Pydio Cells & Enterprise 2.1.11
Created on 2020/12/16
Component:
License:
Release Type:
This release is a security fix for 2.1 branch.
It fixes a vulnerability discovered in one GO standard library that only affects users of the SAML SSO connector (Enterprise Edition). This release also rolls out a couple of minor fixes and improvements.
- Fix vulnerability linked to xml encoding/decoding affecting the SAML connector. Upgrade is highly recommended if you are using this connector.
- Fix logging overflow that could create a lock on some circumstances.
- Additional failsafe mechanisms on datasource sync to avoid false-deletes detection.
- Lower down "tasks pruning limit" in scheduler, to prevent on-file logs from growing too fast.
- For backward-compatibility with some existing Pydio 8 installation being migrated to Cells, we introduced a new "loginCI" flag in the pydio.grpc.user service, to make login management case-insentive.
Please beware that it could slow down some queries.
Credits
A big thanks to the Mattermost security team (@Juho Nurminem) who alerted us on the possibility of being affected by the xml encoding issue in the go standard library.
Downloads
Download
- Pydio Cells 2.1.11 - Linux - AMD64 - Linux 64bits : Download
- Pydio Cells 2.1.11 - MacOS - AMD64 - Mac : Download
- Pydio Cells 2.1.11 - Windows - AMD64 - Windows 64bits : Download
- Pydio Cells Enterprise 2.1.11 - Linux - AMD64 - Linux 64bits : Download
- Pydio Cells Enterprise 2.1.11 - MacOS - AMD64 - Mac : Download