feat: 10.16.3

.github/workflows/main.yml

@@ -39,27 +39,15 @@ jobs:
     strategy:
       matrix:
         release:
-          - version: 10.16.2
-            tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260422.tar.bz2
+          - version: 10.16.3
+            tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260522.tar.bz2
             base: v22.04
-            trivy-ignore: v22.04/10.16.2/.trivyignore
+            trivy-ignore: v22.04/10.16.3/.trivyignore
             extra-tags: |
               10.16
               10
               latest
             smoke-version-jq: ".versionstring"
-          - version: 10.16.1
-            tarball: https://download.owncloud.com/server/stable/owncloud-complete-20260218.tar.bz2
-            base: v22.04
-            trivy-ignore: v22.04/10.16.1/.trivyignore
-            smoke-version-jq: ".versionstring"
-          - version: 10.15.3
-            tarball: https://download.owncloud.com/server/stable/owncloud-complete-20250703.tar.bz2
-            base: v22.04
-            trivy-ignore: v22.04/10.15.3/.trivyignore
-            extra-tags: |
-              10.15
-            smoke-version-jq: ".versionstring"
           - version: 11.0.0-prealpha
             tarball: https://download.owncloud.com/server/daily/owncloud-daily-master.tar.bz2
             base: v24.04

.gitignore

@@ -1,3 +1,5 @@
+.claude
 .drone.yml
-
+docs
 owncloud.tar.bz2
+

v22.04/10.16.2/.trivyignore → v22.04/10.16.3/.trivyignore

@@ -4,5 +4,5 @@ CVE-2024-51736
 # fix requires ownCloud to update bundled aws-sdk-php (3.337.3 -> 3.371.4) in files_primary_s3
 GHSA-27qh-8cxx-2cr5
 
-# will be fixed with oc 10.16.3 or later
+# fixed in oc 10.16.3, but still a false positive in the openidconnect app
 CVE-2026-44167

v24.04/11.0.0-prealpha/.trivyignore

@@ -1,5 +1,2 @@
 # vulnerability is affecting windows only
 CVE-2024-51736
-
-# will be fixed with oc 11.0.0 - TODO: remove once fixed
-CVE-2026-32935