external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-21 03:02:09 +00:00
Code Issues Releases Wiki Activity
1,377 Commits 6 Branches 85 Tags 43 MiB
7c0b4fa284
Commit Graph

1377 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yodax
7c0b4fa284 Remove not need unzip directives during owncloud extraction. Directory is removed beforehand so a normal extraction is fine 2016-10-08 07:31:18 +02:00
yodax
f9451ce20c Merge with master, for conflicts on tests/fail2ban.py 2016-09-18 09:07:16 +02:00
Joshua Tauberer
58541c467f merge #936 - fix wonky free disk space messages - from cmsirbu/master 
fix status_checks.py free disk space reporting, fixes #932
 2016-09-16 07:31:57 -04:00
cs@twoflower
00bd23eb04 fix status_checks.py free disk space reporting #932 2016-09-15 17:01:21 +01:00
Joshua Tauberer
d73d1c6900 changelog typos 2016-08-24 07:47:55 -04:00
Joshua Tauberer
fc0abd5b4d confirm that fail2ban is protecting pop3s, closes #629 2016-08-22 19:18:23 -04:00
Joshua Tauberer
27b4edfc76 v0.19b 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJXuHvJAAoJELkgQfTBC92B2IsIAJl+tQkkVp5cu4zuSLOpHj73
 LFGGCrGTSMwuyNbnklkLmLIfRxlmNfHNfQqHYhxJQq7JVLuDRJS2rTJnSWGg4PuE
 vyrjOEFNNqFp9cy00j6NMUUcJa4kte4cvMg3Sonz7JkVwS3fxp7hSgZknYOjlLvh
 R/FmrqVhpDtTZRtMjcQaCtCTWUEETYFLsJZ2iZkIlpGhoxPGEhKZquNrT0s3qrNv
 Rwf6O3i9RIS/bOu2lWI+ymdStPVJnn+deRTBWPpsxXdNC/NG9+gWiqGgRnjTBbMO
 uzH1hYct+J6TWeNpesECfMMjTOZ+T7yrRJc1s9ThuLokyAlo9yf4E5YFziZ0hi4=
 =JxNp
 -----END PGP SIGNATURE-----

merge v0.19b hot fix release
 2016-08-20 11:50:26 -04:00
Joshua Tauberer
ba75ff7820 v0.19b 2016-08-20 11:48:08 -04:00
Joshua Tauberer
a14b17794b simplify how munin-cgi-graph is called to reduce the attack surface area 
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.

Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.

The vulnerability was created by 6d6f3ea391.

See #914.

This is the v0.19b hotfix commit.
 2016-08-20 11:47:44 -04:00
Joshua Tauberer
35a360ef0b simplify how munin-cgi-graph is called to reduce the attack surface area 
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.

Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
 2016-08-19 12:42:43 -04:00
Joshua Tauberer
86457e5bc4 merge: fail2ban broke, released v0.19a 2016-08-18 08:39:31 -04:00
Joshua Tauberer
7c9f3e0b23 v0.19a 2016-08-18 08:36:28 -04:00
Joshua Tauberer
83d8dbca3e fail2ban won't start until the roundcube log file is created 
fixes #911
 2016-08-18 08:32:14 -04:00
Joshua Tauberer
8cf2e468bd [merge #900] Adding a Code of Conduct 
Merge pull request #900 from mail-in-a-box/code_of_conduct
 2016-08-15 20:10:37 -04:00
Joshua Tauberer
440a545010 some improvements suggested by the community 2016-08-15 20:09:05 -04:00
Marius Blüm
942bcfc7c5 Update Bootstrap to 3.3.7 (#909) 
Signed-off-by: Marius Blüm <marius@lineone.io>
 2016-08-15 18:06:12 -04:00
ReadmeCritic
4f2d16a31d Update README URLs based on HTTP redirects (#908) 2016-08-15 11:07:09 -04:00
yodax
9a3742f7ce Merge with master, test owncloud upgrade from 8.2.7 2016-08-14 08:26:34 +02:00
Joshua Tauberer
e9368de462 [merge #902] Upgrade ownCloud from 8.2.3 to 8.2.7 
Merge https://github.com/mar1u5/mailinabox

