Mailcow Dockerized Versions Save

mailcow: dockerized - 🐮 + 🐋 = 💕

2024-04

1 month ago

What's Changed

With the Moopril update, two security vulnerabilities in mailcow will be closed.

  1. CVE-2024-31204: XSS Vulnerability via Exception Handler
  2. CVE-2024-30270: Path Traversal and Arbitrary Code Execution Vulnerability

Thanks to Paul Gerste from Sonar for reporting the security vulnerabilities!

New Contributors

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-02...2024-04

2024-02

2 months ago

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01e...2024-02 Updated Blog Page here: https://mailcow.email/posts/2024/release-2024-02/

2024-01e

2 months ago

What's Changed

We are aware of the “issue” with SOGo and the error message in the editor. We have already reached out, and once the fix is implemented, we will seamlessly patch the provided SOGo version with the 2024-01e release. This avoids the need for a new subrelease like the current one.

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01d...2024-01e Updated Blog Page here: https://mailcow.email/posts/2024/release-2024-01/

2024-01d

3 months ago

If you encountered the bug that watchdog is reporting something about Dovecot replication please apply this patch.

If you have problems regarding PHP-FPM and Redis connection issues: https://github.com/mailcow/mailcow-dockerized/issues/5697 please set the DISABLE_NETFILTER_ISOLATION_RULE to y instead of n inside mailcow.conf and restart the mailcow stack with docker compose down and up -d afterwards

Issue has been fixed in: https://github.com/mailcow/mailcow-dockerized/commit/57e67ea8f79a1fe218cb0f0ea8ad95a53b9f0179 many, many thanks to @tomudding for quickly finding it!

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01c...2024-01d

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01c...2024-01d

2024-01c

3 months ago

⚠️This update includes a security fix, so we highly recommend that all users upgrade to this latest version to ensure the security of their systems. ⚠️

Users who are unable to update and share their system with potential attackers on the same network, such as with some hosting providers, should apply the following iptables/nftables rule:

iptables: iptables -I DOCKER-USER ! -i br-mailcow -o br-mailcow -p tcp -m multiport --dport 3306,6379,8983,12345 -j DROP

nftables: nft insert rule ip "filter" "DOCKER-USER" iifname != "br-mailcow" oifname "br-mailcow" tcp dport {3306, 6379, 8983, 12345} counter packets 0 bytes 0 drop

Read the Security advisory here: https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-gmpj-5xcm-xxx6

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01b...2024-01c Blog: https://mailcow.email/posts/2024/release-2024-01/

2024-01b

3 months ago

What's Changed

New Contributors

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01a...2024-01b Blog Page: https://mailcow.email/de/posts/2024/release-2024-01/

2024-01a

3 months ago

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2024-01...2024-01a

2024-01

3 months ago

⚠️ DO A BACKUP BEFORE UPDATING TO BE ON THE SAFE SITE ⚠️

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2023-12a...2024-01 Blog Post: https://mailcow.email/posts/2024/release-2024-01

2023-12a

4 months ago

What's Changed

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2023-12...2023-12a

2023-12

4 months ago

What's Changed

New Contributors

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2023-11a...2023-12