Oh I see. So is this a stopgap while the iOS app is (presumably) rebuilt or is it a permanent solution? I support having a client as quickly as possible for all involved, I just assumed it was going to be built inhouse (eventually).
This will be the case, at the moment this is a solution that is âgood enoughâ for now. We will actively work on getting an app out that will be licensed as FOSS and allows contributions by external parties 
Stay tuned! And any help of course welcome
3 Likes
And to add to what Lukas said - who knows, we might be able to work with the Cryptocloud team to open source their app. If done the same way as the ownCloud app (GPL) it wonât hurt their business modelâŚ
1 Like
Hello,
congrats to Nc 9.52! 
Just 2 questions:
- the updater doesnât work jet? Btw: what is the right url for config.php; https://updates.nextcloud.org/updater_server/â or https://updates.nextcloud.org/server/ as stated in the docs?
- why is 9.52 not on the github release site? https://github.com/nextcloud/server/releases
Ciao,
Joachim
Hello, is it possible in the feature to change the background image at the login page with the Theming App?
At the moment the integrated updater has been disabled for known bugs on many cases. The new updater that can be tested at Test our new work-in-progress upgrader script should be able to offer this update. You need to configure it to âupdates.nextcloud.org/updater_server/â and might need to wait for up to one hour until our caching is all gone. (will manually clear caches soon though as well)
Added there
Yes. Check the video that is linked:
2 Likes
Thanks for the information.
Lars MĂźller
Threema ID:
threema://add?id=DH6JMCKC
Tel. : 0174/7165042
Curious, I have a complete theme created already. What are the implications here with the new theming capabilities?
None. Existing themes should work quite fine, if you however change some theming defaults with the theming app it will probably overwrite your themes
(e.g. change the color to red and it might overwrite your themeâs color)
Iâm happy some thought was put into that 
Implications: Do not accidentally choose the folder name of the existing theme when using the GUI 
Other than that: you should be fine
3 Likes
We are working to make Nextcloud a platform that can meet the needs of all, I am sure that we will succeed in the future to find a good deal also with the community open source. 
4 Likes
I want to provide some feedback for the newsletter/news post:
You mention there were some security issues but you provide absolutely no detail as to what the impact of those might have been.
I initially assumed they were paid out $5000, so qualified as a RCE. But looking at the nextcloud hackerone page only a $750 bounty and some smaller ones have been paid out. Still the reports are not (yet?) public there.
Have they been assigned a CVE number? For those of us who still have instances which are not yet upgraded, is owncloud also affected? Have they been notified?
I could probably start looking through the github commit log, but without knowing what to look for the is pretty fruitless.
Regarding the links in the newsletter, I pretty much donât care that tehy are tracked, but as a side effect you donât see where a particular link is leading. I.e. in the current newsletter there was a link â(you should update!)â which I expected to lead to some description of the bugs fixed. It just lead to the nextcloud download page, which wasnât very useful when reading the email on mobileâŚ
We donât publicly disclose any security information to third parties until 14 days after the release, following industry best practices. On July 19th advisories will be published, we do recommend to have updated instances until then.
As you can see by the HackerOne bounties the found vulnerabilities range all from low to medium. You can also see on that page what we consider as low and medium.
We contact our CNA shortly before the advisory release date. Until then, no CVE identifiers are assigned.
The quote from http://www.eweek.com/cloud/nextcloud-improves-security-adds-enterprise-support.html should answer that question:
âWith regard to these vulnerabilities, we have made ownCloud a proposal on how we believe this information exchange should work, but they have not agreed on a proposal yet,â Karlitschek said. âWe hope that we can agree on a process so that ownCloud users also benefit from the security fixes we do.â
So yes, ownCloud is affected by these bugs as well, as a courtesy we informed them about the vulnerabilities but they didnât release any patched version or whatsoever yet.
Note that migrating to Nextcloud is often a simple âreplace all program filesâ, so that is always an option and Iâd personally go that route if you care about security.
2 Likes
The claws are coming out there 
⌠that sounds great - so all features (incl. SAML etcâŚ) are available without Enterprise Subscription.
Are these features allready included in the standard installation or extra plugins?
They are included in the stabdard installation. Just go to your app screen and enable them
1 Like
perfect - can you tell me - how this app is called ⌠i have Nextcloud 9.0.51 (stable) installed
and only find an app called "External user support"
is there any installation/documentation guide for SAML integration ?
btw - thx for the super fast reply
Itâs only included in the 9.0.52, so you need to update
Then you can find it in your app screens as âSAMLâ, once enabled you can configure it in your admin panel. You may need to apply the change from https://github.com/nextcloud/user_saml/pull/20/files as well.
Configuring the app completely depends on your IdP, in some cases itâs just a few clicks, in some more. But Iâd encourage you to file a new topic in the support section for that.
special thx for this infos!!!