 to 1.3.2 (firstrunwizard#211)
  - Randomize the interval. (nextcloud_announcements#48)
  - Improve the notification (nextcloud_announcements#51)
  - Also set the subject when the subject is not too long (notifications#415)
  - Bump eslint-utils from 1.3.1 to 1.4.2 (notifications#418)
  - The backports of #392 and #390 did not work out as expected (notifications#420)
  - Bump mixin-deep from 1.3.1 to 1.3.2 (recommendations#121)
  - Bump eslint-utils from 1.3.1 to 1.4.2 (viewer#221)
* Wed Aug 21 2019 Mathias.Homann@opensuse.org
- Update to 16.0.4
  - Always set the display name for user shares (server#16254)
  - Prevent undefined offset 0 in findByUserIdOrMail (server#16325)
  - Use HTTP1.1 to read S3 objects (server#16330)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (server#16338)
  - Bump lodash.merge from 4.6.1 to 4.6.2 (server#16341)
  - Bump lodash from 4.17.11 to 4.17.13 (server#16352)
  - Addsubtag should push to array (server#16405)
  - Add catch for RuntimeException (server#16414)
  - Only prevent disabling encrytion via the API (server#16425)
  - Do not keep searching for recent (server#16432)
  - Update operationprogressbar.js (server#16437)
  - Fix File#putContents(string) on ObjectStorage (server#16444)
  - Pass $configargs to openssl_pkey_export (server#16500)
  - Nested recursion breaking max nested level for parent comment calculation (server#16524)
  - Allow hidden smb shares (server#16527)
  - Allow to provide supported calendar component set internally as a string (server#16536)
  - Lock SCSS so we only run 1 job at a time (server#16541)
  - Fix max contrast retrieval to limit minimum color for relative time (server#16543)
  - Supresses disclosing the userid for LDAP users in the welcome mail (server#16561)
  - Use a pattern to identify sensitive config keys (server#16562)
  - Do not log locked files (server#16564)
  - Log email shares in admin_audit log (server#16566)
  - Change send to sent (server#16567)
  - Do not log all locked exceptions (server#16578)
  - Check the if we can actually access the storage cache for recent files (server#16598)
  - Set proper defaults for v-tooltip usages (server#16607)
  - Fix/xss/on favorite file (server#16610)
  - Log circles and remote shares in admin_audit (server#16627)
  - Make sure we only fetch the file by id for the actual owner (server#16630)
  - Remove unncessary code block in share recommendations, fixed undefined var error (server#16633)
  - Files_external: proper user context for sharing (server#16637)
  - Properly return an int in the getId function of the cache (server#16689)
  - Fix enable/disable user audit message (server#16691)
  - Delay sending event from app init to when they are needed (server#16695)
  - Fix download button shown in public share page with hidden downloads (files_pdfviewer#145)
  - Change name from 'Text editor' to 'Plain text editor' to prevent confusion with 'Text' (files_texteditor#169)
  - Run drone for webpack build (files_texteditor#176)
  - Bump lodash from 4.17.11 to 4.17.14 (files_videoplayer#135)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (firstrunwizard#199)
  - Bump lodash.merge from 4.6.1 to 4.6.2 (firstrunwizard#200)
  - Bump lodash from 4.17.11 to 4.17.14 (firstrunwizard#202)
  - Bump fstream from 1.0.11 to 1.0.12 (firstrunwizard#205)
  - Bump lodash from 4.17.11 to 4.17.13 (notifications#376)
  - Trim the subject before encrypting the subject (notifications#384)
  - Align the notification subject vertically to the icon (notifications#390)
  - Fix notification body text alignment and text contrast (notifications#391)
  - Fix mention and actions layout (notifications#392)
  - Bump lodash.mergewith from 4.6.1 to 4.6.2 (recommendations#105)
  - Bump lodash from 4.17.11 to 4.17.14 (recommendations#107)
  - Bump tar from 2.2.1 to 2.2.2 (recommendations#120)
  - Bump cypress-image-snapshot from 3.0.1 to 3.0.2 (viewer#102)
  - Bump babel-loader from 8.0.5 to 8.0.6 (viewer#103)
  - Bump cypress-file-upload from 3.1.1 to 3.1.2 (viewer#104)
  - Bump @babel/preset-env from 7.4.4 to 7.4.5 (viewer#109)
  - Bump eslint-plugin-node from 9.0.1 to 9.1.0 (viewer#116)
  - Bump cypress-testing-library from 3.0.1 to 4.0.0 (viewer#119)
  - Bump nextcloud-vue from 0.11.3 to 0.11.4 (viewer#121)
  - Bump webpack-cli from 3.3.2 to 3.3.3 (viewer#127)
  - Bump file-loader from 3.0.1 to 4.0.0 (viewer#130)
  - Bump cypress-image-snapshot from 3.1.0 to 3.1.1 (viewer#131)
  - Bump webpack from 4.33.0 to 4.34.0 (viewer#135)
  - Bump cypress-file-upload from 3.1.2 to 3.1.3 (viewer#137)
  - Bump webpack-cli from 3.3.3 to 3.3.4 (viewer#138)
  - Bump nextcloud-server from 0.15.9 to 0.15.10 (viewer#139)
  - Bump webpack from 4.34.0 to 4.35.0 (viewer#144)
  - Bump eslint-plugin-vue from 5.2.2 to 5.2.3 (viewer#152)
  - Bump webpack-cli from 3.3.4 to 3.3.5 (viewer#153)
  - Bump eslint-plugin-promise from 4.1.1 to 4.2.1 (viewer#154)
  - Bump url-loader from 2.0.0 to 2.0.1 (viewer#155)
  - Bump eslint-plugin-import from 2.17.3 to 2.18.0 (viewer#156)
  - Bump eslint-loader from 2.1.2 to 2.2.1 (viewer#165)
  - Bump webpack from 4.35.2 to 4.35.3 (viewer#176)
  - Bump stylelint-scss from 3.8.0 to 3.9.1 (viewer#178)
  - Bump eslint-plugin-import from 2.18.0 to 2.18.2 (viewer#182)
  - Bump webpack-cli from 3.3.5 to 3.3.6 (viewer#187)
  - Bump vue-loader from 15.7.0 to 15.7.1 (viewer#188)
  - Bump webpack from 4.35.3 to 4.36.1 (viewer#189)
  - Bump webpack from 4.36.1 to 4.38.0 (viewer#194)
  - Bump url-loader from 2.0.1 to 2.1.0 (viewer#196)
  - Bump lodash from 4.17.11 to 4.17.15 (viewer#201)
  - Bump webpack from 4.38.0 to 4.39.0 (viewer#202)
  - Bump webpack from 4.39.0 to 4.39.1 (viewer#204)
  - Detect and switch fullscreen (viewer#47)
  - Update version on master (viewer#66)
  - Test actions (viewer#67)
  - Revert "Test actions" (viewer#68)
  - Bump nextcloud-vue from 0.9.5 to 0.10.0 (viewer#69)
  - Bump eslint-plugin-import from 2.16.0 to 2.17.2 (viewer#70)
  - Bump eslint-import-resolver-webpack from 0.11.0 to 0.11.1 (viewer#71)
  - Bump webpack from 4.29.6 to 4.30.0 (viewer#72)
  - Fix/loading/race condition (viewer#73)
  - Bump webpack-cli from 3.3.1 to 3.3.2 (viewer#90)
  - Bump eslint-plugin-node from 8.0.1 to 9.0.1 (viewer#92)
  - Bump webpack from 4.30.0 to 4.31.0 (viewer#96)
* Wed Jul 10 2019 ecsos@opensuse.org
- Updates require and recommend php module.
