Version 6.0.4 June 23rd 2014

  • Fixed a security issue (Will be disclosed two weeks after this release)
  • Several LDAP fixes and improvements
  • Add deprecated warning to load function
  • File scanner fixes
  • Heart beat fixes
  • Encryption fixes for some corner cases
  • Fix conflict dialog translations
  • Fix button text overflow
  • Fix search with Oracle
  • Php upload errors are written to log
  • OCS status code fixes
  • Add PostgreSQL version warning

Version 5.0.17 June 23rd 2014

  • Fixed a security issue (Will be disclosed two weeks after this release)
  • Add deprecated warning to load function
  • Fix button text overflow
  • Fix search with Oracle

Version 6.0.3 April 29th 2014

  • Several security fixes. (Will be disclosed 2 weeks after the release)
  • Appframework extensions to improve the compatibility with 3rdparty apps
  • LDAP performance improvements
  • Fix updating of email adresses from LDAP
  • Fix WebDAV timestamp format handling
  • Disable internet connection check if a proxy is configured
  • Fix a potential file chunking problem on a server that is running out of storage
  • Do not expire file chunks while checking their existence
  • Fix loading of authentication apps in any case
  • Performance improvements by reducing the number of chmod operations.
  • Make the trusted domain upgrade feature more robust.
  • Don't allow creating a "Shared" folder.
  • Fixed "select all" + download on public page
  • Fix share as link with email multiple users
  • Reset time of last update feed polling to fix the updater
  • Share API fixes
  • Admin option for public upload with encryption enabled
  • Fix CIFS with home shares
  • Detect a missing "data" directory mount
  • Fix the filesize calculation of encrypted files
  • Fixes in the OpenStack support
  • Fixes in the SWIFT support
  • Don't block PHP sessions during download
  • Fix sharing oc addressbooks
  • Several ownCloud Documents improvements and fixes
  • Several smaller bugfixes

Version 5.0.16 April 29th 2014

  • Several security fixes
  • Make the trusted domain upgrade feature more robust.
  • Fix group restore
  • Don't block PHP sessions during download
  • Several smaller bugfixes

Version 6.0.2 March 3rd 2014

  • Several security fixes
  • Improved trash bin performance for deleting lots of files
  • Mobile interface improvements
  • Fix key problems in encryption mode in rare situations
  • Smaller LDAP improvements
  • Fix the keep-alive ping for non standard php session lifetimes
  • Cleanup storage table when deleting an entry
  • Fix compatibility with xsendfile mode
  • Fix file size calculation in encryption mode
  • Fix image previews in trash bin
  • Fix public upload with enabled enryption
  • Added APC enabled check
  • Correctly localise date in notification emails
  • Improve compatibility with some CIFS servers
  • Fix shared files and Gallery
  • Several Contacts compatibility improvements
  • Several Documents improvements
  • A lot of smaller bug fixes

Version 5.0.15 March 3rd 2014

  • Several security fixes
  • Improved trash bin performance for deleting lots of files
  • Mobile interface improvements

Version 6.0.1 Jan 22th 2014

  • Fix handling of encryption keys
  • Disable xcache in case admin auth is disabled
  • Speed DB improvements in user home directory location fetching
  • Fix some APC configuration problems
  • Fix duplicate .exe mime-type detection
  • Support DECIMAL DB schema statement
  • Fix some API response code problems
  • Added download workaround for some Android versions.
  • Turn off not working mod_pagespeed extension
  • Command line tool option to show user number
  • Some LDAP fixes for certain configurations
  • Fix previews for reshared files
  • Fix unshare on delete behaviour
  • Fix a CIFS mounting timezone problem
  • File Trash handling fixes
  • Fix potential data corruption problem during massive parallel uploads of the same file
  • Fix versions expiration logic
  • Fix public upload progress bar
  • Fix issues with intermittent "Insufficient Storage" message when quota is enabled

Version 5.0.14a Dec 17th 2013

  • Fix bug that triggers a regeneration of the etags and redownload of files
  • Don't check migration status if a file is accessed by a public link
  • Fix unsharing of files
  • Several external filesystem improvements and fixes
  • A lot of quota calculation fixes
  • Login cookie handling fixes
  • Fix WebDAV url
  • Fix updating of cached permissions
  • Reverse proxy fixes
  • Fix handling of touch for external filesystems
  • Fix setting of display names
  • IIS fixes
  • Fix some Oracle corner cases

