- 27 Sep, 2016 1 commit
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
- 23 Sep, 2016 6 commits
-
-
Michael Kroes authored
fixes #534, again, hopefully
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #945, corrects prev commit (#947) in case of multiple AAAA records, adds changelog
-
Mathis Hoffmann authored
see #945, merges #947
-
- 18 Sep, 2016 1 commit
-
-
Scott Bronson authored
-
- 16 Sep, 2016 1 commit
-
-
Joshua Tauberer authored
fix status_checks.py free disk space reporting, fixes #932
-
- 15 Sep, 2016 1 commit
-
-
cs@twoflower authored
-
- 24 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
-
- 22 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
-
- 20 Aug, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work. Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway. The vulnerability was created by 6d6f3ea3. See #914. This is the v0.19b hotfix commit.
-
- 19 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work. Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
-
- 18 Aug, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #911
-
- 16 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge pull request #900 from mail-in-a-box/code_of_conduct
-
Joshua Tauberer authored
-
- 15 Aug, 2016 2 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
ReadmeCritic authored
-
- 13 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge https://github.com/mar1u5/mailinabox fixes #901
-
Joshua Tauberer authored
closes #898
-
- 08 Aug, 2016 6 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 01 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
DavDroid's latest version's account configuration no longer just asked for a hostname. Its email address & password configuration mode did not work without a SRV record.
-
- 29 Jul, 2016 7 commits
-
-
Joshua Tauberer authored
-
-
Joshua Tauberer authored
-
Michael Kroes authored
This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 (#889)
-
Joshua Tauberer authored
Added information about API endpoints
-
Michael Kroes authored
-
Joshua Tauberer authored
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
-
- 29 Jun, 2016 1 commit
-
-
schlypel authored
-