* Tue Jul 09 2019 ecsos@opensuse.org
- Update to 16.0.3
  - Do not fail hard on new user mail error (server#16189)
  - Fix redirect after rescanFailedIntegrityCheck to "Overview"
    page (server#16244)
  - Fix permissions for drag-n-drop uploads (server#16249)
  - Try to delete the cypress folder of the viewer app
    (server#16297)
  - Send browser notifications again (notifications#373)
* Thu Jul 04 2019 ecsos@opensuse.org
- Update to 16.0.2
  - Update ca bundle (server#15553)
  - Update ca bundle checker (server#15554)
  - User management/subadmin: rephrase ambiguous error message
    (server#15575)
  - Update shipped.json to include privacy and recommendations
    (server#15592)
  - Show supported apps in app management (server#15593)
  - Update CRL due to revoked cookbook.crt (server#15628)
  - Only show sharing section if it has content (server#15649)
  - Remove quota feedback if no link set (server#15666)
  - Allow redis cluster to use password (server#15686)
  - Don't run repair step for every individual user, outsource that
    to background job (server#15718)
  - Check the actual status code for 204 and 304 (server#15724)
  - [Security] Bump tar from 2.2.1 to 2.2.2 (server#15728)
  - Don't notify admins if no potentially over exposing links found
    (server#15745)
  - Also allow dragging below the file list (server#15754)
  - Change text color in search box in darktheme, ref #15598
    (server#15768)
  - Check for free space on touch (server#15772)
  - Search files by id in shared storages last (server#15799)
  - Hide newFile menu if quota is set to 0B (server#15856)
  - Add core/js/dist/ to l10nignore (server#15948)
  - Add LDAP integr. test for receiving share candidates with
    group limitation (server#15984)
  - Remove auto focus of share input field on dialog open,
    fix #15261 (server#16010)
  - LDAP) API: return one base properly when multiple are
    configured (server#16015)
  - Handle storage exceptions when trying to set mtime
    (server#16038)
  - Fix LDAP Wizard forgetting groups on select with search
    (server#16051)
  - Revert "Fix userid casting in notifications" (server#16068)
  - Fix appid argument for integrity:check-app (server#16080)
  - Fix full text search for groupfolders (server#16082)
  - Fall back to black for non-color values (server#16089)
  - Check if uploading to lookup server is enabled before verifying
    (server#16091)
  - Allow apps to store longer messages in the comments API
    (server#16105)
  - Invalidates user when plugin reported deletion success
    (server#16112)
  - Fix download link included in public share page with hidden
    download (server#16125)
  - Better check reshare permissions (server#16127)
  - Verify that paths are valid for recursive local move
    (server#16128)
  - Don't allow to disable encryption via the API (server#16133)
  - Do not show a internet connectivity warning if internet access
    is dis? (server#16146)
  - Update Nextcloud version in docs link (server#16157)
  - Allow apps to overwrite the maximum length when reading from
    database (server#16177)
  - RefreshWebcalJob: replace ugly Regex with standard php utils
    (server#16201)
  - Better check reshare permissions part2 (server#16211)
  - Fix "unshare group share from self" activity (activity#380)
  - Fix load of character maps (files_pdfviewer#141)
  - [Security] Bump axios from 0.18.0 to 0.18.1
    (firstrunwizard#192)
  - Correctly show errors when setting the password (gallery#529)
  - Blacklist using .noimage (gallery#533)
  - Update dependabot deps in stable16 (notifications#359)
  - Increase size of icon bubble for more visibility
    (notifications#368)
  - Add app description to readme and appinfo (privacy#133)
  - Catch and filter share that can't be found (recommendations#79)
  - [Security] Bump axios from 0.18.0 to 0.18.1
    (recommendations#92)
  - [Security] Bump tar from 2.2.1 to 2.2.2 (viewer#113)
  - [Security] Bump axios from 0.18.0 to 0.19.0 (viewer#117)
* Thu May 16 2019 ecsos@opensuse.org
- Update to 16.0.1
  - Fix setupcheck for intl module (server#15223)
  - Take return of mkdir into consideration; photocache to not
    create a folder for deletion (server#15303)
  - Remove the custom prefix from the table name length when
    checking on ? (server#15312)
  - Check if the data is in the lookup server (server#15341)
  - Do NOT assume all files are selected if the first checkbox is
    (server#15345)
  - Fix collapse button in app navigation in IE11 (server#15389)
  - Make sure all middlewares are only registered once
    (server#15399)
  - Allow to send the password of protected conversations
    (server#15405)
  - Remove extra margin from warning messages in authenticate
    page (server#15409)
  - Set Edge < 16 as incompatible with css vars (server#15417)
  - Remove extra param in cache update call (server#15418)
  - Handle 0 B default quota properly in the web UI
    (server#15424)
  - Fix multiselect min width (server#15433)
  - Make access column a real boolean (server#15434)
  - Fix public upload by also load the semaphore method
    (server#15439)
  - Remove setup args from logging (server#15442)
  - Use non-absolute logout URL to fix wrong URL in reverse proxy
    scenario (server#15452)
  - Fix mobile vertical scrolling (server#15469)
  - Remove recommendation for opcache on CLI (server#15471)
  - Update file-upload.js (server#15482)
  - Add interfaces to interact with subscription from support app
    (server#15513)
  - Fall back to application/octet-stream instead of using an
    invalid mim? (activity#374)
  - Only call setViewerMode if FileList is available
    (files_pdfviewer#132)
  - Use correct CSS URL, remove default marked settings and
    change to GFM rendering (files_texteditor#150)
  - Use correct method to determine if HTTPS is used
    (firstrunwizard#189)
* Fri Apr 26 2019 ecsos@opensuse.org
- Added some missing require and recommend packages.
* Fri Apr 26 2019 ecsos@opensuse.org
- gh#10655 Added php-intl as required package for avoiding upstream
Version: 15.0.7-bp151.1.5
* Tue Apr 09 2019 ecsos@opensuse.org
- Update to 15.0.7
  - Fix for crashing occ files:scan (server#14968)
  - Fix .drone.yml syntax (server#14984)
  - Harden appdata putcontent (server#15000)
  - Check if OCA.Files.App is available before calling
    (server#15001)
* Thu Apr 04 2019 ecsos@opensuse.org
- Update to 15.0.6
  - Fix grid toggle button on public page (server#14376)
  - Fix(EMailTemplate): malformed HTML in some cases (server#14387)
  - Bugfix for issue 10862: Trash-bin ignores
    trashbin_retention_obligation (server#14414)
  - Parse multiple navigation items (server#14416)
  - Fix referrer policy meta tags. (server#14438)
  - Fix a bug with smb notify having leading slash when it should
    not (server#14462)
  - Fix for issue #13319: load oc-backbone-webdav before loading
    versions app (server#14472)
  - Add accessibility translations (server#14490)
  - Run tests that fail with "no such process" over to apache
    server (server#14495)
  - Make header.feature more robust by running it on apache
    (server#14497)
  - Fix expire date change eventhandler (server#14503)
  - Update icewind/smb to 3.0.2 (server#14512)
  - Do not cut full color on accessibility svg color invert
    (server#14516)
  - Dav: Fix handling of chunked WebDAV upload (server#14517)
  - Do not just write foobar (server#14521)
  - Fix database configuration (server#14531)
  - Add activities for group membership changes (server#14534)
  - Check if password can be changed for the users backend in OCS
    api (server#14542)
  - Add test for updated CA bundle (server#14546)
  - Clear backupcode reminder when no 2fa (server#14559)
  - Use a tmp file for swift writes (server#14570)
  - Have streams of files_external in sync (server#14580)
  - Resolve user and groups in nested groups first before filtering
    the results (server#14591)
  - Remove Google+ from Social Sharing Bundle (server#14596)
  - Do not calculate folder size for parent that also needs proper
    scan, fixes #3524 (server#14597)
  - Mention Open Cloud Mesh in Federated User Settings
    (server#14599)
  - Update index.php (server#14601)
  - Remove sensitive SMB arguments from exception log
    (server#14658)
  - Prevent recursion when moving a file to the trashbin
    (server#14661)
  - Disable fragile tests (server#14672)
  - Use SCSS variables since CSS vars are not loaded on public
    pages (server#14677)
  - Handle long etags from dav external storage (server#14694)
  - Improve lookup server behaviour (server#14696)
  - Add an integration test that ensures deletion of LDAP users
    (server#14697)
  - Dont try to restore a trashbin item to a readonly target
    (server#14699)
  - Throw a proper error if rename fails in dav (server#14700)
  - Groupname like username - allow share with both (server#14709)
  - Updated documentation go.php to 15 and adjusted copyright year.