Version 6.0.0a Dec 14th 2013

  • Remove wrong warnings from logfile
  • Fix LDAP authentication
  • Fix LDAP configuration
  • Fix Share dialog
  • Fix migration under certain conditions
  • Fix database encoding for old PHP versions
  • Fix select all checkbox
  • Fix migration with lucene search enabled
  • Fix migration for postgresql

Version 6.0.0 Dec 11th 2013

  • User Avatars
  • Previews in files app and other places
  • Updated design, less clutter and more whitespace
  • Public gallery sharing
  • Activities
  • Better file conflict handling dialog
  • Improved public App API
  • Sharing API
  • Example Files
  • Share Email Notifications
  • New Doctrine based database layer
  • Plural translations
  • Refactored OC.dialogs (both code and design wise)
  • Priorize often used languages in personal-settings language selection
  • Update jquery to 1.10.0 and add jquery-migrate 1.2.1
  • Show a summary as the last filelist entry
  • Improve app-management (more verbose error-messages)
  • Show 'More apps' link to app administration directly in app navigation
  • Templates for newly created files
  • Add MB indicator to size column
  • Google Drive external storage uses a new library
  • New icons for shared and external folders
  • File uploads conflicts dialog
  • Possibility to prepopulate a new users home with a skeleton
  • Public upload with encryption enabled
  • Users now can decrypt the files again if their encryption app was enabled
  • Many quota related fixes
  • Total used space (with quota) now only counts user's own files
  • Many external storage fixes, improved performance
  • Improved file navigation performance by using Ajax calls (no full page reload for each folder)
  • The file owner can now also restore deleted shared files
  • New version drop-down with previews and the ability to downloading versions directly

Version 5.0.13 Nov 8th 2013

  • SECURITY: Fix a possible security bypass on admin page under certain circumstances and MariaDB
  • Correctly update database schema during app update
  • Fix automatic login rejecion error message
  • Several Oracle fixes
  • Fixing serverroot/webroot calculation
  • Adding detection for aborted uploads for chunked uploads
  • Fixing directory handling that end with a space
  • Fixing home storage handling
  • Allow to share a file/folder as public link also if one of it parents was already shared as link
  • Fix search in shared folders
  • Fix check for uploads into Shared folder
  • Several Shared folder handling fixes
  • Prefere them PNGs over core SVGs
  • Fall back to default log file of specified logfile doesn't exist
  • Several IE fixes
  • Fix LDAP login for certain circumstances
  • Fixed chunk size calculation for encrypted files
  • Fix recursive delete for smb
  • Fix using touch for creating files for smb
  • Support OCS Share API
  • Fix updating ETAGs
  • Don't write user passwords into logfile
  • Enable configuration of timezones for logfile timestamps
  • Cleanup share database table for files that no longer exist
  • Adding privilege check on move and rename operations

Version 5.0.12 Oct 4th 2013

  • Usermanagement interface fixes
  • Allow numeric group names
  • Improved IE compatibiliy
  • Fix database upgrade error
  • Sharing permission interface fixes
  • Small visual fixes
  • File scanner fixes to handle deleted files correctly

Version 5.0.11 Sep 10th 2013

  • Fixing upload in shared folders with create privileges
  • Making ldap more robust in certain situations
  • Handing quota violation earlier to make the desktop clients more robust
  • Several quota fixes
  • Fix issues with certain file names like 0 or false
  • Disable smb in files_External on windows servers
  • Enable user to decrypt files again after encryption app was disabled
  • Improved Encryption messages
  • Add a searchByMime call to API
  • Fix multiselects for Firefox on Mac in groups management
  • Reduce the number of ldap connections
  • Show a "password incorrect" notice when used shared password is wrong
  • Switch to the completely new Google Drive SDK.
  • Scanner: additional tests for reusing etags during scanning
  • Fix accessing files that are newly created by setting the right mime type
  • Several Calendar bugfixes
  • Fixed "Show on Map" in Contacts
  • A lof of Contacts fixes
  • Several "Tasks" fixes

