🇺🇸 English/Englisch

Moohoo everyone!
Due to the recent accidents regarding the Java library log4j we would like to inform you, that your mailcow is NOT affected directly by this.

Yes, it is true, that the Solr Container is a Java application which is affected by the log4j security breach. BUT solr is NOT accessible from the outside of the mailcow stack!

For those who are worried we released a Solr Hotfix which is fixing the log4j issue with the simple flag +EXTRA_ARGS+=('-Dlog4j2.formatMsgNoLookups=true') which closed this issue.

To activate it please update your mailcow with the update.sh script

Stay safe everyone!

Niklas, Servercow Team

🇩🇪 Deutsch/German

Moohoo an alle!
Aufgrund der jüngsten Vorfälle mit der Java-Bibliothek log4j möchten wir euch mitteilen, dass eure mailcow NICHT direkt davon betroffen ist.

Ja, es ist wahr, dass der Solr Container eine Java Anwendung ist, die von der log4j Sicherheitslücke betroffen ist. Aber Solr ist NICHT von außerhalb des mailcow-Stacks zugänglich!

Für diejenigen, die besorgt sind, haben wir einen Solr Hotfix veröffentlicht, der das log4j-Problem mit dem einfachen Flag +EXTRA_ARGS+=('-Dlog4j2.formatMsgNoLookups=true') behebt, welches dieses Problem schließt.

Um es zu aktivieren, aktualisiert bitte eure mailcow mit dem update.sh Skript

Bleibt alle gesund!

Niklas, Servercow Team

Moohoo everyone! Niklas here to present you the latest news around our lovely mailcow 🙂

Let’s get started, shall we?

Major changes from November 2021 for the mailcow stack:

  • SOGo update to 5.3.0
  • Dovecot update to 2.3.17
  • ClamAV update to 0.103.4
  • [Web] Auto-generated app passwords for Apple configuration profiles

Please consider updating your mailcow stack to ensure a stable environment.

All changes from November 2021 for the mailcow stack (newest to oldest):

30th November 2021:

  • [SOGo] Update Image (Docker Image for mailcow stack)

29th November 2021:

  • Translations update from Weblate (Pull request: #4351)

28th November 2021:

  • [web] Fix several raw html flags in twig (Pull request: #4325)
  • [web] fixed html in alerts
  • [README] Separate build badges
  • Translations update from Weblate (Pull requests: #4347 & #4346)

27th November 2021:

  • Translations update from Weblate (Pull request: #4345)
  • [README] Added build + translation badge
  • [Web] Updated lang.de.json (Pull request: #4344)
  • [CI] Run tests on staging branch
  • [API] Updated docs for transport route
  • [Web] Updated lang.de.json (Pull request: #4343)

26th November 2021:

  • [Web] Fix lang strings
  • [Web] Change lang strings inding in 0
  • [web] Delete XMPP references from langfiles (#4338)

22th November 2021:

  • Update SOGo to 5.3.0 (Pull request: #4330)

18th November 2021:

  • [MariaDB] Further increase connections
  • [Rspamd] Return CAB to archive_extensions
  • [Rspamd] Adjust CAB score detection

15th November 2021:

  • [Config] Fix link, fixes (Issue: #4322)

14th November 2021:

  • [ClamAV] Change mirror for Dockerfile
  • [Dovecot] v2.3.17
  • [Web] Auto-generated app passwords for Apple configuration profiles (Pull request: #4316)

12th November 2021:

  • Add missing API endpoint to openapi.yaml (Pull request: #4320)

11th November 2021:

  • [ClamAV] Update to 0.103.4 (Pull request: #4314)

As this is our last changelog for 2021, the whole tinc (The Infrastructure Company) team wishes you a 🎄 Merry Christmas 🎁 and a 🎆 Happy New Year 2022 🥂.

May the next year be with you!