- 19 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work. Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
-
- 18 Aug, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #911
-
- 16 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge pull request #900 from mail-in-a-box/code_of_conduct
-
Joshua Tauberer authored
-
- 15 Aug, 2016 2 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
ReadmeCritic authored
-
- 13 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge https://github.com/mar1u5/mailinabox fixes #901
-
Joshua Tauberer authored
closes #898
-
- 08 Aug, 2016 6 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 01 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
DavDroid's latest version's account configuration no longer just asked for a hostname. Its email address & password configuration mode did not work without a SRV record.
-
- 29 Jul, 2016 7 commits
-
-
Joshua Tauberer authored
-
-
Joshua Tauberer authored
-
Michael Kroes authored
This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 (#889)
-
Joshua Tauberer authored
Added information about API endpoints
-
Michael Kroes authored
-
Joshua Tauberer authored
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
-
- 29 Jun, 2016 2 commits
- 27 Jun, 2016 4 commits
-
-
Joshua Tauberer authored
Small extension to mail log management script
-
Michael Kroes authored
Remove owncloud log configuration from initial setup and only apply it during the configuration updates. This applies to both the timezone and the log format
-
Michael Kroes authored
Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused)
-
Michael Kroes authored
-
- 12 Jun, 2016 3 commits
-
-
Joshua Tauberer authored
for DANE, the smtp_tls_mandatory_protocols setting seems like it also needs to be set (unlike the cipher settings, this isn't documented to be in addition to the non-mandatory setting)
-
Joshua Tauberer authored
outbound SMTP connections should use the same TLS settings as inbound: drop SSLv2, SSLv3, anonymous ciphers, RC4
-
Joshua Tauberer authored
Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html, Google is about to do the same. fixes #611
-
- 10 Jun, 2016 3 commits
- 06 Jun, 2016 4 commits
-
-
Michael Kroes authored
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon (tests squashed into this commit by josh)
-
Chris Blankenship authored
-
aspdye authored
closes #840
-
Joshua Tauberer authored
There hasn't been a sqlite migration yet, since Mail-in-a-Box's creation, but with Roundcube 1.2 there will be.
-