    (server#14716)
  - Always register the Notifier (server#14749)
  - Fix getting the access list on external storage (server#14751)
  - Always allow moving mountpoints inside the same mountpoint
    (server#14759)
  - Use current directory for hashing. (server#14762)
  - Fix user creation using LDAP Plugin (server#14781)
  - Avoid replacement by user object (server#14795)
  - Fix placeholder in disable message (server#14840)
  - Fix setup checks for ocm/ocs-provider (server#14854)
  - Remove Google+ federation usersettings (server#14855)
  - Add setup check for missing UTF8MB4 on mysql (server#14857)
  - Make regions translatable (server#14859)
  - Show a setup warning in case S3 object storage is used as
    primary storage (server#14865)
  - Fix plural rule detection for languages (server#14867)
  - Fix translations of settings (server#14882)
  - Fix opening folders from different file lists (server#14891)
  - Fix hidden file display in grid view (server#14924)
  - Locale is not language (activity#355)
  - Fallback to plaintext subject if no rich subject is set
    (activity#358)
  - Ignore query arguments in single video share for stable15
    (Fix #121) (files_videoplayer#122)
  - Less alerting log entries on fails (notifications#291)
* Fri Mar 01 2019 ecsos@opensuse.org
- Fix Update nextcloud 15.0.4 to 15.0.5 error "ocm-provider"
  apache2. (server#14445)
* Thu Feb 28 2019 ecsos@opensuse.org
- Update to 15.0.5
  - Show autocompletion as soon as "@" is typed (server#13961)
  - Trim filename in webfrontend for windows compatibility
    (server#13978)
  - Clean code and fix drop zone shadow (server#13982)
  - Show original path in trashbin (server#14029)
  - Update icewind/smb to 3.0.1 (server#14068)
  - Fix: Check if `$this->params['user']` is an array
    (server#14085)
  - [Security] Bump lodash from 4.17.10 to 4.17.11
    in /apps/updatenotification (server#14093)
  - [Security] Bump lodash from 4.17.10 to 4.17.11
    in /apps/accessibility (server#14094)
  - [Security] Bump lodash from 4.17.10 to 4.17.11
    in /apps/oauth2 (server#14095)
  - Make sure the relative path is always a string (server#14101)
  - Fix the thorrtler whitelist bitmask (server#14151)
  - [Security] Bump handlebars from 4.0.12 to 4.1.0 in /build
    (server#14187)
  - Fix recent files (server#14195)
  - Update CRL to contain revoked files_external_dropbox,
    passman & payback (server#14201)
  - Ensure attribute names are lower cased (server#14203)
  - Fix small glitches in update notification page (server#14207)
  - Fix expiration date changing (server#14212)
  - Fix trashbin restore translation (server#14213)
  - Remove trailing spaces from localized strings (server#14225)
  - Fixing phpdoc in FullTextSearch/Model/ISearchResult
    (server#14268)
  - Fix empty file uploads to S3 (and other streaming storages)
    (server#14273)
  - Do not do redirect handling when loggin out (server#14275)
  - Catch Request exception in testRemoteUrl (server#14277)
  - Correctly determinate the owner in case of shared external
    storages (server#14283)
  - Fix header label visibility on open menu (server#14287)
  - Prefix $path for filename for internal file cache
    (server#14288)
  - Set false as default for requirePNG (server#14292)
  - Use proper scroll container when dragging files (server#14301)
  - Fix OC.getCurrentUser() on guest pages (server#14308)
  - Fix ocm end-point discovery discovery (server#14312)
  - Apply theme to 2FA button (server#14331)
  - Fix "Undefined index: user_uid" on login page (server#14339)
  - Fix unsafe array access (server#14340)
  - Always query lookup server in GS mode (server#14368)
  - Use latest ca-bundle.crt from
    https://curl.haxx.se/docs/caextract.html (server#14371)
  - Try to support 7.3 for DAV (3rdparty#213)
  - Backport/stable15/streams 0.7.1 (3rdparty#244)
  - Don't add empty entries to the objects array (activity#347)
  - Ensure parameters are always an array (activity#350)
  - Bye, Scrutinizer! (notifications#293)
* Fri Feb 08 2019 ecsos@opensuse.org
- Fix require php versions. boo#1084320
* Thu Feb 07 2019 Michael Ströder <michael@stroeder.com>
- Update to 15.0.4
  - Make external storages browsable again in the web UI
    (server#14076)
  - Upload new files in objectstore to a .part path first
    (server#13036)
  - Broker: add timezone to CANCEL messages (server#13384)
  - Add strengthify.min files (server#13546)
  - Fix click app names (server#13575)
  - Principals can be principal/user/ or principal/ from lega?
    (server#13582)
  - Correctly handle displaynames returned from the sharee API
    (server#13585)
  - Don't close input stream when writing in encrypted file
    (server#13588)
  - Bump pear/archive_tar to 1.4.5 (server#13598)
  - Fix integer background job id type error (server#13609)
  - Fix user settings label translation (server#13611)
  - Fix app navigation flickering on hover (server#13625)
  - Update URL for federation (server#13636)
  - Fix colorizeSvg with transformations that contain a comma (,)
    (server#13653)
  - Use warning background color & primary text color for setting
    warnings (server#13665)
  - Fix template paramter (server#13670)
  - Cache tokens when using swift's v2 authentication
    (server#13740)
  - Cleanup shared lock if changing to exclusive lock failed
    (server#13744)
  - Honor remember_login_cookie_lifetime (server#13758)
  - Fix integration of social sharing into the link popover menu
    (server#13761)
  - Respect user locale in natural sort comparator (server#13762)
  - Call proper function when fetching link shares in the
    breadcrumb view (server#13769)
  - Add acceptance tests for moving and copying files (server#13771)
  - Show proper default locale (server#13781)
  - Ignore non existing users when retrieving details of group
    members (server#13792)
  - Remove .css fileending from accessibility user css route
    (server#13793)
  - Add icon to restore activity (server#13794)
  - Fix long comment in dark theme (server#13804)
  - Bump bower from 1.8.4 to 1.8.8 in /build (server#13821)
  - Fix for high contrast theme (server#13852)
  - Always use multipart uploader for s3 uploads (server#13882)
  - Fix paged search with multiple bases (LDAP) (server#13884)
  - Fix dropping a folder on a folder row (server#13887)
  - Fix updating the password of a link share when passwords are
    enforced (server#13900)
  - Add fallback for trashbin original location (server#13904)
  - Allow shared versions again in legacy backend (server#13905)
  - Improve data directory write checking for NFS mounts
    (server#13906)
  - Clean pending 2FA authentication on password reset
    (server#13915)
  - Forward error message from password policy (server#13918)
  - Remove warning in case of external storage error
    (server#13920)
  - Handle mail send error gracefully (server#13930)
  - Bump pear/archive_tar from 1.4.3 to 1.4.5 (3rdparty#214)
  - Move to SCSS and fix app icon for dark theme (activity#338)
  - Fill screen in fullscreen mode for public videos. Fixes #77
    (files_videoplayer#79)
  - Use target="_blank" and rel="noreferrer noopener"
    (firstrunwizard#105)
  - Fix notification documentation to reflect recent changes
    (notifications#258)
* Sat Jan 12 2019 ecsos@opensuse.org
- Update to 15.0.2
  - Don't log parameters on user creation in case of
    error/exception (server#13479)
  - RemoveClassifiedEventActivity: check if calendar still exists
    (server#13506)
  - Broker: add timezone to CANCEL messages (3rdparty#196)
* Thu Jan 10 2019 ecsos@opensuse.org
- Update to 15.0.1
  - Change doc link for 15 (server#12963)
  - Use strengthify.min on personal settings page (server#12984)
  - Use default cursor for disabled primary buttons (server#13007)
  - Better activities for systemtags that are removed by CLI
    (server#13029)
  - Ie11 compatibility updatenotifications (server#13076)
  - Fix exception on LDAP mapping during login (server#13119)
  - Fix SAML Client login flow on Apple devices (server#13123)
  - Only trust the X-FORWARDED-HOST header for trusted proxies
    (server#13150)
  - Prevent special characters from breaking the file drop remote
    url (server#13151)
  - Allow content provider to generate new Index (server#13155)
  - Make the footer "Get your own free account" translatable
    (server#13169)
  - Use a case insensitive search for email (server#13179)
  - Fix ie11 checkboxes (server#13206)
  - SCSS cache buster is a combination of apps/theming/scc_vars
    (server#13209)
  - Files list not rendering if user has favorites navigation
    unfolded (server#13215)
  - Do not forgot to store the second displayname portion
    (server#13218)
  - Add default values when parsing account data (server#13252)
  - Fix opening search results for comments (server#13253)
  - Fetch lastInsertId only when id null (server#13278)
  - Add caching headers for public previews (server#13328)
  - Unbundle user_external to release it via appstore
    (server#13329)
  - Rewrite getNumberOfUnreadCommentsForFolder query (server#13335)
  - Fix can change password check in case of encryption is enabled
    (server#13349)
  - Update the CRL (server#13352)
  - Check anonymous OPTIONS requests file in root (not in subdir)
    (server#13354)
  - Re add the uploaded file list to file drops (server#13355)
  - Returns a 404 instead of exception if app is not installed
  - #13088 (server#13357)
  - Transpile arrow function for ie11 compatibility (server#13360)
  - IE fix for apps menu (server#13361)
  - Allow URI as data for vcard PHOTO (server#13366)
  - Throttle with correct metadata (server#13368)
  - Fix loginflow with apptoken enter on iOS (server#13370)
  - Register and show when an LDAP user was detected as
    unavailable/deleted (server#13372)
  - Fix apps menu overlapping (server#13404)
  - Use the real logger in the settings (server#13405)
  - CSP: Allow fonts to be provided in data (server#13411)
  - HttpClient getHeader can return empty string (server#13425)
  - Respect classification of calendar events in activity stream
    (server#13439)
  - Add support for boolean default (server#13444)
  - Show the repair steps and repair info output in the web for
    better feedback (server#13469)
  - Fix PDF sidebar shown in PDF thumbnails (files_pdfviewer#114)
  - Do not get the url from the download links
    (files_videoplayer#74)
  - Use proper slogan from theming app (firstrunwizard#94)
  - Update info.xml (firstrunwizard#96)
  - Update richObjectStringParser.js (notifications#245)
* Thu Dec 20 2018 ecsos@opensuse.org
- fix require php versions.
* Mon Dec 10 2018 ecsos@opensuse.org
- Update to 15.0.0
  Nextcloud 15 introduces social networking, next-gen 2-factor
  authentication and innovative collaborative document editing
  abilities.
  This release also adds a new design and grid view, workflow
  features and 2-3x faster loading performance.
  As this is a major release, the changelog is very long.
  Find an overview of what has been improved in this series of blog
  posts or see: https://nextcloud.com/changelog/
- Use php7 in apache under suse_version >= 1500 now.
* Tue Nov 27 2018 ecsos@opensuse.org
- Fix warning for /.well-known/{caldav,carddav} in overview
  security & setup warning.
