- 23 Sep, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #945, corrects prev commit (#947) in case of multiple AAAA records, adds changelog
-
Mathis Hoffmann authored
see #945, merges #947
-
- 18 Sep, 2016 1 commit
-
-
Scott Bronson authored
-
- 16 Sep, 2016 1 commit
-
-
Joshua Tauberer authored
fix status_checks.py free disk space reporting, fixes #932
-
- 15 Sep, 2016 1 commit
-
-
cs@twoflower authored
-
- 24 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
-
- 22 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
-
- 20 Aug, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work. Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway. The vulnerability was created by 6d6f3ea3. See #914. This is the v0.19b hotfix commit.
-
- 19 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work. Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
-
- 18 Aug, 2016 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
fixes #911
-
- 16 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge pull request #900 from mail-in-a-box/code_of_conduct
-
Joshua Tauberer authored
-
- 15 Aug, 2016 2 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
ReadmeCritic authored
-
- 13 Aug, 2016 2 commits
-
-
Joshua Tauberer authored
Merge https://github.com/mar1u5/mailinabox fixes #901
-
Joshua Tauberer authored
closes #898
-
- 08 Aug, 2016 6 commits
-
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Marius Blüm authored
Signed-off-by: Marius Blüm <marius@lineone.io>
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 01 Aug, 2016 1 commit
-
-
Joshua Tauberer authored
DavDroid's latest version's account configuration no longer just asked for a hostname. Its email address & password configuration mode did not work without a SRV record.
-
- 29 Jul, 2016 7 commits
-
-
Joshua Tauberer authored
-
-
Joshua Tauberer authored
-
Michael Kroes authored
This is checked during preflight. See https://github.com/mail-in-a-box/mailinabox/issues/885 (#889)
-
Joshua Tauberer authored
Added information about API endpoints
-
Michael Kroes authored
-
Joshua Tauberer authored
add fail2ban jails for ownCloud, postfix submission, roundcube, and the Mail-in-a-Box management daemon
-
- 29 Jun, 2016 2 commits
- 27 Jun, 2016 3 commits
-
-
Joshua Tauberer authored
Small extension to mail log management script
-
Michael Kroes authored
Remove owncloud log configuration from initial setup and only apply it during the configuration updates. This applies to both the timezone and the log format
-
Michael Kroes authored
Owncloud needs more time to detect blocks. It doesn't respond as fast as the other services. Also owncloud logs UTC (since latest update) even though the timezone is not UTC. Also to detect a block, we get a timeout instead of a refused)
-