All Versions
62
Latest Version
Avg Release Cycle
66 days
Latest Release
1012 days ago

Changelog History
Page 5

  • v0.17.b Changes

    March 01, 2016

    ๐Ÿšš ownCloud moved their source code to a new location, breaking our installation script.

  • v0.16 Changes

    January 30, 2016

    โšก๏ธ This update primarily adds automatic SSL (now "TLS") certificate provisioning from Let's Encrypt (https://letsencrypt.org/).

    Control Panel:

    • ๐Ÿ‘ The SSL certificates (now referred to as "TLS ccertificates") page now supports provisioning free certificates from Let's Encrypt.
    • ๐Ÿ†“ Report free memory usage.
    • ๐Ÿ›  Fix a crash when the git directory is not checked out to a tag.
    • When IPv6 is enabled, check that all domains (besides the system hostname) resolve over IPv6.
    • When a domain doesn't resolve to the box, don't bother checking if the TLS certificate is valid.
    • โœ‚ Remove rounded border on the menu bar.

    Other:

    • The Sieve port is now open so tools like the Thunderbird Sieve extension can be used to edit mail filters.
    • ๐Ÿ‘ .be domains now offer DNSSEC options supported by the TLD
    • The daily backup will now email the administrator if there is a problem.
    • Expiring TLS certificates are now automatically renewed via Let's Encrypt.
    • ๐Ÿ›  File ownership for installed Roundcube files is fixed.
    • โœ๏ธ Typos fixed.
  • v0.15 Changes

    January 01, 2016

    Mail:

    • โšก๏ธ Updated Roundcube to version 1.1.3.
    • Auto-create aliases for abuse@, as required by RFC2142.
    • The DANE TLSA record is changed to use the certificate subject public key rather than the whole certificate, which means the record remains valid after certificate changes (so long as the private key remains the same, which it does for us).

    Control panel:

    • When IPv6 is enabled, check that system services are accessible over IPv6 too, that the box's hostname resolves over IPv6, and that reverse DNS is setup correctly for IPv6.
    • ๐Ÿ›  Explanatory text for setting up secondary nameserver is added/fixed.
    • โฑ DNS checks now have a timeout in case a DNS server is not responding, so the checks don't stall indefinitely.
    • ๐Ÿ‘ Better messages if external DNS is used and, weirdly, custom secondary nameservers are set.
    • โž• Add POP to the mail client settings documentation.
    • The box's IP address is added to the fail2ban whitelist so that the status checks don't trigger the machine banning itself, which results in the status checks showing services down even though they are running.
    • 0๏ธโƒฃ For SSL certificates, rather than asking you what country you are in during setup, ask at the time a CSR is generated. The default system self-signed certificate now omits a country in the subject (it was never needed). The CSR_COUNTRY Mail-in-a-Box setting is dropped entirely.

    System:

    • ๐Ÿšš Nightly backups and system status checks are now moved to 3am in the system's timezone.
    • fail2ban's recidive jail is now active, which guards against persistent brute force login attacks over long periods of time.
    • Setup (first run only) now asks for your timezone to set the system time.
    • The Exchange/ActiveSync server is now taken offline during nightly backups (along with SMTP and IMAP).
    • ๐Ÿ‘€ The machine's random number generator (/dev/urandom) is now seeded with Ubuntu Pollinate and a blocking read on /dev/random.
    • DNSSEC key generation during install now uses /dev/urandom (instead of /dev/random), which is faster.
    • The $STORAGE_ROOT/ssl directory is flattened by a migration script and the system SSL certificate path is now a symlink to the actual certificate.
    • If ownCloud sends out email, it will use the box's administrative address now (admin@yourboxname).
    • ๐Ÿ”Š Z-Push (Exchange/ActiveSync) logs now exclude warnings and are now rotated to save disk space.
    • ๐Ÿ›  Fix pip command that might have not installed all necessary Python packages.
    • ๐Ÿ“ฆ The control panel and backup would not work on Google Compute Engine because GCE installs a conflicting boto package.
    • โž• Added a new command management/backup.py --restore to restore files from a backup to a target directory (command line arguments are passed to duplicity restore).
  • v0.15.a Changes

    January 09, 2016

    Mail:

    • ๐Ÿ›  Sending mail through Exchange/ActiveSync (Z-Push) had been broken since v0.14 in some setups. This is now fixed.
  • v0.14 Changes

    November 04, 2015

    Mail:

    • โœ… Spamassassin's network-based tests (Pyzor, others) and DKIM tests are now enabled. (Pyzor had always been installed but was not active due to a misconfiguration.)
    • Moving spam out of the Spam folder and into Trash would incorrectly train Spamassassin that those messages were not spam.
    • Automatically create the Sent and Archive folders for new users.
    • ๐Ÿ”Œ The HTML5_Notifier plugin for Roundcube is now included, which when turned on in Roundcube settings provides desktop notifications for new mail.
    • โšก๏ธ The Exchange/ActiveSync backend Z-Push has been updated to fix a problem with CC'd emails not being sent to the CC recipients.