fixes #901
 2016-08-13 17:36:08 -04:00
Joshua Tauberer
cdd0a821eb v0.19 
closes #898
 2016-08-13 17:27:10 -04:00
Marius Blüm
6f165d0aeb
Update Changelog 
Signed-off-by: Marius Blüm <marius@lineone.io>
 2016-08-09 00:58:10 +02:00
Marius Blüm
6c22c0533e
Upgrade ownCloud from 8.2.3 to 8.2.7 
Signed-off-by: Marius Blüm <marius@lineone.io>
 2016-08-09 00:53:15 +02:00
Joshua Tauberer
d38b732b0a add a Code of Conduct 2016-08-08 08:19:42 -04:00
Joshua Tauberer
81b5af6b64 document fail2ban filters in security.md 2016-08-08 07:55:46 -04:00
Joshua Tauberer
fc5cc9753b roundcube 1.2.1 2016-08-08 07:32:02 -04:00
Joshua Tauberer
1aca6fe08f some minor tweaks to the new users/aliases API documentation 2016-08-08 07:28:10 -04:00
yodax
d6bd7f7795 When upgrading owncloud copy the database to the user-data/owncloud-backup directory 2016-08-01 14:36:55 +02:00
Joshua Tauberer
cf3e1cd595 add SRV records for CardDAV/CalDAV 
DavDroid's latest version's account configuration no longer just asked for a hostname. Its email address & password configuration mode did not work without a SRV record.
 2016-07-31 20:53:57 -04:00
yodax
c5f7af811a Fix fail2ban tests for owncloud 9 2016-07-31 16:33:57 +02:00
yodax
294f13c630 Merge branch 'master' into owncloud9 2016-07-31 14:58:58 +02:00
yodax
665d5fc06d Stop php5-fpm before owncloud upgrade to prevent database locks 2016-07-31 14:58:53 +02:00
Michael Kroes
3f65c7133f Add upgrade path from 8.1.1. Only do an upgrade check if owncloud was previously installed. 2016-07-30 08:15:46 +02:00
Michael Kroes
abe6bc743f When upgrading owncloud from 8.2.3 to 9.1.0 the backup of 8.2.3 was overwritten when going from 9.0 to 9.1 2016-07-29 17:46:33 +02:00
Joshua Tauberer
b044dda28f put the ufw status checks in the network section, add a punctuation mark, add changelog entry 2016-07-29 09:23:36 -04:00
Joshua Tauberer
f66f39b61d Merge branch 'ufw_status_check' of https://github.com/yodax/mailinabox 2016-07-29 09:16:22 -04:00
Joshua Tauberer
6de7d59f14 changelog entries 2016-07-29 09:12:01 -04:00
Michael Kroes
9c8f2e75fc allow i686 as a supported architecture 
This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 (#889)
 2016-07-29 09:07:16 -04:00
Joshua Tauberer
cbc4bf553d Merge pull request #880 from schlypel/master 
Added information about API endpoints
 2016-07-29 09:04:27 -04:00
Michael Kroes
4e3cfead46 Add HSTS to the control panel headers (#879) 2016-07-29 09:01:40 -04:00
Joshua Tauberer
8844a9185f Merge pull request #798 from mail-in-a-box/fail2banjails 
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
 2016-07-29 08:52:44 -04:00
Michael Kroes
f1ec1eb399 Add some comments to the code 2016-07-27 19:04:53 +02:00
Michael Kroes
fa5c4fb4e3 Add dav migrations for each user 2016-07-27 18:52:52 +02:00
Michael Kroes
2ac25b58d5 Remove php apc setting 2016-07-27 18:35:54 +02:00
Michael Kroes
e635b5e132 Install owncoud 9.1 and provide an upgrade path from 8.2. This also disables memcached and goes with apc. The upgrade fails with memcached. 2016-07-25 22:45:31 +02:00
schlypel
3249a55f3a added API info to users page template 2016-06-29 13:35:42 +02:00
schlypel
b58fb54725 added API info to aliases page template 2016-06-29 13:34:54 +02:00
Joshua Tauberer
82903cd09e Merge pull request #857 from biermeester/master 
Small extension to mail log management script
 2016-06-27 06:17:16 -04:00
Michael Kroes
fb14e30feb Remove owncloud log configuration from initial setup and only apply it during the configuration updates. This applies to both the timezone and the log format 2016-06-27 06:03:24 -04:00
Michael Kroes
d9ac321f25 Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused) 2016-06-27 06:03:19 -04:00
Michael Kroes
bf5e9200f8 Update owncloud url to use webdav and increase http timeout 2016-06-27 06:03:14 -04:00