🍂🐄 Mootember Update 2022 - Quarantine & Swagger UI Fix Update | Revision A

What's Changed

• Update Twig to 3.4.3 by @FreddleSpl0it in #4772

This fixes CVE-2022-39261 (not critical for mailcow Users)

Full Changelog: 2022-09...2022-09a

🍂🐄 Mootember Update 2022 - Quarantine & Swagger UI Fix Update

What's Changed in Stable Builds

• GitHub Workflows security hardening by @sashashura in #4761
• Fixed small typo in escape sequence in update script by @mindsolve in #4762
• Update quarantine_notify.py charset by @MAGICCC in #4758 (this fixes #4743)
• Translations update from Weblate by @milkmaker in #4765
• [API] Update swagger version by @ntimo in #4763
• Improve send-as behaviour by @macwinnie in #4703

CVE-2022-39258

This Update also close a security issue with the Swagger UI.
We´ve opened a GitHub Security Advisory which explains the case in more detail: GHSA-vjgf-cp5p-wm45

What's Changed in Nightly Builds

We´ve gathered some Feedback to the Bootstrap 5 Update (Located here: https://github.com/mailcow/mailcow-dockerized/discussions/4734) and implemented this, which is:

• [NEW] Sieve Access can now be toggled via Mass-Actions
• [NEW] Added a Loading Animation for the Container Charts
• [NEW] The Public IP-Adresses of your Mailserver (done with dig inside the containers) are now displayed on the Dashboard Page.
• [FIX] Fixed some Layout Issues (especially Color Changes)

Remember: These changes are ONLY available inside the nightly Builds.

---

Important Links:

• Detailed informations on our Blog: https://mailcow.email/posts/2022/release-2022-09/
• Learn how to get nightly builds: https://docs.mailcow.email/i_u_m/i_u_m_update/#how-do-i-get-nightly-updates
• Or try the nightly Demo to get a impression of the new UI: https://nightly-demo.mailcow.email (more Informations + Login Credentials located here: https://docs.mailcow.email/#demos)

Full Changelog: 2022-08b...2022-09

🌊🐄 Amoogust Update 2022 - The Nightly Build Switch Update | Revision B

What's Changed

• Modified branch switch in generate_config.sh by @maljes in #4741
• Fix for SOGo in 2022-08 (Sieve) by @DerLinkman, @FreddleSpl0it and @andryyy in #4747

View our Blog article here: https://news.mailcow.email/posts/2022/release-2022-08b/

Full Changelog: 2022-08a...2022-08b

🌊🐄 Amoogust Update 2022 - The Nightly Build Switch Update | Revision A

What's Changed

• Fixes the issue that older v2 Compose Plugin Versions (beginning with v in docker compose version --short were not accepted.
• Fixes the Sieve Error that IMAP Clients and SOGo cannot use Sieve Filters anymore.

Full Changelog: 2022-08...2022-08a

🌊🐄 Amoogust Update 2022 - The Nightly Build Switch Update

What's Changed in Stable Builds

• Update TFA flow by @FreddleSpl0it in #4685
• [Update.sh] Nightly Version Switch implementation + Composev2 User Decision by @DerLinkman in #4725
• Translations update from Weblate by @milkmaker in #4722
• Update SOGo to 5.7.1 by @MAGICCC in #4719

What's Changed in Nightly Builds

• [UI] Update to Bootstrap 5 (First Beta Release) | Redesign of mailcow UI, new Arrangement, new Stats for Stack Health
  Feedback requested. More informations here

More informations here: https://news.mailcow.email/posts/2022/release-2022-08/
Get to now how to use Nightly Builds: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_update/#new-get-nightly-updates

Full Changelog: 2022-07a...2022-08

☀️🐄 Mooly Update 2022 - TFA Flow Update | Revision A

What's Changed

• Add Integration Tests badge by @MAGICCC in #4682
• Improve domain api schema by @l-with in #4689
• Use yaml list style in workflow by @MAGICCC in #4688
• Use proper mailcow name for workflow by @MAGICCC in #4687
• [DB] Update tfa keyHandle max length to 1023 by @Erisa in #4696
• [ClamAV] Update to 0.105.1 by @DerLinkman in 44a6f09

