DRACOON Core Service

Version 4.12.6 (2020-03-24)

Security Issue Updated Spring Boot dependency as a reaction to Ghostcat vulnerability (CVE-2020-1938).

Bugfix Introduced OAuth redirect URI "x-dracoon-action:oauth".

Bugfix Fixed an issue that falsely required the "manage download shares" permission to overwrite files.

Bugfix Fixed user file key generation for encrypted Upload Shares so that especially the file key for the creator of the Upload Share is always generated.

Bugfix Fixed an issue with S3 status remaining "in progress" in case of upload interruptions.

Bugfix Fixed an issue that mistakenly removed the expireAt attribute from files moved to the recycle bin.

Bugfix Undecryptable files are now removed permanently instead of only being moved to the recycle bin.