From 55bf354201dfd8e30b4b06826e1067d78b90f8c1 Mon Sep 17 00:00:00 2001
From: Jimmy Monin <jimmy@monin.net>
Date: Sat, 28 Sep 2019 10:32:33 +0200
Subject: [PATCH 1/2] Upgrade to upstream version 15.0.12

---
 README.md                         | 2 +-
 manifest.json                     | 2 +-
 scripts/upgrade.d/upgrade.last.sh | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 86e1b19..1c68a9a 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
 own data. A personal cloud which run on your own server. With Nextcloud
 you can synchronize your files over your devices.
 
-**Shipped version:** 15.0.11
+**Shipped version:** 15.0.12
 
 ## Screenshots
 
diff --git a/manifest.json b/manifest.json
index a774500..fc300a4 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
         "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms",
         "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions"
     },
-    "version": "15.0.11~ynh1",
+    "version": "15.0.12~ynh1",
     "url": "https://nextcloud.com",
     "license": "AGPL-3.0",
     "maintainer": {
diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh
index 2c20cb6..8baa589 100755
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@@ -1,10 +1,10 @@
 #!/bin/bash
 
 # Last available nextcloud version
-next_version="15.0.11"
+next_version="15.0.12"
 
 # Nextcloud tarball checksum sha256
-nextcloud_source_sha256="59cdde8e7a4a15606efc246e37adf6401b0b4a60f33289be8725d675b9c2ae26"
+nextcloud_source_sha256="708966e18c2bacc33ea0dca59449d4c4f9b5ec935f0ef6fa5d02bfe8ae10f682"
 
 # This function will only be executed upon applying the last upgrade referenced above
 last_upgrade_operations () {

From 67eaa300177edc89931efc469424ede2cc3ff849 Mon Sep 17 00:00:00 2001
From: Jeremy MANSON <jeremy-manson@jmanson.fr>
Date: Fri, 25 Oct 2019 08:39:06 +0200
Subject: [PATCH 2/2] Urgent security issue in NGINX/php-fpm

more information here  : https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
---
 conf/nginx.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 6c5d7ec..ec7954b 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -47,7 +47,7 @@ location ^~ __PATH__/ {
   #rewrite ^/.well-known/host-meta.json __PATH__/public.php?service=host-meta-json last;
 
   location __PATH__/ {
-    rewrite ^ __PATH__/index.php$request_uri;
+    rewrite ^ __PATH__/index.php;
   }
 
   location = __PATH__/robots.txt {
@@ -66,6 +66,7 @@ location ^~ __PATH__/ {
   location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+)\.php(/.*|)$ {
     include fastcgi_params;
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
+    try_files $fastcgi_script_name =404;
     fastcgi_param SCRIPT_FILENAME $request_filename;
     fastcgi_param PATH_INFO $fastcgi_path_info;
     fastcgi_param HTTPS on;