1. 09 Nov, 2016 1 commit
    • Scott Bronson's avatar
      suppress Ubuntu's upgrade prompts (#992) · 6ea1a06a
      Scott Bronson authored
      On every login we're notified:
      
        New release '16.04.1 LTS' available.
        Run 'do-release-upgrade' to upgrade to it.
      
      Disable this so that an eager yet inattentive admin
      doesn't accidentally follow these instructions.
      6ea1a06a
  2. 24 Oct, 2016 1 commit
  3. 21 Oct, 2016 1 commit
  4. 18 Oct, 2016 2 commits
    • Tristan Hill's avatar
      disable nested checker checks (#972) · 4b07a6aa
      Tristan Hill authored
      fixes #967
      4b07a6aa
    • Michael Kroes's avatar
      update to ownCloud 9.1.1 (with intermediate upgrades) (#894) · 2151d814
      Michael Kroes authored
      [this is a squashed merge from-]
      
      * Install owncoud 9.1 and provide an upgrade path from 8.2. This also disables memcached and goes with apc. The upgrade fails with memcached.
      
      * Remove php apc setting
      
      * Add dav migrations for each user
      
      * Add some comments to the code
      
      * When upgrading owncloud from 8.2.3 to 9.1.0 the backup of 8.2.3 was overwritten when going from 9.0 to 9.1
      
      * Add upgrade path from 8.1.1. Only do an upgrade check if owncloud was previously installed.
      
      * Stop php5-fpm before owncloud upgrade to prevent database locks
      
      * Fix fail2ban tests for owncloud 9
      
      * When upgrading owncloud copy the database to the user-data/owncloud-backup directory
      
      * Remove not need unzip directives during owncloud extraction. Directory is removed beforehand so a normal extraction is fine
      
      * Improve backup of owncloud installation and provide a post installation restore script. Update the owncloud version number to 9.1.1. Update the calendar and contacts apps to the latest versions
      
      * Separate the ownCloud upgrades visually in the console output.
      2151d814
  5. 15 Oct, 2016 2 commits
  6. 08 Oct, 2016 2 commits
  7. 05 Oct, 2016 1 commit
  8. 28 Sep, 2016 2 commits
  9. 27 Sep, 2016 1 commit
  10. 23 Sep, 2016 6 commits
  11. 19 Sep, 2016 1 commit
  12. 18 Sep, 2016 1 commit
  13. 16 Sep, 2016 1 commit
  14. 15 Sep, 2016 1 commit
  15. 24 Aug, 2016 1 commit
  16. 22 Aug, 2016 1 commit
  17. 20 Aug, 2016 3 commits
    • Joshua Tauberer's avatar
      merge v0.19b hot fix release · 27b4edfc
      Joshua Tauberer authored
      27b4edfc
    • Joshua Tauberer's avatar
      v0.19b · ba75ff78
      Joshua Tauberer authored
      ba75ff78
    • Joshua Tauberer's avatar
      simplify how munin-cgi-graph is called to reduce the attack surface area · a14b1779
      Joshua Tauberer authored
      Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.
      
      Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
      
      The vulnerability was created by 6d6f3ea3.
      
      See #914.
      
      This is the v0.19b hotfix commit.
      a14b1779
  18. 19 Aug, 2016 1 commit
    • Joshua Tauberer's avatar
      simplify how munin-cgi-graph is called to reduce the attack surface area · 35a360ef
      Joshua Tauberer authored
      Seems like if REQUEST_METHOD is set to GET, then we can drop two redundant ways the query string is given. munin-cgi-graph itself reads the environment variables only, but its calls to Perl's CGI::param will look at the command line if REQUEST_METHOD is not used, otherwise it uses environment variables like CGI used to work.
      
      Since this is all behind admin auth anyway, there isn't a public vulnerability. #914 was opened without comment which lead me to notice the redundancy and worry about a vulnerability, before I realized this is admin-only anyway.
      35a360ef
  19. 18 Aug, 2016 3 commits
  20. 16 Aug, 2016 2 commits
  21. 15 Aug, 2016 2 commits
  22. 13 Aug, 2016 2 commits
  23. 08 Aug, 2016 2 commits