CHANGELOG 10.1 KB
Newer Older
1
2
CHANGELOG
---------
3

4
5
6
7
2021-12-13
  sympl-core
    * Updated workaround for Let's Encrypt cross-signed intermediate

Paul Cammish's avatar
Paul Cammish committed
8
9
10
11
2021-10-03
  sympl-core
    * Workaround for Let's Encrypt cross-signed intermediate

12
13
14
15
2021-10-01
  sympl-core
    * Updated acme-client library to 2.0.9

16
2021-09-21
17
  sympl-mail
18
19
    * Deal with aliases correctly when no mailboxes directory exists

Paul Cammish's avatar
Paul Cammish committed
20
2021-08-19
21
  all packages
Paul Cammish's avatar
Paul Cammish committed
22
    * Debian Bullseye Release
23
  sympl-core
Paul Cammish's avatar
Paul Cammish committed
24
    * Updates to MOTD and banners
Paul Cammish's avatar
Paul Cammish committed
25
26

2021-08-18
27
  sympl-core
Paul Cammish's avatar
Paul Cammish committed
28
29
30
31
32
33
34
35
    * Check htdocs/stats for AWFFull rather than Webalizer
  sympl-web
    * Update Webalizer references to AWFFull
    * Disable default AWFFull cron
  sympl-mail
    * Further fixes for Exim 4.94 in Debian Bullseye
  
2021-08-13
36
  sympl-mail
Paul Cammish's avatar
Paul Cammish committed
37
38
    * use systemd socket activation for sympl-mail-poppassd    

Paul Cammish's avatar
Paul Cammish committed
39
40
41
42
2021-04-09
  sympl-core
    * Update sympl.host to sympl.io

Paul Cammish's avatar
Paul Cammish committed
43
44
2021-04-08
  sympl-mail
Paul Cammish's avatar
Paul Cammish committed
45
46
    * Fix tag option for antispam and antivirus configs (#310)
    * Mail identified as spam now adds '[spam]' to the subject of incoming mail
Paul Cammish's avatar
Paul Cammish committed
47

Paul Cammish's avatar
Paul Cammish committed
48
2021-02-15
49
50
  all packages
    * Updated version numbering format
Paul Cammish's avatar
Paul Cammish committed
51
52
  sympl-mysql
    * Fixed creating 'sympl' MySQL user
53
54
  sympl-web
    * Removed deprecated Apache VHost mod
Paul Cammish's avatar
Paul Cammish committed
55
56
57
58
59

2021-02-12
  sympl-mail
    * Final fixes for Exim 4.94

60
61
62
63
64
65
66
67
2021-02-11
  sympl-mail
    * Further fixes for Exim 4.94

2021-02-10
  sympl-mail
    * Fixes for Exim 4.94

68
69
2021-02-09
  all packages
70
71
72
73
74
    * Updated versioning for Debian Bullseye
    * Tidied up old dependencies
  sympl-web
    * Replaced Webalizer with AWFFull
    * Removed deprecated php-mcrypt
Paul Cammish's avatar
Paul Cammish committed
75
76
  sympl-core
    * Updated MOTD version number
Paul Cammish's avatar
Paul Cammish committed
77
    
Paul Cammish's avatar
Paul Cammish committed
78
79
80
81
2020-09-23
  sympl-core
    * Properly filter public/cgi-bin

Paul Cammish's avatar
Paul Cammish committed
82
83
84
85
86
87
2020-09-15
  sympl-phpmyadmin
    * Package now available in Buster, using phpMyAdmin from Debian Backports
  sympl-core
    * Enabled Debian Backports repo for Buster to allow installation of phpMyAdmin

88
89
90
2020-09-09
  sympl-web
    * Adds support for optional Apache configs in config/apache.d/*.conf (#300)
Paul Cammish's avatar
Paul Cammish committed
91
    * Added php-zip package to recommends (#294)
92
93
94
  sympl-core
    * sympl-filesystem-security: don't overwite permission in public/cgi-bin (#299)
    * sympl-filesystem-security: correctly read the group id (#298)
Paul Cammish's avatar
Paul Cammish committed
95
    * sympl-cli: fix permissions on newly created domains (#295)
Paul Cammish's avatar
Paul Cammish committed
96

97
98
99
100
101
102
2020-07-06
  sympl-web
   * Fixes incorrect filename for log files (#296)
  sympl-backup
   * Adds missing -extract function to DRIVER_TAR_GZ (#297)

103
2020-05-12
Doug Targett's avatar
Doug Targett committed
104
105
106
  sympl-core
    * Added functionality to the sympl cli for managing FTP users

Paul Cammish's avatar
Paul Cammish committed
107
108
109
110
2020-05-10
  sympl-core
    * Remove debug output from sympl-filesystem-security

Paul Cammish's avatar
Paul Cammish committed
111
112
113
114
2020-04-27
  sympl-core
    * Further fixes to prevent sympl-filesystem-security from changing permissions where it shouldn't. (#280) 

Paul Cammish's avatar
Paul Cammish committed
115
116
117
118
119
2020-04-22
  sympl-web
    * Switch to individual packages for sympl-web (#292)
    * Only enable OCSP Stapling for certs that support it (#293)

120
121
122
123
2020-04-20
  sympl-core
    * Prevent sympl-filesystem-security from changing permissions of /etc/firewall/local.d/ contents.