* Thu Nov 22 2018 ecsos@opensuse.org
- update to 14.0.4
  - Allow overwrite.cli.url without trailing slash (server#11772)
  - Remove duplicate call to decodeURIComponent (server#11781)
  - Check for empty string (server#11783)
  - Add "Referrer-Policy" to htaccess file, addresses issue #11099
    (server#11798)
  - Always query the lookup server in a global scale setup
    (server#11800)
  - Fix a case where "password_by_talk" was not a boolean
    (server#11851)
  - Add .l10nignore files for compiled assets (server#11925)
  - Properly escape column name in "createFunction" call
    (server#11929)
  - Allow userId to be null (server#11939)
  - Allow "same-origin" as "Referrer-Policy" (Backport to stable14)
    (server#11950)
  - Do not emit preHooks twice on non-part-storage (server#11961)
  - Filter null values for UserManager::getByEmail (server#11976)
  - Allow local delivery of schedule message while prohibiting
    FreeBusy requests (server#11979)
  - Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
    (server#11990)
  - Lazy open first source stream in assemblystream (server#11994)
  - Fix opening a section again in the Files app (server#11995)
  - Remove cookies from Clear-Site-Data Header (server#12005)
  - Forwarded ExpiredTokenException (server#12032)
  - Allow chunked uploads even if your quota is not sufficient
    (server#12040)
  - Improve encrypt all / decrypt all (server#12045)
  - Double check for failed cache with a shared storage
    (server#12108)
  - Implement the size of an assembly stream (server#12111)
  - Bring the browser window of an actor to the foreground when
    acting as him (server#12120)
  - Move acceptance tests that crash the PHP built-in server to
    Apache (server#12121)
  - Remove unneeded empty search attribute values, fixes #12086
    (server#12122)
  - Fixes wrong variable usage (server#12137)
  - LDAP: announce display name changes so that addressbook picks
    it up (server#12141)
  - Bruteforce protection handling in combination with
    (server#12160)
  - Add global site selector as user back-end which doesn't support
    password confirmation (server#12184)
  - Do not set indeterminate state for file shares (server#12187)
  - Revert "Wait for cron to finish before running upgrade command"
    (server#12197)
  - Fix bug #12151: fix list formatting by correcting malformed
    html (server#12202)
  - A folder should get a folder mimetype (server#12297)
  - Use the proper server for the apptoken flow login
    (server#12299)
  - Do not log FileLock as exception (server#12300)
  - Set the filemodel before rending the detailsview (server#12301)
  - Disabled ldap fix (server#12331)
  - Fix - Add to favorites not working in IE11 (server#12339)
  - Remove arrow function for ie compatibility (server#12341)
  - Fix default types of activity event member variables
    (server#12353)
  - Suppress wrong audit log messages about failed login attempts
    (server#12372)
  - Add fix for IE11 flexbox height bug (server#12374)
  - Properly search the root of a shared external storage
    (server#12375)
  - Fix app update available check (server#12412)
  - Use nextcloud-password-confirmation (server#12416)
  - Fix IE rule for min width (server#12431)
  - Added cache override to ensure an always up-to-date
    accessibility css (server#12432)
  - Unique contraint and deadlock fixes for filecache and
    file_locks (server#12433)
  - Fix app menu calculation for random size of the right header
    (server#12440)
  - Fix missing quickaccess favorite folder on add (server#12441)
  - Fixes dav share issue with owner (server#12459)
  - Fix wrong share popover opening on share link (server#12482)
  - Only use width and opacity for transition (server#12492)
  - Forward object not found error in swift as dav 404
    (server#12502)
  - Fix the warning appearing in the admin section when
    mail_smtpmode is not configured (server#12529)
  - Remove unused svg api route (server#12542)
  - Bearer tokens are app token (server#12545)
  - Handle permission in update of share better (server#12561)
  - Correctly restrict affected users when using command to send
    emails (activity#312)
  - Improve code blocks in markdown rendering (files_texteditor#121)
  - Properly escape column name in "createFunction" call
    (survey_client#85)
* Fri Oct 12 2018 ecsos@opensuse.org
- update to 14.0.3
  - Fixes the apps menu scrollbar (server#11662)
  - Ignore "session_lifetime" if it can not be converted to a
    number (server#11761)
  - Normalize getUnjailedPath (server#11770)
- changes from 14.0.2
  - Fix contacts menu on mentions (server#11350)
  - Make the server ready to use global scale with SAML as auth
    back-end (server#11373)
  - Fix default flex shrink on list (server#11374)
  - Fixes the logo height (server#11385)
  - Do not explode when getting permissions from a FailedStorage
    (server#11389)
  - Do not hide the progress bar while the chunked upload is being
    assembled (server#11399)
  - Fix "checkWellKnownUrl" not being run (server#11418)
  - Add back the total used space per user (server#11425)
  - Fix invalid inline input confirm border (server#11426)
  - Center back the history icon (server#11430)
  - AssemblyStream is also eof if we have no more source stream
    (server#11436)
  - Re-enable upload button after updating Avatar (server#11451)
  - Fix typo in config.sample.php (server#11488)
  - Bugfix 2FA theme: buttons white (server#11489)
  - Update config and babel for ie11 (server#11490)
  - Only catch QueryException when trying to build class
    (server#11492)
  - Show auth type "None" in email settings (server#11493)
  - Fix public page footer link wrap (server#11510)
  - Fix share header text on small widths (server#11511)
  - Add missing compiled mimetype list (server#11516)
  - Fixes the move/copy picker buttons (server#11525)
  - Fix breadcrumbs (server#11530)
  - Added kinetic scrolling for iOS to apps dropdown menu #10281
    (server#11554)
  - Throw an error if a node is smaller than expected in
    assemblystream (server#11555)
  - Reduce the min-width of the files table so it works on sharing
    pages on mobile (server#11556)
  - Fix header overflow, fix more apps menu, fix #11552
    (server#11558)
  - Add new group entry on users list + fixes (server#11575)
  - Redirect guests to login if they follow the link of a comment
    mention-notifications (server#11577)
  - Force multiselect max-height to 5.5 items (server#11579)
  - Just update password hash without validating (server#11580)
  - Fix sticky header on users list (server#11582)
  - Fix header border on users list (server#11608)
  - Fix call to logger (server#11610)
  - Allow the creationg of previews of files stored in appdata
    (server#11703)
  - Update CRL due to changed cert for linkshareex (server#11706)
  - Fix a misleading setup check for .well-known/caldav & carddav
    (server#11738)
  - Remove unneeded CSS rule for IE 11 (files_pdfviewer#101)
  - Hide footer in public share page (files_pdfviewer#103)
  - Fix embedded viewer with new server layout on IE 11
    (files_pdfviewer#98)
* Wed Sep 26 2018 ecsos@opensuse.org
- update to 14.0.1
  - Fixes the upload progress bar layout - 14 backport
    (server#11039)
  - Fix markup and style of mentions in comments (server#11077)
  - Do not invalidate main token on OAuth (server#11090)
  - Expire tokens hardening (server#11103)
  - fix js files client for user names with spaces (server#11152)
  - Fix user and group listing with users that have an integer
    user id (server#11186)
  - Fix exception class (server#11187)
  - Remove posix_getpwuid and compare only userid (server#11191)
  - Fix check for more users in sharing dialogue (server#11201)
  - Remove filter_var flags due to PHP 7.3 deprecation,
    fixes #10894 (server#11237)
  - Fixes empty favorite names for trailing slashes (server#11259)
  - Fix size of icons in menus inside apps when shown as images
    (server#11276)
  - Prevent comment being composed from overlapping the submit
    button (server#11277)
  - replace setcookie value with '' instead of null. (server#11280)
  - Fix the link and anchor for the update notifications
    (server#11282)
  - Include empty directories in the default state of acceptance
    tests (server#11283)
  - Get permission of storage for shares (server#11287)
  - Shared by info for room shares without names (server#11288)
  - Fix icons cacher regex for compressed output (server#11291)
  - Revert "Use APCu caching of composer" (server#11293)
  - Use user locale as default in the template (server#11294)
  - Fix expiration code of tokens (server#11302)
  - Add unit test for findLanguageFromLocale (server#11340)
  - 14 scroll fix (activity#295)
  - Update stable14 target versions (files_texteditor#111)
  - Update stable14 target versions (firstrunwizard#80)
  - Update stable14 target versions (gallery#467)
  - Update stable14 target versions (nextcloud_announcements#32)
  - Update stable14 target versions (notifications#158)
  - Update config and babel for ie11 (notifications#161)
* Mon Sep 10 2018 ecsos@opensuse.org
- Insert Referrer-Policy in nextcloud.conf
* Thu Sep 06 2018 ecsos@opensuse.org
- update to 14.0.0
  No changelog from upstrem. Look instead here:
  https://github.com/nextcloud/server/compare/v13.0.6...v14.0.0
* Fri Aug 31 2018 ecsos@opensuse.org
- update to 13.0.6
  - Add sabre plugin to allow anonymous options requests to the dav
    root (server#10285)
  - Do scan the root storage in background scan (server#10376)
  - Adding test for table schedulingobjects and fixing postgres LOB
    (server#10552)
  - Fix transfering ownership of a share to user with same id as
    receiver (server#10565)
  - Make file cache updates more robust (server#10581)
  - Retry smb stat on timeout (server#10591)
  - Use insertIfNotExists to store new mimetypes. (server#10620)
  - Only warn about data lose on password reset if per-user keys
    are used (server#10646)
  - Update the scope of the lockdownmanager (server#10682)
  - Log entries that are hidden during file listing (server#10698)
  - Forgotten pass fix link (server#10735)
  - Fix comment style in config sample (server#10759)
  - Make sure error_log() always receives a string (server#10760)
  - Fix call to OC.generateUrl for caldav birthday calendar on/off
    (server#10761)
  - Use the path_hash instead of the path to query the filecache
    (server#10762)
  - Don't blame random people for background email updates
    (server#10763)
  - Resolve all group memberships properly (server#10783)
  - Remove unexecutable code (server#10816)
  - Improve URL detection (server#10821)
  - MySQL 8.0+ and MariaDB 10.3+ are large prefix and
    barracuda by default (server#10823)
  - Disallow negative mtime in dav search (server#10837)
Version: 15.0.14-bp151.3.6.1
* Thu Feb 06 2020 Eric Schirra <ecsos@opensuse.org>
- Update to 15.0.14
  - Fix boo#1162766 (NC-SA-2020-002, CVE-2019-15613)
  - Fix boo#1162775 (NC-SA-2019-016, CVE-2019-15623)
  - Fix boo#1162776 (NC-SA-2019-015, CVE-2019-15624)
  - Fix boo#1162781 (NC-SA-2019-012, CVE-2020-8119)
  - Fix boo#1162782 (NC-SA-2019-014, CVE-2020-8118)
  - Fix boo#1162784 (NC-SA-2020-012, CVE-2019-15621)
  - To many changes.
