Jump to content
Froxlor Forum

Release 0.9.29


d00p
 Share

Recommended Posts

Dear Froxlor Community,
 
you all have been waiting a long time for this and finally here it is. The first stable release of Froxlor to support Debian Wheezy (7).
 
Besides Wheezy-support, this release brings you quite some improvements as for example php-fpm per-domain php.ini support and customer-defined per-domain ssl-certificactes (if ssl ip/port exist) and much more. For all changes regarding the 0.9.29-release see also http://forum.froxlor.org/index.php/topic/12236-release-candidate-0929-rc1 (0.9-29-rc1).
 
Please be aware: after updating from 0.9.28 you should check the webserver-configuration "Webserver customer-ssl certificates-directory" as the defined directory (default /etc/apache2/ssl/) will be truncated by the cronjob. There are many installations using that folder - you might lose certificates, unrecoverable.

Changes in 0.9.29:
 

+ customers are now able to define ssl-certificates on a per-domain basis when SSL is enabled

+ Debian Wheezy support (configuration templates)

~ some minor fixes. All other changes, see http://forum.froxlor.org/index.php/topic/12236-release-candidate-0929-rc1

 
Important information: 

  • support for dovecot-1 on Gentoo has been dropped in 0.9.29 as Gentoo's tree does not include it anymore.
  • support for Ubuntu Hardy has been removed in 0.9.29 as it is unsupported since april 2013.

Download: 0.9.29
 
Update: Gentoo-ebuild and Debian packages (Squeeze and Wheezy) are now available.

 

Note: syscp sanity checks have been removed from the Wheezy package, you are on your own with removing syscp and moving your config which is what the package was doing / advised you to do.

the sid package has been removed for now, if there is need for it again we can reintroduce it, but for now, its gone

also we don't want to see "+2 upgrades" (eg. lenny -> wheezy) which was part of the reason of the change since we just expect you won't do such a thing... you won't, right? :)

 

Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net.
 
Thank you,
d00p

Link to comment
Share on other sites

Nice to see continuous progress on this project, and thanks d00p for all the work!

 

One point, however:

 

the defined directory (default /etc/apache2/ssl/) will be truncated by the cronjob

 

 

If this folder is truncated by the cronjob, wouldn't it be better to set the default to some folder which doesn't exist usually (for example /etc/froxlor/customer-certificates/), to avoid accidental damage? There may be people who don't read release notes before upgrading...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Similar Content

    • By d00p
      Dear Froxlor Community,
      this small release adds the ability for admins/resellers without the change-serversetting permission to adjust the domain-documentroot. We have also fixed a misbehaviour regarding standard-subdomain due to a wrong default value when updating a customer via API.
       
      Changes in 0.10.31:
      set correct php-version numbers for installation dependencies-check; fixes #997 fix behaviour in Customers.update() in case 'createstdsubdomain' is not set when called via API (wrong default); fixes #998 allow settings/updating documentroot (only relative to customer homedirectory) when change_serversettings permission is not granted; fixes #1000 fix Domains.update() with correct path and change_serversettings=0; fixes #1001  
      Download: 0.10.31 | website

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

      Thank you,
      d00p
    • By d00p
      Dear Froxlor Community,
      with the release of 0.10.28 we've introduced the possiblity to let customer use custom-database names if enabled in the settings. One of our community members found out that the parameter was not validated correctly and that a user with customer-privileges to the panel could exploit this with an SQL injection. The assigned CVE is CVE-2021-42325 and the fixing commit can be found here.
      Default froxlor installations are not affected per se as this feature requires an admin to set DBNAME in the corresponding "SQL prefix" setting to be enabled.
      Additionally, this release fixes minor validation in the SubDomains-module and the bulk-import of domains. You can now also specify that a newly created php-confiugrations gets assigned to all customers instead of having to add them to each customer manually.
      Changes in 0.10.30:
      fix validation of database_name if custom-database-name feature is enabled fix allowed-phpconfigs check in SubDomains.add() and SubDomains.update() adjust debian 11 config templates, fixes #982 don't remove 0-value parameter values from bulk-actions add possibility to assign new/edited php-config to all customer accounts; fixes #980 add complete list of nameserver-ips and given axfr-servers to allow-axfr-ips list for PowerDNS; fixes #985 fix api documentation for Domains.add() and Domains.update(); fixes #987 soften/correct permissions on pdns configs; fixes #991 check whether the domain to clean from pdns actually still exists there; fixes #992 avoid possible DivisionByZeroError in APCu info page, fixes #995  
      Download: 0.10.30 | website

