1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00

Update CHANGELOG.md and process towncrier newsfragments.

This commit is contained in:
Diman0 2021-08-06 22:35:37 +02:00 committed by Florent Daigniere
parent 24747e33de
commit 529994c095
14 changed files with 29 additions and 17 deletions

View File

@ -4,18 +4,44 @@ Changelog
Upgrade should run fine as long as you generate a new compose or stack
configuration and upgrade your mailu.env.
Please note that the current 1.8 is what we call a "soft release": It’s there for everyone to see and use, but to limit possible user-impact of this very big release, it’s not yet the default in the setup-utility for new users. When upgrading, please treat it with some care, and be sure to always have backups!
There are some changes to the configuration overrides. Override files are now mounted read-only into the containers.
The Dovecot and Postfix overrides are moved in their own sub-directory.
If there are local override files, they will need to be moved from overrides/ to overrides/dovecot and overrides/postfix/.
See https://mailu.io/1.8/faq.html#how-can-i-override-settings for all the mappings.
<<<<<<< HEAD
Please note that the shipped image for PostgreSQL database is deprecated.
We advise to switch to an external database server.
=======
One major change for the docker compose file is that the antispam needs a fixed hostname [#1837](https://github.com/Mailu/Mailu/issues/1837).
This is handled when you regenerate the docker-compose file. A fixed hostname is required to retain rspamd history.
Please not that the shipped image for PostgreSQL database is deprecated.
We advise to switch to an external PostgreSQL database server.
>>>>>>> afaacf5a... Update CHANGELOG.md and process towncrier newsfragments.
<!-- TOWNCRIER -->
v1.8.0 - 2020-09-28
1.8.0 - 2021-08-06
--------------------
- Features: Update version of roundcube webmail and carddav plugin. This is a security update. ([#1841](https://github.com/Mailu/Mailu/issues/1841))
- Features: Update version of rainloop webmail to 1.16.0. This is a security update. ([#1845](https://github.com/Mailu/Mailu/issues/1845))
- Features: Changed default value of AUTH_RATELIMIT_SUBNET to false. Increased default value of the rate limit in setup utility (AUTH_RATELIMIT) to a higher value. ([#1867](https://github.com/Mailu/Mailu/issues/1867))
- Features: Update jquery used in setup. Set pinned versions in requirements.txt for setup. This is a security update. ([#1880](https://github.com/Mailu/Mailu/issues/1880))
- Bugfixes: Replace PUBLIC_HOSTNAME and PUBLIC_IP in "Received" headers to ensure that no undue spam points are attributed ([#191](https://github.com/Mailu/Mailu/issues/191))
- Bugfixes: Don't replace nested headers (typically in attached emails) ([#1660](https://github.com/Mailu/Mailu/issues/1660))
- Bugfixes: Fix letsencrypt access to certbot for the mail-letsencrypt flavour ([#1686](https://github.com/Mailu/Mailu/issues/1686))
- Bugfixes: Fix CVE-2020-25275 and CVE-2020-24386 by using alpine 3.13 for
dovecot which contains a fixed dovecot version. ([#1720](https://github.com/Mailu/Mailu/issues/1720))
- Bugfixes: Antispam service now uses a static hostname. Rspamd history is only retained when the service has a fixed hostname. ([#1837](https://github.com/Mailu/Mailu/issues/1837))
- Bugfixes: Fix a bug preventing colons from being used in passwords when using radicale/webdav. ([#1861](https://github.com/Mailu/Mailu/issues/1861))
- Bugfixes: Remove dot in blueprint name to prevent critical flask startup error in setup. ([#1874](https://github.com/Mailu/Mailu/issues/1874))
- Bugfixes: fix punycode encoding of domain names ([#1891](https://github.com/Mailu/Mailu/issues/1891))
- Improved Documentation: Update fail2ban documentation to use systemd backend instead of filepath for journald ([#1857](https://github.com/Mailu/Mailu/issues/1857))
- Misc: ([#1783](https://github.com/Mailu/Mailu/issues/1783))
v1.8.0rc - 2020-09-28
--------------------
- Features: Add support for backward-forwarding using SRS ([#328](https://github.com/Mailu/Mailu/issues/328))

View File

@ -1 +0,0 @@
Don't replace nested headers (typically in attached emails)

View File

@ -1 +0,0 @@
Fix letsencrypt access to certbot for the mail-letsencrypt flavour

View File

@ -1,2 +0,0 @@
Fix CVE-2020-25275 and CVE-2020-24386 by using alpine 3.13 for
dovecot which contains a fixed dovecot version.

View File

@ -1 +0,0 @@
Switch from client side sessions (cookies) to server-side sessions (Redis). This simplies the security model a lot and allows for an easier recovery should a cookie ever land in the hands of an attacker.

View File

@ -1 +0,0 @@
Antispam service now uses a static hostname. Rspamd history is only retained when the service has a fixed hostname.

View File

@ -1 +0,0 @@
Update version of roundcube webmail and carddav plugin. This is a security update.

View File

@ -1 +0,0 @@
Update version of rainloop webmail to 1.16.0. This is a security update.

View File

@ -1 +0,0 @@
Update fail2ban documentation to use systemd backend instead of filepath for journald

View File

@ -1 +0,0 @@
Fix a bug preventing colons from being used in passwords when using radicale/webdav.

View File

@ -1 +0,0 @@
Changed default value of AUTH_RATELIMIT_SUBNET to false. Increased default value of the rate limit in setup utility (AUTH_RATELIMIT) to a higher value.

View File

@ -1 +0,0 @@
Remove dot in blueprint name to prevent critical flask startup error in setup.

View File

@ -1 +0,0 @@
Update jquery used in setup. Set pinned versions in requirements.txt for setup. This is a security update.

View File

@ -1 +0,0 @@
Replace PUBLIC_HOSTNAME and PUBLIC_IP in "Received" headers to ensure that no undue spam points are attributed