    For detail see: https://nextcloud.com/changelog/
Version: 13.0.8-8.1
* Wed Nov 28 2018 ecsos@opensuse.org
- Update to 13.0.8
  - Ignore "session_lifetime" if it can not be converted to a
    number (server#11762)
  - Change password expiration time from 12h to 7d (server#11857)
  - Do not emit preHooks twice on non-part-storage (server#11962)
  - Filter null values for UserManager::getByEmail (server#11978)
  - Allow local delivery of schedule message while prohibiting
    FreeBusy requests (server#11982)
  - Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
    (server#11992)
  - Fix opening a section again in the Files app (server#11996)
  - Lazy open first source stream in assemblystream (server#11997)
  - Remove cookies from Clear-Site-Data Header (server#12006)
  - Actually return the root folder when traversing up the tree
    (server#12060)
  - Double check for failed cache with a shared storage
    (server#12109)
  - Implement the size of an assembly stream (server#12112)
  - Remove unneeded empty search attribute values, fixes #12086
    (server#12123)
  - LDAP: announce display name changes so that addressbook picks
    it up (server#12142)
  - Reset bruteforce on token refresh OAuth (server#12208)
  - Expired tokens should not trigger bruteforce protection
    (server#12212)
  - A folder should get a folder mimetype (server#12298)
  - Properly search the root of a shared external storage
    (server#12376)
  - Unique contraint and deadlock fixes for filecache and
    file_locks (server#12434)
  - Fixes dav share issue with owner (server#12460)
  - Forward object not found error in swift as dav 404
    (server#12503)
  - Bearer tokens are app token (server#12546)
  - Handle permission in update of share better (server#12562)
  - Correctly restrict affected users when using command to send
    emails (activity#313)
- Changes from 13.0.7
  - Prefer using dir instead of allinfo for getting smb file info
    (server#10804)
  - [LDAP] The WebUI Wizard also should not assign empty config IDs
    (server#10824)
  - Fix mimetype detection for junked uploads (server#10829)
  - Improve performance when dealing with large numbers of shares
    (server#10884)
  - Cast timestamps older than unix epoch to 0 (server#10902)
  - Use the same ignored properties list for both
    CustomerPropertiesBackends (server#10911)
  - Do not hide the progress bar while the chunked upload is being
    assembled (server#11400)
  - Fix "checkWellKnownUrl" not being run (server#11419)
  - AssemblyStream is also eof if we have no more source stream
    (server#11437)
  - Show auth type "None" in email settings (server#11494)
  - Fixes the move/copy picker buttons (server#11524)
  - Allow the creationg of previews of files stored in appdata
    (server#11704)
  - Update CRL due to changed cert for linkshareex (server#11707)
  - Fix a misleading setup check for .well-known/caldav & carddav
    (server#11739)
- Changes from 13.0.6
  - Add sabre plugin to allow anonymous options requests to the
    dav root (server#10285)
  - Do scan the root storage in background scan (server#10376)
  - Adding test for table schedulingobjects and fixing postgres LOB
    (server#10552)
  - Fix transfering ownership of a share to user with same id as
    receiver (server#10565)
  - Make file cache updates more robust (server#10581)
  - Retry smb stat on timeout (server#10591)
  - Use insertIfNotExists to store new mimetypes. (server#10620)
  - Only warn about data lose on password reset if per-user keys
    are used (server#10646)
  - Update the scope of the lockdownmanager (server#10682)
  - Log entries that are hidden during file listing (server#10698)
  - Forgotten pass fix link (server#10735)
  - Fix comment style in config sample (server#10759)
  - Make sure error_log() always receives a string (server#10760)
  - Fix call to OC.generateUrl for caldav birthday calendar on/off
    (server#10761)
  - Use the path_hash instead of the path to query the filecache
    (server#10762)
  - Don't blame random people for background email updates
    (server#10763)
  - Resolve all group memberships properly (server#10783)
  - Remove unexecutable code (server#10816)
  - Improve URL detection (server#10821)
  - MySQL 8.0+ and MariaDB 10.3+ are large prefix and barracuda by
    default (server#10823)
  - Disallow negative mtime in dav search (server#10837)
- This also fix security issues:
  - (boo#1114817, CVE-2018-3780)
Version: 13.0.5-5.1
* Tue Jul 24 2018 Mathias.Homann@opensuse.org
- update to 13.0.5
  - Fix highlighting of the upload drop zone (server#9837)
  - Apply ldapUserFilter on members of group (server#9839)
  - Make the DELETION of groups match greedy on the groupID
    (server#9841)
  - Add parent index to share table (server#9843)
  - Log full exception in cron instead of only the message
    (server#9958)
  - Properly lock the target file on dav upload when not using part
    files (server#9986)
  - LDAP backup server should not be queried when auth fails
    (server#10032)
  - Fix filenames in sharing integration tests (server#10044)
  - Lower log level for quota manipulation cases (server#10076)
  - Let user set avatar in nextcloud if LDAP provides invalid
    image data (server#10089)
  - Improved logging of smb connection errors (server#10093)
  - Allow admin to disable fetching of avatars as well as
    a specific attribute (server#10115)
  - Allow to disable encryption (server#10121)
  - Update message shown when unsharing a file (server#10164)
  - Fixed English grammatical error on Settings page.