Paul Cammish's avatar
Paul Cammish committed
124
125
126
127
2020-04-18
  sympl-mail
    * Fixed sympl-mail-dovecot-sni issue with filesystem loops (#281)

Paul Cammish's avatar
Paul Cammish committed
128
129
130
131
132
2020-04-15
  sympl-core
    * Added --verbose switch to sympl-filesystem-security
    * Fixed issue #280 with sympl-filesystem-security

133
134
135
136
137
2020-03-26
  sympl-monit
    * Don't use sudo when writing cursor. Fixes issue #279.
    * Update sympl-monit.cursor path.

Paul Cammish's avatar
Paul Cammish committed
138
139
140
141
2020-01-27
  sympl-webmail
    * Fixed importing contacts

142
143
144
145
2019-12-31
  sympl-core
    * Fixed inconsistency with 'disable-filesystem-security' switch.

146
147
148
149
150
2019-12-27
  sympl-mail
    * Improves default PCI Compliance by disabling TLS1.0
    * Fixes dhparam issue with Dovecot

Paul Cammish's avatar
Paul Cammish committed
151
2019-12-16
152
153
  sympl-core
    * Add sympl user to relevant groups on each install.
Paul Cammish's avatar
Paul Cammish committed
154
  sympl-web
155
    * Added cron to clean up old PHP sessions.
Paul Cammish's avatar
Paul Cammish committed
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375

2019-12-05
  sympl-core
    * Updated IPv6 Only workaround for sympl-ssl.

2019-10-17
  sympl-core
    * Updated sympl-ssl to use Let's Encrypt ACME v02 API.

2019-10-04
  sympl-mail
    * Fixed permission issue with configuration.

2019-09-18
  sympl-firewall
    * Fixed missing version increment.

2019-09-17
  sympl-mail
    * Adds full chain support to Dovecot SNI, needed by some clients.

2019-09-08
  sympl-core
    * Set default threshold for LE cert renewal to suggested 30 days.
  sympl-backup
    * Added backup2l driver to prevent warnings from tar.

2019-08-16
  sympl-core
    * Adds detection of NAT64 environments for sympl-ssl wrapper.
  sympl-firewall
    * Removed incrond, re-instated old manual triggers on changes.
    * Fixed warning message from nftables.

2019-07-31
  sympl-backup
    * Force backups to be run as root.
    * Updated backup paths, exclude backups of /var/lib/docker.
  sympl-mysql
    * Updated sympl-sqldump to use sympl user correctly.

2019-07-29
  sympl-core
    * Copy root user authorized_keys to sympl user on first install.

2019-07-25
  sympl-core
    * Fixed typo in sympl CLI

2019-07-19
  sympl-cron
    * Updated sympl-crontab --test output

2019-07-18
  sympl-firewall
    * Updated sympl-firewall-whitelist to more sane defaults.
    * Only whitelist SSH access for a week once logged in.
    * Only whitelist IPv6 address at /128 rather than /64.

2019-07-09
  sympl-web
    * Updated sympl-web-rotate-logs to support new ownership
    * Reload Apache when rotating logs, rather than the loggers.

2019-07-08
  sympl-mail
    * Re-enable Dovecot SNI

2019-07-07
  sympl-mail
    * Fixed unhandled input

2019-07-06
  sympl-mail
    * Resolved potential race condition
    * Updated sympl-mail-dovecot-sni for edge cases
    * Improved sympl-mail ssl-hook

2019-07-05
  sympl-core
    * Removed beta flag from MOTD
    * Updated 'sympl' parser, added 'sympl update' function.

2019-07-04
  sympl-core
    * Workaround for sympl-ssl bug #249 under IPv6 only.
  sympl-monit
    * Updated monit tests to use TLSv1.2
  sympl-web
    * Rewrote Apache configs
    * Moved phpMyAdmin specifics to sympl-phpmyadmin
    * Deprecated Apache vhost_sympl module

2019-07-03
  sympl-web
    * Updated path for PHP config
    * Reverted default PHP lockdown
    * Reverted vhost rewrites

2019-07-02
  sympl-core
    * Removed mailbox permission rewriting
    * Disabled hostname enforcement
    * Adjusted security permissions for domains Exim config files
  sympl-mail
    * Adjusted exim config group
    * Permissions adjustment for Debian-exim user

2019-07-01
  sympl-mail
    * Fixes for Roundcube/Dovecot changes in Buster.
    * Enables SMTP AUTH on localhost without TLS.