Version 5.0.10 Aug 12th 2013

  • Configurable logfile date format
  • Several Oracle fixes
  • Several MSSQL fixes
  • Make default language configurable
  • New CLI upgrade script
  • Correctly calculate folder size
  • Fix display of search results
  • Database upgrade fixes
  • Smaller filesystem cache fixes
  • Remember password fixes
  • Encryption fixes
  • Fix problems with german "Umlauts" in folder name
  • IE fixes
  • Improved upgrade logging
  • Improved external storage status display
  • Flicker free versions dropdown
  • Don't create empty versions
  • Less noisy debug logfile
  • Don't show firstrunwizard during upgrade
  • Several Calendar fixes
  • Contacts fixes
  • Fixes for Gallery
  • Several smaller fixes

Version 5.0.9 July 15th 2013

  • Fixes for mounting an WebDAV into an ownCloud
  • Improved expiration of older versions in the case of a full storage
  • IE8 fixes
  • Increased speed when syncing shared files
  • Oracle compatibility fixes
  • Make upgrade routine more robust
  • Fix gallery for certain php configurations
  • Fix pdf viewer close button
  • user_external fixes
  • Several smaller fixes

Version 5.0.8 July 10th 2013

  • SECURITY: XSS vulnerability in "Share Interface" (oC-SA-2013-029)
  • SECURITY: Authentication bypass in "user_webdavauth" (oC-SA-2013-030)
  • New anonymous upload feature
  • Fix syncing of external filesystems
  • External filesystems performance improvements
  • Improve compatibility with Oracle
  • Improved and simplified theming
  • Internet explorer 8 fixes
  • Fixes for partial file uploads
  • LDAP: fix handling of User and Group Bases
  • Improved and more robust upgrade system
  • A lot of encryption system fixes
  • Do not add groups if user has no groups
  • Several Contacts fixes
  • A lot of smaller bugfixes all over the place

Version 4.5.13 July 10th 2013

  • SECURITY: Authentication bypass in "user_webdavauth" (oC-SA-2013-030)
  • Fixed deleting old files versions

Version 5.0.7 June 6th 2013

  • SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-028)
  • New encryption app as preview included. WARNING: This is not yet ready for production use but testing and feedback is welcome.
  • Several LDAP compatibility fixes
  • Several performance improvements of file handling
  • Trashbin fixes for Safari
  • Internet Explorer fixes
  • Several Contacts fixes
  • New check for magic_quotes
  • External Filesystem fixes
  • Add support for copying/moving folders between storages
  • Several smaller fixes

Version 4.5.12 June 6th 2013

  • SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-028)
  • Several Contacts fixes
  • Several Calendar fixes
  • Several smaller fixes

Version 4.0.16 June 6th 2013


Version 5.0.6 May 14th 2013

  • SECURITY: SQL Injection (oC-SA-2013-019)
  • SECURITY: Multiple directory traversals (oC-SA-2013-020)
  • SECURITY: Multiple XSS vulnerabilities (oC-SA-2013-021)
  • SECURITY: Open redirector (oC-SA-2013-022)
  • SECURITY: Password autocompletion (oC-SA-2013-023)
  • SECURITY: Privilege escalation in the calendar application (oC-SA-2013-024)
  • SECURITY: Privilege escalation and CSRF in the API (oC-SA-2013-025)
  • SECURITY: Incomplete blacklist vulnerability (oC-SA-2013-026)
  • SECURITY: Information disclosure: CSRF token + username (oC-SA-2013-027)
  • Fix renaming of shared files
  • Fix UUID handling with LDAP
  • Fix several undelete files issues
  • Fix LDAP cachekey handling
  • Several OCS API fixes
  • Dropbox mounting fixes
  • Remove ldap group name restrictions
  • Fix fetching of the userlist with multiple user backends
  • Turn off password autocompletion
  • Translation fixes of the Shared folder
  • Fix the fileactions order for filetypes
  • Allow to ship a default theme
  • Disallow URLs containing "@"
  • Smaller layout improvemens
  • Log an upgrade warning
  • Log a trash bin cleanup message
  • Improved quota calculation
  • Allow to set Quota to zero
  • Fix performance regression for uploading of big files
  • Several Calendar fixes
  • Use displaynames in contacts
  • Check for existing address books during migrate->import
  • Texteditor fixes
  • Increase the SQLite database timeout
  • Order images in Gallery

