diff --git a/CHANGELOG.md b/CHANGELOG.md index f27aff7c..718e6682 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ CHANGELOG ========= +Version 70 (August 15, 2024) +---------------------------- + +* Roundcube is updated to version 1.6.8 fixing security vulnerabilities. + Version 69 (July 20, 2024) -------------------------- diff --git a/setup/bootstrap.sh b/setup/bootstrap.sh index 18c53559..00d1b214 100644 --- a/setup/bootstrap.sh +++ b/setup/bootstrap.sh @@ -23,7 +23,7 @@ if [ -z "$TAG" ]; then if [ "$UBUNTU_VERSION" == "Ubuntu 22.04 LTS" ]; then # This machine is running Ubuntu 22.04, which is supported by # Mail-in-a-Box versions 60 and later. - TAG=v69b + TAG=v70 elif [ "$UBUNTU_VERSION" == "Ubuntu 18.04 LTS" ]; then # This machine is running Ubuntu 18.04, which is supported by # Mail-in-a-Box versions 0.40 through 5x. diff --git a/setup/system.sh b/setup/system.sh index fac50df7..7467a72c 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -270,14 +270,14 @@ if [ -z "${DISABLE_FIREWALL:-}" ]; then # ssh might be running on an alternate port. Use sshd -T to dump sshd's #NODOC # settings, find the port it is supposedly running on, and open that port #NODOC # too. #NODOC - SSH_PORT=$(sshd -T 2>/dev/null | grep "^port " | sed "s/port //") #NODOC + SSH_PORT=$(sshd -T 2>/dev/null | grep "^port " | sed "s/port //" | tr '\n' ' ') #NODOC if [ -n "$SSH_PORT" ]; then - if [ "$SSH_PORT" != "22" ]; then - - echo "Opening alternate SSH port $SSH_PORT." #NODOC - ufw_limit "$SSH_PORT" #NODOC - - fi + for port in $SSH_PORT; do + if [ "$port" != "22" ]; then + echo "Opening alternate SSH port $port." #NODOC + ufw_limit "$port" #NODOC + fi + done fi ufw --force enable; diff --git a/setup/webmail.sh b/setup/webmail.sh index 66a85596..4591119c 100644 --- a/setup/webmail.sh +++ b/setup/webmail.sh @@ -36,8 +36,8 @@ apt_install \ # https://github.com/mstilkerich/rcmcarddav/releases # The easiest way to get the package hashes is to run this script and get the hash from # the error message. -VERSION=1.6.6 -HASH=7705d2736890c49e7ae3ac75e3ae00ba56187056 +VERSION=1.6.8 +HASH=00586f5163b3f6c1b0798be745982e3547b1b24a PERSISTENT_LOGIN_VERSION=bde7b6840c7d91de627ea14e81cf4133cbb3c07a # version 5.3 HTML5_NOTIFIER_VERSION=68d9ca194212e15b3c7225eb6085dbcf02fd13d7 # version 0.6.4+ CARDDAV_VERSION=4.4.3 diff --git a/setup/zpush.sh b/setup/zpush.sh index 3b14c047..5c3e5b30 100755 --- a/setup/zpush.sh +++ b/setup/zpush.sh @@ -22,8 +22,8 @@ apt_install \ phpenmod -v "$PHP_VER" imap # Copy Z-Push into place. -VERSION=2.7.3 -TARGETHASH=9d4bec41935e9a4e07880c5ff915bcddbda4443b +VERSION=2.7.4 +TARGETHASH=78744d56b8799d9828ec8f99a12c1af4e9f9239b needs_update=0 #NODOC if [ ! -f /usr/local/lib/z-push/version ]; then needs_update=1 #NODOC @@ -57,8 +57,6 @@ fi sed -i "s^define('TIMEZONE', .*^define('TIMEZONE', '$(cat /etc/timezone)');^" /usr/local/lib/z-push/config.php sed -i "s/define('BACKEND_PROVIDER', .*/define('BACKEND_PROVIDER', 'BackendCombined');/" /usr/local/lib/z-push/config.php sed -i "s/define('USE_FULLEMAIL_FOR_LOGIN', .*/define('USE_FULLEMAIL_FOR_LOGIN', true);/" /usr/local/lib/z-push/config.php -sed -i "s/define('LOG_MEMORY_PROFILER', .*/define('LOG_MEMORY_PROFILER', false);/" /usr/local/lib/z-push/config.php -sed -i "s/define('BUG68532FIXED', .*/define('BUG68532FIXED', false);/" /usr/local/lib/z-push/config.php sed -i "s/define('LOGLEVEL', .*/define('LOGLEVEL', LOGLEVEL_ERROR);/" /usr/local/lib/z-push/config.php # Configure BACKEND