    Calender/Contacts:

    • ๐Ÿ”ง CalDAV/CardDAV and Exchange/ActiveSync for calendar/contacts wasn't working in some network configurations.

    ๐ŸŒ Web:

    • When a new domain is added to the box, rather than applying a new self-signed certificate for that domain, the SSL certificate for the box's primary hostname will be used instead.
    • ๐Ÿ”ง If a custom DNS record is set on a domain or 'www'+domain, web would not be served for that domain. If the custom DNS record is just the box's IP address, that's a configuration mistake, but allow it and let web continue to be served.
    • Accommodate really long domain names by increasing an nginx setting.

    Control panel:

    • โž• Added an option to check for new Mail-in-a-Box versions within status checks. It is off by default so that boxes don't "phone home" without permission.
    • โž• Added a random password generator on the users page to simplify creating new accounts.
    • ๐Ÿ”’ When S3 backup credentials are set, the credentials are now no longer ever sent back from the box to the client, for better security.
    • ๐Ÿ›  Fixed the jumpiness when a modal is displayed.
    • Focus is put into the login form fields when the login form is displayed.
    • โš  Status checks now include a warning if a custom DNS record has been set on a domain that would normally serve web and as a result that domain no longer is serving web.
    • Status checks now check that secondary nameservers, if specified, are actually serving the domains.
    • Some errors in the control panel when there is invalid data in the database or an improperly named archived user account have been suppressed.
    • โž• Added subresource integrity attributes to all remotely-sourced resources (i.e. via CDNs) to guard against CDNs being used as an attack vector.

    System:

    • ๐Ÿ‘‰ Tweaks to fail2ban settings.
    • ๐Ÿ›  Fixed a spurrious warning while installing munin.
  • v0.13.b Changes

    August 30, 2015

    โฌ†๏ธ Another ownCloud 8.1.1 issue was found. New installations left ownCloud improperly setup ("You are accessing the server from an untrusted domain."). Upgrading to this version will fix that.

  • v0.13.a Changes

    August 23, 2015

    โฌ†๏ธ Note: v0.13 (no 'a', August 19, 2015) was pulled immediately due to an ownCloud bug that prevented upgrades. v0.13a works around that problem.

    Mail:

    • Outbound mail headers (the Recieved: header) are tweaked to possibly improve deliverability.
    • ๐Ÿ“ฆ Some MIME messages would hang Roundcube due to a missing package.
    • The users permitted to send as an alias can now be different from where an alias forwards to.

    DNS:

    • The secondary nameservers option in the control panel now accepts more than one nameserver and a special xfr:IP format to specify zone-transfer-only IP addresses.
    • ๐Ÿ‘ A TLSA record is added for HTTPS for DNSSEC-aware clients that support it.

    System:

    • Backups can now be turned off, or stored in Amazon S3, through new control panel options.
    • Munin was not working on machines confused about their hostname and had lots of errors related to PANGO, NTP peers and network interfaces that were not up.
    • โšก๏ธ ownCloud updated to version 8.1.1 (with upgrade work-around), its memcached caching enabled.
    • โฌ†๏ธ When upgrading, network checks like blocked port 25 are now skipped.
    • ๐Ÿ‘‰ Tweaks to the intrusion detection rules for IMAP.
    • Mail-in-a-Box's setup is a lot quieter, hiding lots of irrelevant messages.

    Control panel:

    • SSL certificate checks were failing on OVH/OpenVZ servers due to missing /dev/stdin.
    • ๐Ÿ‘Œ Improve the sort order of the domains in the status checks.
    • Some links in the control panel were only working in Chrome.
  • v0.12 Changes

    July 03, 2015

    โšก๏ธ This is a minor update to v0.11, which was a major update. Please read v0.11's advisories.

    • The administrator@ alias was incorrectly created starting with v0.11. If your first install was v0.11, check that the administrator@ alias forwards mail to you.
    • Intrusion detection rules (fail2ban) are relaxed (i.e. less is blocked).
    • SSL certificates could not be installed for the new automatic 'www.' redirect domains.
    • 0๏ธโƒฃ PHP's default character encoding is changed from no default to UTF8. The effect of this change is unclear but should prevent possible future text conversion issues.
    • ๐Ÿ‘‰ User-installed SSL private keys in the BEGIN PRIVATE KEY format were not accepted.
    • SSL certificates with SAN domains with IDNA encoding were broken in v0.11.
    • Some IDNA functionality was using IDNA 2003 rather than IDNA 2008.
  • v0.12.c Changes

    July 19, 2015

    โ†ช v0.12c was posted to work around the current Sourceforge.net outage: pyzor's remote server is now hard-coded rather than accessing a file hosted on Sourceforge, and roundcube is now downloaded from a Mail-in-a-Box mirror rather than from Sourceforge.

  • v0.12.b Changes

    July 04, 2015

    This version corrects a minor regression in v0.12 related to creating aliases targetting multiple addresses.