Version 4.5.11 May 14th 2013


Version 4.0.15 May 14th 2013


Version 5.0.5 April 19th 2013

  • Fix navigation hover effect
  • Fix database migration
  • Add a warning in the logfile when doing a migration
  • Fix renaming of shared files
  • Improved quota calculation
  • Fix free space calculation
  • Several layout fixes
  • Better save mode check
  • Cleanup database after user deletion
  • Fix touch for creating new files
  • Several trash bin fixes
  • Update MediaElement.js
  • Fix double address book problem
  • Fix layout problem triggered by impress
  • Several smaller fixes
  • Security: XSS in flashmediaelement.swf (oC-SA-2013-017)
  • Security: Authentication bypass in Contacts (oC-SA-2013-018)

Version 4.5.10 April 19th 2013


Version 5.0.4 April 11th 2013

  • Fix file renames
  • Improved compatibility with PostgreSQL
  • Fixed upgrade for PostgreSQL users
  • Improved LDAP compatibility
  • Fix the upgrade hint
  • Make upgrade more robust fix maintainance mode
  • Smaller CSS fixes
  • Fix internet check for proxy users
  • Manually disable files_archive app to fix upgrade
  • Fix touch() for local storage
  • Fix versioning check to allow installation of 3rd party apps
  • Fix default quota
  • Several contacts fixes
  • Several calendar fixes
  • Fixed ampache support in media player
  • Improve mail function in antivirus app
  • Fix setting of user quotas
  • Fix deleted files size calculation
  • Fix "You do not have write permissions here" warning
  • Fix asynchronous loading of users
  • Fix notice from the nullbyte check
  • XSS vulnerability in jPlayer (oC-SA-2013-014)
  • PostgreSQL: Insecure database password generator (oC-SA-2013-015)
  • Windows: Local file disclosure (oC-SA-2013-016)

Version 4.5.9 April 11th 2013

  • Fix public sharing
  • Improved LDAP error reporting
  • Don't show share action for Shared folder
  • XSS vulnerability in jPlayer (oC-SA-2013-014)
  • PostgreSQL: Insecure database password generator (oC-SA-2013-015)
  • Windows: Local file disclosure (oC-SA-2013-016)

Version 4.0.14 April 11th 2013


Version 5.0.3 April 3th 2013

  • Correctly handle .part files
  • Improve PostgreSQL support
  • Fix database upgrading from old versions
  • Improved app styles

Version 5.0.2 April 2th 2013

  • Fix versioning string
  • Fix compatibility with older MySQL versions

Version 5.0.1 April 2th 2013

  • Fixed classnames and improved autoloaded to improve compatibility with older PHP versions
  • Show a warning if an insecure PHP version is used
  • Filesizes are displayed correctly
  • Fixed groups in usermanagement
  • Several Internet Explorer fixes
  • Use display-names in more places
  • Fix upgrading of cache
  • Fix navigation scrollbar for lots of apps
  • Fixed ETag handling to prevent wrong conflict files
  • Fix public link handling
  • Better indexes to improve performance
  • Several Windows server fixes
  • Fix renames of shared files
  • Fix PostgreSQL compatibility
  • Improve error reporting for app installation
  • Improved compatibility with Novell eDirectory
  • Several LDAP fixes
  • Improved sorting in usermanagement
  • Improved background jobs
  • Several CardDAV contacts fixes
  • Several mediaplayer fixes
  • Fixes for text editor
  • Several lucene search fixes
  • Several smaller fixes
  • Contacts: SQL Injection (oC-SA-2013-012)
  • Multiple XSS vulnerabilities (oC-SA-2013-011)

Version 5.0.0 March 14th 2013

  • New design
  • Restore deleted files
  • New fulltext search
  • Display names
  • New photo gallery
  • Improved calendar and contacts
  • Improved bookmarks
  • New documentation system
  • Improved file cache
  • Improved security checks
  • Security hardening in templates
  • Security hardening: Implemented Content Security Policy
  • Better versioning of better autoexpire
  • Extended external storage
  • New OCS REST API support
  • Improved apps management

Version 4.5.8 March 14th 2013

  • Fix foldersize checks to validate zip input size
  • Offer download of shared dir as zip only if zip size limit is not exceeded
  • Escape more characters for LDAP search
  • Fix versioning together with real home directories
  • Multiple XSS vulnerabilities (oC-SA-2013-008)
  • Contacts: Bypass of file blacklist (oC-SA-2013-009)
  • user_migrate: Local file disclosure (oC-SA-2013-010)