---

ClamAV Update Advice from ClamAV Developers: https://blog.clamav.net/2022/07/clamav-01037-01041-and-01051-patch.html

Full Changelog: 2022-07...2022-07a
Blog Page: https://news.mailcow.email/posts/2022/release-2022-07a/

☀️🐄 Mooly Update 2022 - TFA Flow Update

What's Changed

• [Web] change tfa flow by @FreddleSpl0it in #4484
• Fix "The operation is insecure." when trying to register fido2 device. by @El-Virus in #4403
• Update SOGo to 5.7.0 by @MAGICCC in #4632
• [Dovecot] Update to 2.3.19.1 by @DerLinkman in #4659
• [Sync Jobs] Remove default selection for target mailbox by @RafaelKr in #4661
• Fix Docker Healthcheck for Clamd Container by @mritzmann in #4634
• Translations update from Weblate by @milkmaker in #4664
• Fix permissions of create_cold_standby.sh by @MAGICCC in #4669
• Fixed OpenAPI docs to be spec compliant by @ntimo in #4670
• [CI] Added Mailcow tests & image builds by @ntimo in #4673
• Removed DroneCI & Travis CI by @ntimo in #4671
• fix blank page on /user when not logged by @mhofer117 in #4677
• Create SECURITY.md by @MAGICCC in #4674
• [Update.sh] Added docker-compose Update prompt + Version check by @DerLinkman in #4662

Visit the Blog Post here: https://news.mailcow.email/posts/release-2022-07/

Full Changelog: 2022-06b...2022-07

🌕🐄 Moone Update 2022 - The (now fully) Docker Compose v2 Update | Revision B

What's Changed

• Added auto correction of composev1 Binds in compose.yml by @DerLinkman in #4644
• Fixed IMAPSYNC when no Custom Parameter is set by @FreddleSpl0it a835419

Full Changelog: 2022-06a...2022-06b

🌕🐄 Moone Update 2022 - The (now fully) Docker Compose v2 Update | Revision A

What's Changed

• Translations update from Weblate by @milkmaker in #4638
• hotfix imapsync (IMAPSYNC Exploit hardening) by @FreddleSpl0it in #4629
• Docker-Compose v2 is now required to run mailcow. (Moved up, originally planned for December) by @DerLinkman
• [Web] Re-use DKIM key if available by @andryyy 7ae7f25

---

About IMAPSYNC (SyncJobs)

It´s the second exploit in such a short time and we´re already thinking of a IMAPSYNC replacement in the near future. However with this update (2022-06a) an Administrator needs to set the SyncJob ACL whenever they create a new Mailbox user, which should be able to use the SyncJobs. This don´t affect the Admin View of course, they can create SyncJobs like they normally could without a change.

We advice you to update your mailcow in the near future. There will be a seperate CVE Number regarding this IMAPSYNC Exploit Hardening when it´s availble. We´ll create a Security Issue (like the last time) here on GitHub aswell.

Full Changelog: 2022-06...2022-06a

🌕🐄 Moone Update 2022 - The Docker Compose v2 Update (Part I)

What's Changed

• Increase Mailadmin performance by @marcojarjour in #4562
• [Clamd] Update to ClamAV 0.105 by @DerLinkman in #4589
• Update swagger docs - add/app-passwd by @FreddleSpl0it in #4590
• Translations update from Weblate by @milkmaker in #4591
• remove bind options from volumes by @qupfer in #4577
• Translations update from Weblate by @milkmaker in #4600
• [Web] escapehtml in mailbox.js by @DerLinkman in #4604
• [Postfix] Update to 3.5.6 (Rebase to Debian 11) by @DerLinkman in #4599
• Netfilter base image update by @MAGICCC in #4607
• acme base image update by @MAGICCC in #4612
• Dockerapi base image update by @MAGICCC in #4611
• Olefy base image update by @MAGICCC in #4610
• Watchdog base image update by @MAGICCC in #4608
• Unbound base image update by @MAGICCC in #4609
• PHP-FPM base image update by @MAGICCC in #4613
• [Compose] Update to Docker Compose v2 by @DerLinkman in #4605

---

Please head over to the mailcow Docs to find out how to switch to Docker Compose v2!

Full Changelog: 2022-05d...2022-06