    (server#10165)
  - Request a valid property for DAV opendir (server#10169)
  - Allow updating the token on session regeneration
    (server#10170)
  - Prevent lock values from going negative with memcache backend
    (server#10180)
  - Correctly handle users with numeric user ids (server#10185)
  - Correctly parse the subject parameters for link (un)shares of
    calendars (server#10188)
  - Fix "parsing" of email-addresses in comments and chat messages
    (server#10189)
  - Sanitize parameters in createSessionToken() while logging
    (server#10195)
  - Also retry rename operation on InvalidArgumentException
    (server#10201)
  - Improve url detection in comments (server#10202)
  - Only bind to ldap if configuration for the first server is set
    (server#10233)
  - Use download manager from PDF.js to download the file
    (files_pdfviewer#84)
  - Fix trying to load removed scripts (files_pdfviewer#87)
  - Only pull for new messages if the session is allowed to be kept
    alive (notifications#138)
  - Always push object data (notifications#139)
  - Add prioritization for Talk (notifications#140)
Version: 13.0.4-2.1
* Mon Jun 11 2018 ecsos@opensuse.org
- update to 13.0.4
  - Allow setting notify credentials in environment (server#9788)
  - Make the token expiration also work for autocasting 0
    (server#9803)
  - Enable caldav for webdav subtree public-calendars (server#9820)
- This also fix security issues:
  - (boo#1100343, CVE-2018-3762) and (boo#1100344, CVE-2018-3761)
* Thu Jun 07 2018 ecsos@opensuse.org
- update to 13.0.3
  - Backport various scss fixes #8777 (server#9259)
  - Fix ellipsis in filename column (server#9344)
  - Replace deprecated sinon reset() call with resetHistory()
    (server#9358)
  - Issue #9318: catch exceptions in SCSSCacher::resetCache()
    (server#9377)
  - Log lock state on conflict (server#9389)
  - Remove unneeded locks in getCacheEntry (server#9391)
  - Only allow a single concurrent dav write to a file
    (server#9392)
  - Workflow rules error when changing operation (server#9409)
  - Fix jsunit tests (server#9430)
  - Allow IPv6 database host (server#9432)
  - Add labels for Contacts menu and Settings (server#9433)
  - Get correct version of an app (server#9436)
  - Fix ids of permission checkboxes for shares (server#9453)
  - Fix race condition when preparing upload folder (server#9454)
  - Allow to specify a link to a legal notice (server#9516)
  - Fix for unbound cloned LDAP connections (server#9522)
  - Dont use $info as array when its not an array (server#9525)
  - Improve OAuth (server#9540)
  - Bump theming version for extraordinary release (server#9547)
  - Fix translation bug on lost password page (server#9548)
  - Cleanup locks in scanner on error (server#9566)
  - Bump version for theming again ? (server#9573)
  - Make sure force language is reflected in html lang attribute
    (server#9579)
  - Add privacy link to theming and fix scrollbars (server#9586)
  - Fix settings menu (server#9590)
  - Handle exception while itterating trough smb file listing
    (server#9608)
  - Send invitations for shared calendars (server#9610)
  - Regenerate session id after public share auth (server#9619)
  - Emit event when running ./occ db:add-missing-indices
    (server#9620)
  - Add PHP missing message to index.php (server#9621)
  - Delete the previews when a version is restored (server#9622)
  - Limit Sinon version to 5.0.7 at most (server#9629)
  - Prepare another theming release including translations for
    recently added imprint and privacy policy strings
    (server#9647)
  - Dont open the file on dav HEAD request (server#9649)
  - Fix(AmazonS3): fix loop $result['Contents'] error
    (server#9650)
  - Fix undefined variables (server#9651)
  - Add search category icon (server#9652)
  - Fix "Invalid argument supplied for foreach()" (server#9654)
  - Do not load calendar/addressbook plugins if not needed
    (server#9655)
  - Make LargeFileHelper.php faster by avoiding execs as much as
    possible (server#9656)
  - Improve error reporting and move format parameter to the
    options (server#9657)
  - The OAuth endpoint needs to support Basic Auth (server#9659)
  - LDAP password renewal fixes (server#9661)
  - Check user state when fetching to avoid dealing with offline
    objects (server#9662)
  - Make sure the file is readable before attempting to create
    a preview (server#9668)
  - Fix drone mysqlmb4 tests (server#9672)
  - Make sure the log doesn't try to read from PUT if it can't
    (server#9694)
  - Allow admins to override FreeBusy capabilities without
    modifying ShareAPI capabilities (server#9707)
  - Fix the unit tests (server#9712)
  - Fix header nav (server#9727)
  - Fix local users check in contacts menu (server#9732)
  - Don't open the file when handling HEAD requests (3rdparty#99)
  - Do not sanitize markdown output twice (files_texteditor#101)
* Thu Apr 26 2018 ecsos@opensuse.org
- update to 13.0.2
  - Show group display names (server#8779)
  - Group existence check works without attribute (like with users)
    (server#8849)
  - The FN is optional, carrying the displayname if present
    (server#8900)
  - Set "share with" field to the ID of the circle (server#8905)
  - Show EOL warning in the update section (server#8986)
  - Use app version to generate scss filename (server#9015)
  - Update icewind/smb to 2.0.5 (server#9017)
  - Fix search text overlapping close button (server#9019)
  - Clear any theming prefixed cache on cache buster increase
    (server#9020)
  - Reset encryptionVersion to '1' if a file was stream copied
    (server#9064)
  - Do not treat is-encrypted as custom property (server#9071)
  - Fix proper permissions for multiple file access (server#9072)
  - When formatting a share node an Empty target is invalid
    (server#9073)
  - Move on with the next user if we found the user on one user
    back-end (server#9077)
  - Allow usage of Windows 10 WebDav Netdrive (server#9089)
  - Add more logging for the object storage during creation of the
    buckets (server#9094)
  - Do not convert email addresses with idn_to_ascii if?
    (server#9095)
  - Fix progress bar hidden before the upload ends (server#9124)
  - Update CRL to include old quicknotes cert (server#9213)
  - Fix user selectable text for public links for text files
    (server#9230)
  - Provide an option to disable HTML emails (server#9231)
  - Fix appinfo parsing when a single localized option is provided
    (server#9233)
  - Use multibyte substring (server#9234)
  - Fix webdav support for OneNote clients (server#9236)
  - Fixed files copy/move when in favorites or recent section
    (server#9238)
  - Don't update personal settings for admins (activity#262)
  - Skip parameters which are not there instead of failing out
    (activity#265)
  - Bump version 13 (files_pdfviewer#64)
  - Fix info.xml (files_pdfviewer#66)
  - No default enable (files_pdfviewer#67)
  - Fix position of icons in "Share with" input field (gallery#418)
  - Fix "No results found" tooltip (gallery#419)
  - Fix UI while a share is being added (gallery#420)
  - Hide "No results found" tooltip on autocompletion (gallery#424)
  - Fix error while clicking on the share link checkbox
    (gallery#430)
* Thu Mar 15 2018 ecsos@opensuse.org
- update to 13.0.1
  - Dont polute the log on DAV emaillogin (server#8045)
  - Don't perform CSRF check on OCS routes with Bearer auth
    (server#8099)
  - Use S3Client::upload instead of splitting single/multipart
    upload ourselves (server#8102)
  - Remove old perl script to update l10n files (server#8145)
  - Scss hardening (server#8156)
  - Do not try to get the jailed path if we can't find the id
    (server#8177)
  - Handle SSL certificate verifications for others than
    Let's Encrypt (server#8183)
  - Use a phan version instead of master (server#8195)
  - Repair step to clear frontend related caches (server#8197)
  - Keep previous exception when transforming to dav exception
    (server#8228)
  - Actually return stream from swift (server#8250)
  - Remove invalid link to documentation (server#8253)
  - Fix deleting folders when using s3 external storage
    (server#8261)
  - Link to NC13 dev manual (server#8264)
  - Better result handling of email search (server#8267)
  - Update CRL to revoke files_rightclick (server#8271)
  - Fix styling issues of guest pages #8155 (server#8286)
  - Remove jquery ui background image (server#8287)
  - Show open graph preview in WhatsApp (server#8309)
  - Make acceptance tests for comments more consistent with the
    others (server#8395)
  - Fix edit tag textbox size (server#8407)
  - Use TTF fonts for avatar generation (server#8440)
  - Use mb_* string methods to extract first character for
    generated avatars (server#8470)
  - Show hint in OCS API for user creation (server#8515)
  - Fix hiding and event propagation issues with the user
    management popover (server#8517)
  - Add some whitespace around change.svg icon (server#8518)
  - Avoid fruitless login attempts (server#8532)
  - Fix retrieval of group members with numerical uids from LDAP
    (server#8536)
  - Theming: handle not being in the serverroot (server#8554)
  - Ext storage error warning (server#8561)
  - Set autocomplete=new-password for mail share password
    (server#8577)
  - Fix upload button visible on read-only folders (server#8595)
  - Fixed app navigation for IE11 (server#8609)
  - Fix breadcrumbs width calculation (server#8610)
  - Fix comments (and systemtags) when involving users with
    numerical ids (server#8615)
  - Update commentstabview.js (server#8621)
  - Properly encapsulate require_once for app.php (server#8631)
  - AppData hardening (server#8636)
  - Use hash algo that's robust against collisions (server#8654)
  - Fixed date/time picker on IE11 (server#8663)
  - Use a more widely available method to test s3 settings
    (server#8667)
  - Use proper lanugage in langauge code (server#8668)
  - Display the proper language strings in setttings (server#8669)
  - Do not create empty userid when attribute does not have allowed
    chars (server#8673)
  - Remove too restrict check for background image/color
    (server#8675)
  - Fix example regex for user agent matching (server#8676)
  - Generate different UIDs for Birthday, Anniversary and Death
    event (server#8678)
  - Don't use double quotes in MySQL queries (server#8680)
  - Log exceptions that happen when writing the app store reply
    to storage (server#8683)
  - Set the correct active navigation entry (server#8685)
  - Fix activities for end2end encryption (server#8686)
  - Filter out the current user when searching for emails too
    (server#8687)
  - Fix check if theming defaults instance is available
    (server#8688)
  - Fix undefined index problem (server#8693)
  - Disable part files for object stores (server#8725)
  - Better handling of invisible elements in acceptance tests
    (server#8738)
  - Remove base url from global cache prefix (server#8745)
  - Check if the cached js file exists (server#8746)
  - Sharee email matches not limited (server#8749)
  - Fix integer overflow in ChunkingPlugin (server#8752)
  - Revert wording back to updates (server#8755)
  - Add acceptance tests for permissions on public shared folders
    (server#8758)
  - Also send file emails in ASAP mode (activity#249)
  - Ensure userids are strings (activity#252)
  - Null coalescing operator is PHP7+ (activity#254)
  - Update PDF.js to 1.9.426 (files_pdfviewer#55)
  - Enable full screen mode for PDF files (files_pdfviewer#59)
  - Fix ACE module files failing to load (files_texteditor#83)
  - Do not keep FileInfoModels returned by "getModelForFile"
    (files_texteditor#89)
  - Fix share drop down in gallery not properly shown (gallery#394)
  - Fix gallery button hidden in folders without create permission
    (gallery#402)
  - Fix controls position in gallery layout (gallery#405)
  - Removed old code already present thanks to the files app
    (gallery#406)
  - Create "file app" public share links if the slideshow is
    opened from ... (gallery#407)
  - Allow to check against haveibeenpwned.com password list
    (password_policy#61)
* Tue Feb 06 2018 ecsos@opensuse.org
- update to 13.0.0
  Over 1100 changes were merged in the server, with many hundreds
  more in existing or new apps. The main improvements include:
  * Collaboration features
  - Nextcloud Talk, a private videoconference software integrated
    with Nextcloud
  - real-time and asynchronous communication with push
    notifications, calls and chat web and mobile devices
  - Integration in business workflow with calendar invitations
    and calls directly from Nextcloud Files
  - Screen and note sharing with participant moderation
    capabilities
  - 100% secure peer-to-peer, end-to-end encrypted calls,
    mediated by self-hosted server
  - auto-completion of user names in comments and notification
    to the mentioned user
  - support free/busy scheduling in native calendar applications
    like Thunderbird Lightning
  - show meeting invites in the calendar
  * End-to-End Encryption
  - can encrypt data on a per-folder level rather than
    all-or-nothing approach
  - does not require users to remember or exchange passwords
  - does not require re-uploading data upon sharing
  - features an optional off-line administrator recovery key
  - allows full audit logging
  - can be combined with our File Access Control feature so
    administrator can enforce aspects of End-to-end Encryption
  - protects from identity theft with our Cryptographic Identity
    Protection feature
    This feature is in Tech Preview for Nextcloud 13 and does not
    yet implement sharing.