Version 4.0.13 March 14th 2013


Version 4.5.7 Feb 20th 2013

  • Fix for 3rd party apps dropping the database
  • Fix SubAdmins management
  • Fix PHP warnings
  • Fix compatibility with some CIFS shares
  • More robust apps management
  • Remove not needed AWS tests
  • Improved mime type parsing
  • Several sharing fixes
  • Offer the option to change the password only supported by the backend
  • More robust auto language detection
  • Revoke DB rights on install only if the db is newly created
  • Fix rendering of database connection error page
  • LDAP: update quota more often
  • Multiple XSS vulnerabilities (oC-SA-2013-003)
  • Multiple CSRF vulnerabilities (oC-SA-2013-004)
  • PHP settings disclosure (oC-SA-2013-005)
  • Multiple code executions (oC-SA-2013-006)
  • Privilege escalation in the calendar application (oC-SA-2013-007)

Version 4.0.12 Feb 20th 2013


Version 4.5.6 Jan 22th 2013

  • Improved language detection
  • Improved translations
  • Fix link to bugtracker
  • Several IE 6/7/8 fixes
  • SabreDAV updated to 1.6.6
  • Improved error reporting
  • Support special characters in mountpoint
  • Interpret https 403 and 401 as not authorized in user_webdavauth
  • Several fixes for special characters in files and folders
  • Improved PostgreSQL support
  • Check database names for valid characters
  • Fix default email address calculation
  • Remove debug output on send password page
  • Add SMTP port configuration option
  • Only show the max possible upload of 2GB on a 32 bit system
  • Show progress during file downloads
  • Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203
  • Security: Fix Code execution in external storage: CVE-2013-0204
  • Security: Removed remoteStorage app because of unfixed security problems.

Version 4.0.11 Jan 22th 2013


Version 4.5.5 Dec 20th 2012

  • Show drag and drop shadow for Firefox
  • Fix Knowledgebase under certain conditions
  • Fix setting of sharing password
  • Fix setting of sharing password
  • Several sharing fixes
  • Fixversioning during sharing
  • Fix mounting of external filesystems especially CIFS
  • Fix several PHP warnings
  • Show /Shared as standard directory
  • Fix session management for running several ownClouds on the same host
  • Fix WebDAV quota enforement
  • Fix CalDAV with LDAP users
  • Better warning about missing dependencies
  • Add warning about conflicting WebDAV auth and LDAP backend
  • Restore send sharing link my email
  • Fix encoding problem with mounting of CIFS filesystems
  • Fix mimetype icons for new files
  • Fix the folder size calculation
  • Fix for deleting multiple files
  • Fix for controling the data dir with LDAP
  • Security: Auth bypass in user_webdavauth and user_ldap (oC-SA-2012-006)
  • Security: XSS vulnerability in bookmarks (oC-SA-2012-007)

Version 4.0.10 Dec 20th 2012


Version 4.5.4 Dec 3th 2012

  • Fix a regression for system where output buffering is disabled
  • Fix a problem with old file versions stored in the filesystem cache
  • Fix group and subadmin ajax bug
  • Important LDAP fix
  • Improved Updater

Version 4.5.3 Nov 27th 2012

  • Fix the new from url button
  • Fix a memory overflow with downloading of big files via WebDAV
  • Better error output in case of DB problems
  • Fix problems with uploading files who have special characters in the name
  • Improved reverse proxy and load balancer support
  • Fix wrong folder size calculation
  • Improved share link generation
  • Fix the syncing of the Shared folder
  • Fix Sharing by link from within Shared folder
  • Several LDAP integration fixes
  • Fix support for PostgreSQL
  • Several WebDAV fixes
  • Fix drag and drop uploading
  • Improved translations
  • Several Gallery fixes
  • Several Contacts fixes
  • Smaller fixes

Version 4.5.2 Nov 14th 2012

  • Fix syncing of shared folder
  • Various sharing bugs fixed
  • Fix bug with deleting users
  • Fix check if resharing is allowed
  • Fix webdavauth app
  • Several ldap fixes
  • Fix data migration
  • Fix folder uploads
  • Fix generatino of etags
  • Fix user specific mount configuration
  • Several PostgreSQL fixes
  • Improved performance of file updates
  • Fix some php warnings
  • Fix filesize calculation
  • Add visual feedback if password is set
  • Various smaller fixes
  • Several critical security fixes
  • XSS vulnerability in user_webdavauth (oC-SA-2012-003)
  • Code Execution in /lib/migrate.php (oC-SA-2012-004)
  • Code Execution in /lib/filesystem.php (oC-SA-2012-005)