2019-06-30
  sympl-web
    * Reworked apache templates
    * Added fallback for zz-mass-hosting

2019-06-28
  sympl-core
    * Adjusted permissions for config/dkim

2019-06-26
  sympl-mail
    * Fix for non-selfsigned certs with Dovecot SNI
    * Fixed SNI configuration in Exim and Dovecot

2019-06-25
  sympl-core
    * First update for sympl command line
    * Fixed edge case in sympl-filesystem-security

2019-06-24
  sympl-core
    * Adjusted MOTD Banner
    * Updated sympl-filesystem-security with tweaks to paths/logic
  sympl-ftp
    * Adjusted configuration to allow www-data
  sympl-mail
    * Updated Dovecot configuration for Debian Buster
    * Migrated links into existing file
  sympl-web
    * Adjusted ssl-hook so it doesn't fire before sympl-web is installed.
    * Adjusted Apache templates slightly.

2019-06-21
  All Packages
    * Created Sympl v10.0 (Debian Buster)
  sympl-core
    * Moved sympl-ssl to sbin to avoid permissions/hook issues.
  sympl-web
    * Updated dependencies/build-dependencies
    * Fixed typo in apache template

2019-06-20
  sympl-mail
    * Merged legacy Symbiosis patch for SNI on Exim
    * Updated configuration for SNI in Dovecot
  sympl-core
    * Updated recommended packages
    * Updated MOTD banner

2019-06-19
  sympl-web
    * Massively improved security for PHP
    * PHP is now restricted to public/, and has domain-specific tmp and
      sessions directories which are automatically created.
    * PHP is now disabled in a path that matches 'wp-content/uploads'
      significantly securing all WordPress sites.
    * Enables OSCP stapling by default. Disables HSTS by default.
    * zz-mass-hosting now configures all sites, not just SSL sites.
    * sympl-web-logger now only used for the zz-mass-hosting fallbacks.
    * PHP can block dangerous functions such as eval() and exec() which
      should not be needed typically. This can be enabled manually
      but effects all sites on the server.
    * new config files: config/disable-php-security and config/hsts.
  sympl-webmail
    * Updated configuration to restrict PHP directory access

2019-06-14
  sympl-mysql
    * Fixed typos

2019-06-13
  sympl-backup
    * Removed deprecated backup scripts
  sympl-mysql
    * Added sympl-sqldump

2019-06-12
  sympl-web
    * Massively improved security for web stats.
    * new config files: config/stats and config/stats-htpasswd
  sympl-webmail
    * Improved webmail auto-configuration

2019-06-11
  All Packages
    * Merged sympl-common into sympl-core

2019-06-10
  All Packages
    * Adjusted Dependencies
  sympl-mail
    * Re-implimented password strength testing
  sympl-webmail
    * Moved configuration of roundcube to sympl-common

2019-06-09
  All Packages
    * Renamed admin user to sympl.
  sympl-ftp
    * FTP user now logs in as owner of the chrooted dir
    * Added Umask so files are +rw by the relevant group
  sympl-web
    * Removed skel.d files.
  sympl-mysql
    * .my.cnf and 'mysql_password' files now created in /home/sympl
  sympl-backup
    * Updated backup paths
Paul Cammish's avatar
Paul Cammish committed
376

Paul Cammish's avatar
Paul Cammish committed
377
378
379
380
381
382
383
384
* 2019-06-06 - First Public Build
  - Renamed packages and files, replaced references to Symbiosis with Sympl.
      bytemark-symbiosis -> sympl-core
      symbiosis-httpd -> sympl-web
      symbiosis-email -> sympl-mail
      symbiosis-ftpd -> sympl-ftp
      symbiosis-meta -> sympl-core
      symbiosis-* -> sympl-*
Paul Cammish's avatar
Paul Cammish committed
385
386
  - Renamed command-line tools, with new package names, added symlinks
    from old names.
Paul Cammish's avatar
Paul Cammish committed
387
388
389
390
391
  - /etc/symbiosis is now /etc/sympl, with symlink for compatibilty.
  - Folded old metapackages into relevant packages.
  - Dropped support for old Exchange Activesync.
  - Dropped support for XMPP.
  - A lot of tidying up.
Paul Cammish's avatar
Paul Cammish committed
392

Paul Cammish's avatar
Paul Cammish committed
393
* 2019-05-28 - Implemented autotest suite, updated docs.
Paul Cammish's avatar
Paul Cammish committed
394

Paul Cammish's avatar
Paul Cammish committed
395
* 2019-04-16 - Fixed Gitlab CI
Paul Cammish's avatar
Paul Cammish committed
396

Paul Cammish's avatar
Paul Cammish committed
397
* 2019-04-13 - Initial fork from GitHub