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

      Thank you,
      d00p
    • By d00p
      Dear Froxlor Community,
      this release integrates a few security improvements that have been reported to us regarding the session settings, session id and possible url manipulation. Additionally, thanks to the guys from INWX, support for mysql-tls settings have been integrated in the installation-process and the system. Thanks again for the contribution.
      Changes in 0.10.29:
      set php session security related settings (httponly and secure flag) secure commonly used filename-variable against url manipulation generate unpredictable unique session ids fix session for 2fa enabled logins integrate the new czech language file; refs #976 possibility to decide whether target database should be dropped after backup when installing adds mysql tls support, refs #979 Changes in 0.10.29.1:
      fix fresh installation (database exist check)
        Download: 0.10.29.1 | website

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

      Thank you,
      d00p
    • By d00p
      Dear Froxlor Community,
      this release brings the ability to allow customers to set custom names when creating a database. Just set DBNAME as SQL prefix in the account settings. The DNS of a domain is now validated on creation and update if Let's Encrypt is enabled to ensure the domain resolves to one of the server's (and selected!) IP addresses to prevent failure when generating certificates. Additionally to the new logo upload possibility introduced in 0.10.27 we've re-enabled the overwriting of theme-logo's using the logo_custom.png and logo_custom_login.png files and also introduce new settings to control whether this is wanted or not (see panel settings, right above the logo upload).
      Changes in 0.10.28:
      added new sql-prefix mode DBNAME in order to allow custom database names; fixes #672 correct heredoc indentation in AcmeSh for php-7.1 - php-7.3; fixes #957 fixed Minimum and Expired SOA-Records according to RFC; see #959 have more power over theme logo, custom theme logo and uploaded logo; fixes #958 added option to disable creation of default subdomain; fixes #960 added/updated czech language file; see #870 added Buypass to the list of ACME providers; see #968 add setting for a custom system group for all customer-users (requires libnss-extrausers); fixes #953 check dns for lets encrypt when adding/editing domains and via cron; fixes #971  
      Download: 0.10.28 | website

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

      Thank you,
      d00p
    • By d00p
      Dear Froxlor Community,
      in this release, we start to support the new Debian Bullseye (11) distribution (including packages via deb.froxlor.org). We have also added the ZeroSSL endpoint as an alternative to Let's Encrypt, you can read more about ZeroSSL here: https://zerossl.com/letsencrypt-alternative/. It is now also possible to customize the login and header logo from within the panel-settings. For users that are currently using the custom_logo.png file to override it - the updater will convert it for you.
      Changes in 0.10.27:
      added a default robots.txt to avoid indexing by search-engines add setting for default serveralias value for new domains prefer custom zone entries over automatically created ones when system.dns_createmailentry is enabled; fixes #944 support ZeroSSL via acme.sh (v3); fixes #946 allow defining php_value/php_admin_value for session.save_path when using php-fpm; fixes #954 possibility to upload custom header/login logo, refs #948 possibility to specify custom css; refs #949 bump phpmailer/phpmailer from 6.4.1 to 6.5.0 support for Debian Jessie has been dropped  
      Download: 0.10.27 | website

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

      Thank you,
      d00p
×
×
  • Create New...