Version 4.0.9 Nov 14th 2012


Version 4.5.1 Oct 24th 2012

  • Fix path encoding in breadcrumb
  • Fix sharing of files with special characters
  • Fix upercase/lowercase probelm in usernames with WebDAV
  • Fix LDAP plugin with Postgres
  • Fix userID migration
  • Fix sharing of mounted Files
  • Delete userfiles after deleting a user
  • Make Webinterface work with nonstandard path
  • Fix retrieval of Quota, Email via LDAP
  • Show a warning in installer if .htaccess is not working
  • Fix Shared folder caching
  • Increase security by using openssl random number generator
  • Fix syncing of rollback files
  • Fix the swift files backend
  • Disallow user to delete own account
  • Security: Fix multiple XSS vulnerabilities (oC-SA-2012-001)
  • Security: Fix a timing attack in the "Lost Password" implementation (oC-SA-2012-002)
  • Various smaller fixes

Version 4.5.0 Oct 10th 2012

  • Faster Syncing
  • Sub Administrators
  • GUI for mounting of external storage
  • Improved File Versioning
  • Enhanced Sharing
  • Reworked LDAP
  • Big File Chunking

Version 4.0.8 Oct 10th 2012

  • Show Login Button when user and password are autocompleted
  • Sanitize LDAP base, user and groups
  • Security: Fix for insufficiently Random Values (CVE-2008-4107)
  • Security: Fixed multiple XSS vulnerabilities (CVE-2012-5056)
  • Security: Fixed a https header injection (CVE-2012-5057)
  • Security: Fixed an Auth bypass in /lib/base.php (CVE-2012-5336)

Version 4.0.7 Aug 15th 2012

  • Show Login Button when user and password are auto-completed
  • Sanitize LDAP base, user and groups
  • Fix non active Adressbooks
  • Calendar: Remove double html encoding
  • Fix label for versioning in admin settings
  • Add parent directory into filecache if it doesn't exist
  • Handle non writable files correctly
  • Disable webfinger completely if not activated
  • Security: Disable user listings in DAV (CVE-2012-4390)
  • Security: Check file blacklist for file renames (CVE-2012-4389)
  • Security: CSRF fix for appconfig.php (CVE-2012-4391)
  • Security: Validate cookie to prevent auth bypasses (CVE-2012-4392)
  • Special thanks to Julien Cayssol for reporting several security problems

Version 4.0.6 Aug 1th 2012

  • More robust LDAP integration during unexpected collisions
  • Fix sharing for users with @ in username
  • Additional error handling for emailing of private links
  • Cleanup old session files
  • Fix user space calculation
  • Fix Ampache authentication
  • Remove delete tipsy if file is deleted
  • Don't delete lot's of session files during DAV requests
  • Fix error when no adressbook is created
  • Check if php-ldap is installed
  • Security: Check for Admin user in appconfig.php (CVE-2012-4752)
  • Security: Several CSRF security fixes (CVE-2012-4393)

Version 4.0.5 July 20th 2012

  • Fix remember the username and autologin
  • Offer an option to allow sharing outside the group.
  • Fix for birthday format
  • Fixes for several encoding fixes for unicode characters
  • Fix invalid filesystem cache in the sharing folder
  • Several calendar and contacts fixes
  • Fix sending of emails
  • Several fixes in the system log
  • Several fixes for the external filesystem feature
  • Security: Fix a reflected XSS (CVE-2012-4394)

Version 4.0.4 June 28th 2012

  • Fix assigning several groups to a user.
  • Fix LDAP connector with AD servers
  • Conserve some memory in Contacts App
  • Fix a warning in Gallery when deleting files
  • Fix a bug in the music scanner

