mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2026-03-06 23:01:23 +00:00
Compare commits
6 Commits
renovate/d
...
staging
| Author | SHA1 | Date | |
|---|---|---|---|
|
e848226062 | ||
|
|
efaeb77e13 | ||
|
|
569b4cf985 | ||
|
|
6c857243ec | ||
|
905e93627c | ||
|
|
4e33c7143f |
@@ -3,7 +3,7 @@
|
||||
# Version: SOGo-5.12.4
|
||||
#
|
||||
# Applied security patches:
|
||||
# - 16ab99e7cf8db2c30b211f0d5e338d7f9e3a9efb: XSS vulnerability in theme parameter
|
||||
# -
|
||||
#
|
||||
# To add new patches, modify SOGO_SECURITY_PATCHES ARG below with space-separated commit hashes
|
||||
|
||||
@@ -12,10 +12,10 @@ FROM debian:bookworm
|
||||
LABEL maintainer="The Infrastructure Company GmbH <info@servercow.de>"
|
||||
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
ARG SOGO_VERSION=SOGo-5.12.4
|
||||
ARG SOPE_VERSION=SOPE-5.12.4
|
||||
ARG SOGO_VERSION=SOGo-5.12.5
|
||||
ARG SOPE_VERSION=SOPE-5.12.5
|
||||
# Security patches to apply (space-separated commit hashes)
|
||||
ARG SOGO_SECURITY_PATCHES="16ab99e7cf8db2c30b211f0d5e338d7f9e3a9efb"
|
||||
ARG SOGO_SECURITY_PATCHES=""
|
||||
# renovate: datasource=github-releases depName=tianon/gosu versioning=semver-coerced extractVersion=^(?<version>.*)$
|
||||
ARG GOSU_VERSION=1.19
|
||||
ENV LC_ALL=C
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
--- /usr/lib/GNUstep/SOGo/Templates/UIxAclEditor.wox 2018-08-17 18:29:57.987504204 +0200
|
||||
+++ /usr/lib/GNUstep/SOGo/Templates/UIxAclEditor.wox 2018-08-17 18:29:35.918291298 +0200
|
||||
--- /usr/local/lib/GNUstep/SOGo/Templates/UIxAclEditor.wox 2018-08-17 18:29:57.987504204 +0200
|
||||
+++ /usr/local/lib/GNUstep/SOGo/Templates/UIxAclEditor.wox 2018-08-17 18:29:35.918291298 +0200
|
||||
@@ -46,7 +46,7 @@
|
||||
</md-item-template>
|
||||
</md-autocomplete>
|
||||
|
||||
@@ -261,19 +261,19 @@ location ~* /sogo$ {
|
||||
}
|
||||
|
||||
location /SOGo.woa/WebServerResources/ {
|
||||
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
alias /usr/local/lib/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location /.woa/WebServerResources/ {
|
||||
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
alias /usr/local/lib/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location /SOGo/WebServerResources/ {
|
||||
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
alias /usr/local/lib/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
|
||||
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
alias /usr/local/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -9,6 +9,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$_data_log = $_data;
|
||||
!isset($_data_log['password']) ?: $_data_log['password'] = '*';
|
||||
!isset($_data_log['password2']) ?: $_data_log['password2'] = '*';
|
||||
|
||||
// Track mailboxes affected by alias operations for incremental SOGo updates
|
||||
$update_sogo_mailboxes = array();
|
||||
|
||||
switch ($_action) {
|
||||
case 'add':
|
||||
switch ($_type) {
|
||||
@@ -886,6 +890,17 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('alias_added', $address, $id)
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update
|
||||
if (!empty($goto)) {
|
||||
$gotos = array_map('trim', explode(',', $goto));
|
||||
foreach ($gotos as $g) {
|
||||
if (filter_var($g, FILTER_VALIDATE_EMAIL) &&
|
||||
!in_array($g, array('null@localhost', 'spam@localhost', 'ham@localhost'))) {
|
||||
$update_sogo_mailboxes[] = $g;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
case 'alias_domain':
|
||||
@@ -1368,15 +1383,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
), $_extra);
|
||||
}
|
||||
|
||||
try {
|
||||
update_sogo_static_view($username);
|
||||
} catch (PDOException $e) {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => $e->getMessage()