  * User Interface
  - new way of selecting files
  - easy way to quickly copy or move to a location
  - High DPI support
  - admin menu integrated in one list
  - no limitation to file uploads via the web interface
  - user quota in the side bar
  - social sharing (Twitter, G+, Facebook, Diaspora) now features
    a preview
  - improved theming
  * Performance
  - decreased page load times with up to 50% and faster search
  - 80% faster LDAP and up to 10x faster external storage
  - Server-side Encryption performance largely improved
  See https://nextcloud.com/changelog/
* Wed Jan 24 2018 ecsos@opensuse.org
- update to 12.0.5
  Many fixes were merged, the most important ones include:
  - #7144 Unlock files even if an exception occurs
  - #7322 Set primary action button color to same as theming color
  - #7323 Use the correct root for shared jail when the source
    storage is also a jail
  - #7353 Fix translation of federation scope menu
  - #7362 Allow to skip data dir permission checks
  - #7407 Check if owner of share exists
  - #7409 Add retry wrapper when reading files from swift
  - #7451 Fix constructor spy in unit test with Sinon 4.1.3
  - #7455 Remove wrong entry in admin_settings that causes 500
  - #7456 CardDAV convertor check should not be to wide
  - #7457 Fix loading icon position in the app menu
  - #7464 Allow getting the filepath when getting cached mounts
  - #7468 Allow 'Nextcloud' in the user agent string of Android
  - #7558 Fix email buttons for white theme
  - #7567 Respect sharing options when searching for Sharees
  - #7568 Fix duplicate session token after remembered login
  - #7577 Check userExists later,
    saves lookups for appData_INSTANCEID userids
  - #7672 Added additional methods for removal of sensitive info
  - #7688 Fix scss webroot and url rewrite
  - #7717 Throw ServerNotAvailableException when LDAP is caught
    shutting down
  - #7666 Fix drag shadow not visible when dragging a file on
    a narrow screen
  - #7674 Do no run SyncJob in cron
  - #7684 Fix inverted app icons on IE11
  - #7694 Don't attempt to translate login names to uids when uids
    are provided
  - #7708 Don't show recurring msg when pages result was turned off
  - #7742 Hide favourite icon in details view if favourite action
    is not available
  - #7745 Don't lie about preview types
  - #7747 Update of composer
  - #7758 add option to use legacy v2 auth with s3
  - #7759 Use correct L10N files for jsconfig
  - #7757 Wait for the shared link to be set in the acceptance
    tests
  - gallery/#349 Fix date picker not visible in slideshow sharing
    dialog
  - activity/#229 Properly construct path of root on file rename
  - #7770 Fix SCSS processing when undoing theming values
  - #7774 Update icewind/smb to 2.0.3
  - #7777 Set height for sidebar icons
  - #7779 Improve zip support
  - #7786 Return correct mount type for federated shares
  - #7792 Fix empty details view after renaming a file
  - #7817 Fix preview when theming changes invertion of icons
  - #7821 Log full exception in cron instead of only the message
  - #7888 Keep all shipped apps enabled because they should be okay
  - #7962 update icewind/smb to 2.0.4
* Tue Dec 19 2017 ecsos@opensuse.org
- Nextcloud 12 is not compatible with php ? 7.2,
  so php < 7.2 is needed.
* Mon Dec 04 2017 ecsos@opensuse.org
- upstream update to version 12.0.4
  * Server
    Over 50 fixes were merged in the server.
  - Improve text: 'you have now' -> 'you now have (server#6464)
  - Fix initializing paged search under some circumstances
    (server#6502)
  - LDAP: simplify returning the homePath (server#6509)
  - Fix sharer name overlap with filename (server#6524)
  - Allow to close sidebar for text files (server#6525)
  - Fix quota new endpoint 12 (server#6527)
  - Pass new value to triggerChange (server#6528)
  - Throw 101 when an empty group string is provided
    (server#6547)
  - Contacts menu privacy (server#6554)
  - Add color-border variable (server#6649)
  - Do not stop on scss compilation failure (server#6661)
  - Don't pass User object when uid string is expected
    (server#6674)
  - Navigate to the root directory when showing the main filelist
    (server#6689)
  - Fix LDAP User deletion (cleanup) (server#6699)
  - Update aws sdk + s3 improvements (server#6737)
  - Dont run invalid path repair step when upgrading
    from 11.0.5.2 and later (server#6743)
  - Fix language when trying to change password (server#6751)
  - Fix postgresql tests (server#6792)
  - Also use configured 'cache_path' for new chunking
    (server#6814)
  - Set s3 part size to 500mb (server#6815)
  - Fix contacts menu for IE11 (server#6823)
  - Still trigger conflict resolution for existing entries when
    the curre (server#6847)
  - Propagate multipart upload exception when aborting upload
    (server#6855)
  - Allow to migrate from 10.0.3.3 (server#6878)
  - Timespan check (server#6896)
  - Do not log WebDAV maintenance mode exception (server#6908)
  - Don't reset quota (server#6910)
  - Backport of translation string fixes (server#6935)
  - Fix class name in exception logger plugin (server#6942)
  - Allow quota of 0 again (server#6943)
  - Fix uninitialized variable $this->params (server#6944)
  - Don't add a LIKE condition when it's not needed (server#6945)
  - Fix undefined offset warning when using '/' as external
    storage root (server#6946)
  - Fix page title not changed (server#6987)
  - Better readability for text on log in page which is directly
    on backgrounds (server#7028)
  - Translate Grant Access (server#7040)
  - Use fopen directly when reading objects from s3 (server#7079)
  - Improve mimetype detection for object storages (server#7081)
  - Fix seeking on object storage (server#7082)
  - Hide spinner for initial install (server#7095)
  - Ensure uid for calendar objects is unique (server#7096)
  - Revert "Only allow colons in db host for IPv6 addresses
    (server#7102)
  - Theme flow redirection page (server#7114)
  - Fix icon for security settings (server#7116)
  - If for some reason the json can't be decoded it is not cached
    (server#7118)
  - Improve performance of UserMountCache with external storage
    folders (server#7120)
  - {J,CS}SResourceLocator: account for symlinks in app path
    (server#7170)
  - Fix s3 download and touch (server#7186)
  - Touch opertation on object storage, don't create
    the file cache entry to early (server#7207)
  - Allow migration from upcoming 10.0.4 ownCloud release
    (server#7245)
  - CSSResourceLocator: handle SCSS in apps outside root
    (server#7257)
  - only replace permission popupmenu (server#7259)
  - Fix accesslist when a user has an ID only containting 0-9
    (server#7262)
  - Update CRL due to files_frommail (server#7277)
  - Only in case of $currentAccess the array uses the id as index
    (server#7328)
  * Other
  - Add aws sdk (3rdparty#69)
  - Don't send emails to disabled users (activity#202)
  - Add an option to disable emails completly (activity#206)
  - Make sure the mountPoint property is public before using it
    (files_accesscontrol#79)
  - Allow to playback m4v files (files_videoplayer#43)
  - Fix notifications order (notifications#93)
* Tue Sep 19 2017 ecsos@opensuse.org
- upstream update to version 12.0.3
  Nextcloud 12.0.3 delivers a lot of enhancements in various areas
  including:
  - A number of improvements to email notification templates
  - 2FA enhancements
  - Smarter LDAP password handling
  - File Drop and upload-in-general updates
  - A performance improvement handling large files
  See https://nextcloud.com/changelog/#latest12
  Details: https://github.com/nextcloud/server/pulls?q=is%3Apr+milestone%3A%22Nextcloud+12.0.3%22+is%3Aclosed
* Tue Aug 15 2017 ecsos@opensuse.org
- upstream update to version 12.0.2
  * Server
  - Minor bugfix release
* Thu Aug 10 2017 ecsos@opensuse.org
- upstream update to version 12.0.1
  So many changes. See https://nextcloud.com/changelog/#latest12
* Mon Jul 17 2017 ecsos@opensuse.org
- unneeded git-files should not be remove,
  otherwise it throw integrity check failure in some situations.
