nextcloud: improve documentation on defaults
* It should be made explicit in the eval-error that the CVE only affects a component which is turned off by default. * For more clarity, the default version used by the module is noted in the manual. Closes #108419
This commit is contained in:
parent
f35bf8ef29
commit
78f022e791
@ -10,6 +10,10 @@
|
||||
<link linkend="opt-services.nextcloud.enable">services.nextcloud</link>. A
|
||||
desktop client is packaged at <literal>pkgs.nextcloud-client</literal>.
|
||||
</para>
|
||||
<para>
|
||||
The current default by NixOS is <package>nextcloud20</package> which is also the latest
|
||||
major version available.
|
||||
</para>
|
||||
<section xml:id="module-services-nextcloud-basic-usage">
|
||||
<title>Basic usage</title>
|
||||
|
||||
@ -210,7 +214,7 @@
|
||||
nextcloud17 = generic {
|
||||
version = "17.0.x";
|
||||
sha256 = "0000000000000000000000000000000000000000000000000000";
|
||||
insecure = true;
|
||||
eol = true;
|
||||
};
|
||||
}</programlisting>
|
||||
</para>
|
||||
|
@ -53,7 +53,7 @@ in {
|
||||
version = "19.0.6";
|
||||
sha256 = "sha256-pqqIayE0OyTailtd2zeYi+G1APjv/YHqyO8jCpq7KJg=";
|
||||
extraVulnerabilities = [
|
||||
"Nextcloud 19 is still supported, but CVE-2020-8259 & CVE-2020-8152 are unfixed!"
|
||||
"Nextcloud 19 is still supported, but CVE-2020-8259 & CVE-2020-8152 are unfixed! Please note that both CVEs only affect the file encryption module which is turned off by default. Alternatively, `pkgs.nextcloud20` can be used."
|
||||
];
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user