mailinabox/setup
John R. Supplee 4686c8cd25 v0.43 (September 1, 2019)
-------------------------
 
 Security fixes:
 
 * A security issue was discovered in rsync backups. If you have enabled rsync backups, the file `id_rsa_miab` may have been copied to your backup destination. This file can be used to access your backup destination. If the file was copied to your backup destination, we recommend that you delete the file on your backup destination, delete `/root/.ssh/id_rsa_miab` on your Mail-in-a-Box, then re-run Mail-in-a-Box setup, and re-configure your SSH public key at your backup destination according to the instructions in the Mail-in-a-Box control panel.
 * Brute force attack prevention was missing for the managesieve service.
 
 Setup:
 
 * Nextcloud was not upgraded properly after restoring Mail-in-a-Box from a backup from v0.40 or earlier.
 
 Mail:
 
 * Upgraded Roundcube to 1.3.10.
 * Fetch an updated whitelist for greylisting on a monthly basis to reduce the number of delayed incoming emails.
 
 Control panel:
 
 * When using secondary DNS, it is now possible to specify a subnet range with the `xfr:` option.
 * Fixed an issue when the secondary DNS option is used and the secondary DNS hostname resolves to multiple IP addresses.
 * Fix a bug in how a backup configuration error is shown.
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl1rrwIPHGp0QG9jY2Ft
 cy5pbmZvAAoJELkgQfTBC92BgckIALFnDFxhQ18MtClpi79+rnl1aA5DqbToCuI2
 MHIAOmxIVSavnd5MZZ3efXWAzIniEpbq0X+6Rlzas5lkreT1mHoJsKdkt0bOqy1a
 ZF2vT5UnUM9cwPHkU1ak/TaD9v97wbHpWWGwAK+/zTL6w1ReCVfQ2QzCzoDaY7xh
 OZFXE+YsaI7qZeG3Q4jfFr0IYDowLgjgBpdWvO71QKzWjIIvBNX1ZGt2r+cuKmQ5
 JOXIAR4fdri0p8dMd2sqq0FatBBCfjHDBykA/+GzJJDBX7MNoZsQT3bowrhj8XPS
 f5cKUKm7zlDsm02bfCtDD6nvYYUxvOdQx7yfdL8RYSdy71Chs20=
 =7M/i
 -----END PGP SIGNATURE-----

Merge tag 'v0.43' of https://github.com/mail-in-a-box/mailinabox

v0.43 (September 1, 2019)
-------------------------

Security fixes:

* A security issue was discovered in rsync backups. If you have enabled rsync backups, the file `id_rsa_miab` may have been copied to your backup destination. This file can be used to access your backup destination. If the file was copied to your backup destination, we recommend that you delete the file on your backup destination, delete `/root/.ssh/id_rsa_miab` on your Mail-in-a-Box, then re-run Mail-in-a-Box setup, and re-configure your SSH public key at your backup destination according to the instructions in the Mail-in-a-Box control panel.
* Brute force attack prevention was missing for the managesieve service.

Setup:

* Nextcloud was not upgraded properly after restoring Mail-in-a-Box from a backup from v0.40 or earlier.

Mail:

* Upgraded Roundcube to 1.3.10.
* Fetch an updated whitelist for greylisting on a monthly basis to reduce the number of delayed incoming emails.

Control panel:

* When using secondary DNS, it is now possible to specify a subnet range with the `xfr:` option.
* Fixed an issue when the secondary DNS option is used and the secondary DNS hostname resolves to multiple IP addresses.
* Fix a bug in how a backup configuration error is shown.
2019-09-02 18:39:23 -04:00
..
bootstrap.sh v0.43 (September 1, 2019) 2019-09-02 18:39:23 -04:00
dkim.sh minimal changeset to get things working on 18.04 2018-10-03 13:00:06 -04:00
dns.sh Add a logfile entry to the NSD conf file (#1434) 2018-12-02 18:00:16 -05:00
firstuser.sh bash strict mode fixes (#1482) 2018-12-13 20:30:05 -05:00
functions.sh hide 'RTNETLINK answers: Network is unreachable' error message during setup if IPv6 is not available (#1576) 2019-05-15 11:57:06 -07:00
mail-dovecot.sh v0.42b (August 3, 2019) 2019-08-28 17:26:00 -04:00
mail-postfix.sh v0.43 (September 1, 2019) 2019-09-02 18:39:23 -04:00
mail-users.sh mail setup fixes 2019-02-05 13:34:37 +02:00
management.sh hide virtualenv output (#1578) 2019-05-15 11:59:32 -07:00
migrate.py roundcube: upgrade carddav plugin to 3.0.3 & updated migrate.py (#1479) 2018-12-03 15:33:36 -05:00
munin.sh check that munin-cron is not running (via cron) when it is run in setup, fixes #660 (#1579) 2019-05-15 11:58:40 -07:00
network-checks.sh prevent apt from asking the user any questions 2015-02-13 13:41:52 +00:00
nextcloud.sh Change Nextcloud upgrade logic to look at STORAGE_ROOT's config.php version vs /usr/local's version.php version (#1632) 2019-08-31 08:50:36 -04:00
preflight.sh RAM limit to 502Mb to meet EC2 & Vultr 512Mb inst. (#1560) 2019-04-14 16:33:50 -04:00
questions.sh Fix some more $DEFAULT_PUBLIC_IP issues (#1494) 2018-12-26 15:39:47 -05:00
spamassassin.sh Add X-Spam-Score header to checked mail (#1292) 2017-12-18 08:17:47 -05:00
ssl.sh only set the CN field when generating initial CSR to prevent issues with the php7 ppa version of openssl (#1223) 2017-07-30 08:11:39 -04:00
start.sh turn on bash strict mode to better catch setup errors 2018-11-30 10:46:54 -05:00
system.sh fail2ban ssh/ssh-ddos and sasl are now sshd and postfix-sasl (fixes #1453, merges #1454) 2019-01-18 09:40:51 -05:00
web.sh update to PHP 7.2 2018-10-03 13:00:15 -04:00
webmail.sh v0.43 (September 1, 2019) 2019-09-02 18:39:23 -04:00
zpush.sh Upgrade Z-Push to 2.5.0 (#1581) 2019-06-16 11:07:45 -04:00