* Mon May 22 2017 ecsos@opensuse.org
- upstream update to version 12.0.0
  no changelog from upstream at this time
  See https://github.com/nextcloud/server/issues?q=is%3Aissue+milestone%3A%22Nextcloud+12.0%22+is%3Aclosed
* Fri Apr 28 2017 ecsos@opensuse.org
- fix boo#1036756: package security issue
* Mon Apr 24 2017 adamradovits12@hotmail.com
- upstream update to version 11.0.3
  * Server
  - Use the correct principal for shared addressbooks
  (server/3608)
  - Fix saving backup codes by using a correct data uri
  (server/3652)
  - Update icewind/streams to 0.5.2 (server/32931)
  - Fix string comparison and return docs (server/3665)
  - Typecast shared mount's storage_id to int as documented
    + some refactor to avoid similar bugs (server/3658)
  - Use a proper date format for transfer ownership
  (server/3700)
  - DAV sharing permissions should not depend on the order
  (server/3722)
  - Add new user agent of windows 10 dav backend
  (server/37641)
  - Add back appstoreenabled config switch (server/37671)
  - Call right function after sudo mode (server/3820)
  - Dont allow empty wildcard search (server/3842)
  - Remove single quotes around search query like in
  user search (server/3849)
  - Fix mimetype detection on public uploads for the
  workflow engine (server/3765)
  - Fix branding and show Nextcloud (server/39691)
  - Fix reshare with user activity message (server/39812)
  - Create correct VCard and return correct error codes
  (server/4029)
  - Prevent migration from ownCloud 10 to Nextcloud 11
  (server/34151)
  - Make sure transparency is an integer when saving a
  calendar (server/4167)
  - Make public links work with master key (server/42071)
  - Don't try to render the avatars if avatars are
  disabled (server/4214)
  - Reduce error message text (server/42281)
  - Don't list on public calendar endpoints (server/4229)
  - Fix upload of folders in Chrome (server/4154)
  - Make sure blob columns are correctly converted as
  parameters (server/4233)
  - Save the scope of an auth token in the session
  (server/4225)
  - Take share by mail into consideration if we calculate
  the access list (server/4242)
  - Also add the root of external storages to the file id
  list (server/4237)
  - Fix LDAP description (server/42382)
  - Remove the double password confirmation on changing
  cron (server/4236)
  - Fix scheduling plugin on legacy caldav endpoint
  (server/4235)
  - Directly fix invalid values of DTEND and DTSTART
  (server/4234)
  - Make JobList::next() lock free (server/4254)
  - Don't remove owner property for public calendars
  (server/4272)
  - Add capabilities for share by mail (server/42511)
  - Dont use the permissions mask while scanning
  (server/4278)
  - Add missing maintenance plugin to new DAV endpoint
  (server/4290)
  - Fix bug with shared_by for own calendars if shared
  (server/4301)
  - Translation string corrected > 1 user (server/4377)
  * Activity
  - Fix activities for "Files drop" on external storages
  (activity/118)
  * User_SAML
  - Bump to php-saml 2.10.5 (user_saml/1001)
  * Logreader
  - Small screen layout improvements
  (logreader/2bcd915969386ceb77c7f91dfd5fc19fd3212346
  - Fix log filtering
  (logreader/4095dfc62dcceb3c59a3f581baa5589737d0e6f3)
  - Greatly speedup log iteration
  (logreader/71a4c6849641f821e80d96674c57a69fe7a8aa9e)
  - Search more rows
  (logreader/b9d00b5599ac8a76862895266f1c23096391aad8)
  - Stop iterating if we dont have a valid file handle
  (logreader/a87a8e653ecae5efef6342e645b98f2878219c87)
  - Don't return a LogIterator on a broken handle
  (logreader/39069108f99d463b1cb8bc944f3ef24324b9f43d)
  - More robust log iteration
  (logreader/c0eb04d55bf1dee94ef523dae0e3b0e6afc272a6)
  - Use proper iso date format
  (logreader/13a31181a6d72d084797a71f49f2c5edee8c8dae)
  - Automatically try to fix some common escape errors from
  copy-pasted log entries
  (logreader/031db2a7f9b9f8cee42acf6eae7d993d31d4660a)
  - Fix stack trace parsing of incorrectly escaped logentries
  (logreader/538667770edfdd48374ef33e9c15498ed98ece60)
  - Highlight entries from the same request when clicking
  on an entry
  (logreader/2d1ccd0e4cca32220fcbe0b4d79d1cd23f0e73a5)
  - Fix copy paste info searchfield
  (logreader/0e91b2f46649a720feb7c3b6b8266b8657db5574)
  - Fix reset search after 0 results
  (logreader/50bec8ecf7edd81cfb96a35089283c0d879b41f3)
  - Allow searching for requestId and user
  (logreader/7f84e55bb4a1e4086ab0918a6bf58ad3885bbd91)
  - Allow searching in url
  (logreader/7833d97cf85fd351d2f7550d67d21bd0c2a815f4)
  - Fix infinite scroll
  (logreader/cbe874c6c068b9156ad8456edf31d112da40cbc9)
  - Dont show loading indicator if we already have entries
  (logreader/d26a08dc0540126177e8d20c3e243b44c5a399c4)
  * Gallery
  - Fix upload after core changes
  (gallery/b4ac4429841cfe2b7ea260dfb37fcde25580143c2)
  - Update JavaScript libraries (gallery/247)
* Thu Mar 02 2017 jengelh@inai.de
- Remove empty %postun and redundant %clean.
- Ensure summary/description is neutral.
* Tue Feb 28 2017 ecsos@opensuse.org
- upstream update to version 11.0.2
  * Server
  - Use login name to fix password confirm with ldap users
    (server/2953)
  - Change the row-format before changing the collation
    (server/3063)
  - Generate correct path for owner and use the display name
    (server/3080)
  - Markdown support for app descriptions (server/3117)
  - Fix style in comment (server/3143)
  - Escape the name for the jquery selector (server/3138)
  - Define spreed calls (server/3115)
  - LDAP Backend OCS Api (server/3213)
  - Fix Sharing app description (server/3397)
  - Fix shared-as-busy events for owner (server/3363)
  - Use correct theming when returning the defaults (server/3399)
  - Filter out sensitive appconfig values (server/3400)
  - Add transifex config for sharebymail (server/3423)
  - Update the email in the accounts table as well (server/3411)
  - Don't log the password on confirmPassword when LDAP throws an
    exception (server/3414)
  - Make sure ownCloud 8.2 activities also can get displayed
    (server/3412)
  - Popovermenu backport (server/3286)
  - Set vendor during install (server/3426)
  - Make sure the file information is available when sending the
    email (server/3433)
  - Add profile data to provisioning api (server/3259)
  - Fix detection of the new iOS app (server/3431)
  - Add integration tests for legacy DAV endpoints (server/3445)
  - Make sure invalid images don't flood the log file
    (server/3440)
  - Fix printing backup code (server/3510)
  - Fix cookie name (nctoken instead of octoken) (server/3511)
  - LDAP's checkPassword should only catch when a user was not
    found (server/3493)
  - Return unknown free space from nullstorage (server/3508)
  - Fix for address book data lost when any user receiving a
    share is deleted (server/3499)
  - Rename database password toggle (server/3500)
  - Popovermenu files css fix (server/3494)
  - Add screensharing icon (server/3481)
  - Fix misleading wording: searching is affected, not user
    access (server/3560)
  - Backport of Fix Broken UUID Attribute Detection (server/3528)
  * Activity
  - Make sure integer like names are still strings (activity/103)
  - Fix activities for public uploads (activity/113)
  - Show the parent as target when the file was not renamed
    (activity/114)
  - Fix activities for "Files drop" on external storages
    (activity/118)
  * SAML & SSO
  - Setup account later (user_saml/79)
  * Serverinfo
  - Fix SQL syntax error on MariaDB 10.0.27 and 10.1.19
    (serverinfo/77)
  - Don't throw an error when /proc/meminfo is not readable
    (serverinfo/76)
  * Survey_Client
  - Fix problem when checking size with dash in DB name
    (survey_client/50)
* Fri Jan 27 2017 guoyunhebrave@gmail.com
- Add php-openssl dependency
* Mon Jan 23 2017 ecsos@opensuse.org
- upstream update to version 11.0.1
* Wed Dec 14 2016 ecsos@opensuse.org
- upstream update to version 11.0.0
Version: 13.0.12-19.1
* Thu Feb 06 2020 ecsos@opensuse.org
- Update to 15.0.14
  - Fix boo#1162766 (NC-SA-2020-002, CVE-2019-15613)
  - Fix boo#1162775 (NC-SA-2019-016, CVE-2019-15623)
  - Fix boo#1162776 (NC-SA-2019-015, CVE-2019-15624)
  - Fix boo#1162781 (NC-SA-2019-012, CVE-2020-8119)
  - Fix boo#1162782 (NC-SA-2019-014, CVE-2020-8118)
  - Fix boo#1162784 (NC-SA-2020-012, CVE-2019-15621)
  - To many changes.
    For detail see: https://nextcloud.com/changelog/