From f06b1637b58821787b4f7c6f9f7d1929c2f3cb4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= <1005065+DeepDiver1975@users.noreply.github.com> Date: Mon, 1 Jun 2026 09:30:10 +0200 Subject: [PATCH] feat: 10.16.3 --- .github/workflows/main.yml | 18 +++--------------- .gitignore | 4 +++- v22.04/10.15.3/.trivyignore | 11 ----------- v22.04/10.16.1/.trivyignore | 11 ----------- v22.04/{10.16.2 => 10.16.3}/.trivyignore | 2 +- v24.04/11.0.0-prealpha/.trivyignore | 3 --- 6 files changed, 7 insertions(+), 42 deletions(-) delete mode 100644 v22.04/10.15.3/.trivyignore delete mode 100644 v22.04/10.16.1/.trivyignore rename v22.04/{10.16.2 => 10.16.3}/.trivyignore (71%) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d025084..186c278 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -39,27 +39,15 @@ jobs: strategy: matrix: release: - - version: 10.16.2 - tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260422.tar.bz2 + - version: 10.16.3 + tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260522.tar.bz2 base: v22.04 - trivy-ignore: v22.04/10.16.2/.trivyignore + trivy-ignore: v22.04/10.16.3/.trivyignore extra-tags: | 10.16 10 latest smoke-version-jq: ".versionstring" - - version: 10.16.1 - tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260218.tar.bz2 - base: v22.04 - trivy-ignore: v22.04/10.16.1/.trivyignore - smoke-version-jq: ".versionstring" - - version: 10.15.3 - tarball: https://download.owncloud.com/server/stable/owncloud-complete-20250703.tar.bz2 - base: v22.04 - trivy-ignore: v22.04/10.15.3/.trivyignore - extra-tags: | - 10.15 - smoke-version-jq: ".versionstring" - version: 11.0.0-prealpha tarball: https://download.owncloud.com/server/daily/owncloud-daily-master.tar.bz2 base: v24.04 diff --git a/.gitignore b/.gitignore index 10193a2..5c7af81 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +.claude .drone.yml - +docs owncloud.tar.bz2 + diff --git a/v22.04/10.15.3/.trivyignore b/v22.04/10.15.3/.trivyignore deleted file mode 100644 index fd15115..0000000 --- a/v22.04/10.15.3/.trivyignore +++ /dev/null @@ -1,11 +0,0 @@ -# vulnerability is affecting windows only -CVE-2024-51736 - -# fix requires ownCloud to update bundled aws-sdk-php (3.226.0 -> 3.371.4) in files_primary_s3 -GHSA-27qh-8cxx-2cr5 - -# will be fixed with oc 10.16.2 - TODO: remove once 10.16.2 is available for this branch -CVE-2026-32935 - -# will be fixed with oc 10.16.3 or later -CVE-2026-44167 diff --git a/v22.04/10.16.1/.trivyignore b/v22.04/10.16.1/.trivyignore deleted file mode 100644 index fd15115..0000000 --- a/v22.04/10.16.1/.trivyignore +++ /dev/null @@ -1,11 +0,0 @@ -# vulnerability is affecting windows only -CVE-2024-51736 - -# fix requires ownCloud to update bundled aws-sdk-php (3.226.0 -> 3.371.4) in files_primary_s3 -GHSA-27qh-8cxx-2cr5 - -# will be fixed with oc 10.16.2 - TODO: remove once 10.16.2 is available for this branch -CVE-2026-32935 - -# will be fixed with oc 10.16.3 or later -CVE-2026-44167 diff --git a/v22.04/10.16.2/.trivyignore b/v22.04/10.16.3/.trivyignore similarity index 71% rename from v22.04/10.16.2/.trivyignore rename to v22.04/10.16.3/.trivyignore index 353aba9..5974b17 100644 --- a/v22.04/10.16.2/.trivyignore +++ b/v22.04/10.16.3/.trivyignore @@ -4,5 +4,5 @@ CVE-2024-51736 # fix requires ownCloud to update bundled aws-sdk-php (3.337.3 -> 3.371.4) in files_primary_s3 GHSA-27qh-8cxx-2cr5 -# will be fixed with oc 10.16.3 or later +# fixed in oc 10.16.3, but still a false positive in the openidconnect app CVE-2026-44167 diff --git a/v24.04/11.0.0-prealpha/.trivyignore b/v24.04/11.0.0-prealpha/.trivyignore index a52271b..91164a2 100644 --- a/v24.04/11.0.0-prealpha/.trivyignore +++ b/v24.04/11.0.0-prealpha/.trivyignore @@ -1,5 +1,2 @@ # vulnerability is affecting windows only CVE-2024-51736 - -# will be fixed with oc 11.0.0 - TODO: remove once fixed -CVE-2026-32935