Version 4.0.3 June 23rd 2012

  • Added a check if the .htaccess file is working and the data directory is protected or not.
  • Added a check if a user is allowed to edit a bookmark or not.
  • Fix the bookmarklet
  • Fix the timezone in the datepicker
  • Fix mimetype detection for cdr files
  • Fix the filecache for the /Shared folder
  • Fix a potential data corruption bug in the encryption app
  • Don't show other users filenames during filesystem cache rebuild
  • Security: Fix several XSS bugs (CVE-2012-4395)
  • Performance improvements for WebDAV and Desktop Syncing
  • Fix quota calculation
  • Improve the LDAP integration and group management
  • Fix problems with the pdf viewer
  • Fix user account migration
  • Implement several CSRF security checks
  • Fix a gallery bug where first picture is repeated in the last picture.
  • Lot's of calendar fixes
  • Fix problem with "/" in filenames
  • Updated translations
  • Several fixes in Contacts
  • Lot's of fixes in the Tasks App
  • Fix a bug in the filesystem cache with ghost entries

Version 4.0.2 June 11th 2012

  • Lot's of gallery fixes
  • More 3rd party apps visible
  • Fixed update notifications
  • Several calendar fixes
  • Several XSS fixes in calendar (CVE-2012-4396)
  • Several improvements in contacts
  • Fix infinite redirect during setup for windows hosts
  • Several XSS fixes in contacts (CVE-2012-4396)
  • New user password salting
  • Several LDAP fixes
  • Fix duplicate emails in sharing
  • Improved compatibility with Android browser
  • Fixed calendar links
  • Fixed logging
  • Allow "/" in filenames
  • Updated translations
  • Fixed reverse proxy and custom hosts configuration
  • Fix contact photo editing
  • Don't allow renaming, deleting and resharing of shared folder

Version 4.0.1 June 4th 2012

  • Verify if user exists when loggin (oc-863)
  • More efficient log file handling
  • PDO requirement check
  • Check if apps folder is writable
  • prevent division by zero problem during output of free space
  • better mysql error message
  • correctly configure ldap group backend (oc-887)
  • sort users and groups (oc-779)
  • LDAP. correctly handle group filter (oc-867)
  • try to switch magic quotes of globally
  • fix ategory error reporting (oc-874)
  • correctly handle reverse proxy / load balancer httpss handling
  • prevent session already started warning
  • fix the files breadcrumb
  • don't try to use smtp auth if config files says no
  • fix versioning path
  • security: fix a XSS problem in calendar
  • make LDAP pqsql compatible
  • fix pqsql database migration
  • fix ldap config interface
  • support for LDAP "member"
  • don't hardcode /tmp
  • fix potential security problem for requested apps parameter
  • fix notes in contacts properly
  • fix timezone detection
  • fix interti_id in calendar
  • set DB prefix for pqsql
  • security: fix a XSS problem in contacts
  • correctly encode caldav link
  • allow longer path in gallery
  • disable not compatible apps during upgrade
  • fix HEAD request for downloads
  • fix private link sharing via email
  • use UTC as default timezone
  • style fixes for tasks app

Version 4.0.0 May 22nd 2012

  • File Encryption
  • File Versioning
  • Mounting of external Filesystems (experimental)
  • TODOs App
  • Drag & Drop File Uploading
  • Shared Calendars
  • Calendar categories
  • Hugely improved contacts app including groups
  • Improved WebDAV, CalDAV, CardDAV compatibility
  • Movable Apps
  • Improved External App
  • Improved Sharing of Files
  • Overall Performance Improvements
  • System/User Exporting/Importing
  • User/Groups support via LDAP/AD
  • Viewer for ODF Files
  • Improved Photo Gallery
  • Improved installation of 3rd Party Apps
  • Logging via syslog
  • New public API for App developers
  • Lots of bug fixes, smaller enhancements and UX improvements.

Version 3.0.3 April 27th 2012

  • Security: Several CSRF fixes
  • Security: .htaccess uploading blacklist
  • Backport link in the Help center to the online documentatio
  • Backport link in the Help center to the "Big Files" howto
  • Check if JSon module is installed
  • Check if GD module is installed

Version 3.0.2 April 11th 2012

  • Drag and Drop fixed
  • Fixed Sharing for LDAP Users
  • Fix loading of LDAP Plugin
  • Security: Make password hashes more random
  • Security: Fix a XXS problem
  • Multiple bugfixes

Version 3.0.1 April 3rd 2012

  • Fixes for big file uploads
  • Performance improvements for WebDAV
  • IE8 fixes
  • Several small bugfixes

Version 3.0 January 31st 2012

  • Text editor
  • Improved photo gallery
  • Improved calendar view
  • PDF viewer