|
||||
);
|
||||
}
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $username;
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'success',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
@@ -1607,6 +1615,9 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('resource_added', htmlspecialchars($name))
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $name;
|
||||
break;
|
||||
case 'domain_templates':
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
@@ -2725,6 +2736,28 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('alias_modified', htmlspecialchars($address))
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update (both old and new goto addresses)
|
||||
// Old goto: to remove alias from their view
|
||||
if (!empty($is_now['goto'])) {
|
||||
$old_gotos = array_map('trim', explode(',', $is_now['goto']));
|
||||
foreach ($old_gotos as $g) {
|
||||
if (filter_var($g, FILTER_VALIDATE_EMAIL) &&
|
||||
!in_array($g, array('null@localhost', 'spam@localhost', 'ham@localhost'))) {
|
||||
$update_sogo_mailboxes[] = $g;
|
||||
}
|
||||
}
|
||||
}
|
||||
// New goto: to add alias to their view
|
||||
if (!empty($goto)) {
|
||||
$new_gotos = array_map('trim', explode(',', $goto));
|
||||
foreach ($new_gotos as $g) {
|
||||
if (filter_var($g, FILTER_VALIDATE_EMAIL) &&
|
||||
!in_array($g, array('null@localhost', 'spam@localhost', 'ham@localhost'))) {
|
||||
$update_sogo_mailboxes[] = $g;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
case 'domain':
|
||||
@@ -3439,15 +3472,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'msg' => array('mailbox_modified', $username)
|
||||
);
|
||||
|
||||
try {
|
||||
update_sogo_static_view($username);
|
||||
} catch (PDOException $e) {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => $e->getMessage()
|
||||
);
|
||||
}
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $username;
|
||||
}
|
||||
return true;
|
||||
break;
|
||||
@@ -4076,6 +4102,9 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('resource_modified', htmlspecialchars($name))
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $name;
|
||||
}
|
||||
break;
|
||||
case 'domain_wide_footer':
|
||||
@@ -5780,6 +5809,18 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
);
|
||||
continue;
|
||||
}
|
||||
|
||||
// Track affected mailboxes for SOGo update (capture before deletion)
|
||||
if (!empty($alias_data['goto'])) {
|
||||
$gotos = array_map('trim', explode(',', $alias_data['goto']));
|
||||
foreach ($gotos as $g) {
|
||||
if (filter_var($g, FILTER_VALIDATE_EMAIL) &&
|
||||
!in_array($g, array('null@localhost', 'spam@localhost', 'ham@localhost'))) {
|
||||
$update_sogo_mailboxes[] = $g;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare("DELETE FROM `alias` WHERE `id` = :id");
|
||||
$stmt->execute(array(
|
||||
':id' => $alias_data['id']
|
||||
@@ -6038,20 +6079,14 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
continue;
|
||||
}
|
||||
|
||||
try {
|
||||
update_sogo_static_view($username);
|
||||
}catch (PDOException $e) {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'success',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => $e->getMessage()
|
||||
);
|
||||
}
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'success',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('mailbox_removed', htmlspecialchars($username))
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $username;
|
||||
}
|
||||
return true;
|
||||
break;
|
||||
@@ -6153,6 +6188,9 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('resource_removed', htmlspecialchars($name))
|
||||
);
|
||||
|
||||
// Track affected mailboxes for SOGo update
|
||||
$update_sogo_mailboxes[] = $name;
|
||||
}
|
||||
break;
|
||||
case 'tags_domain':
|
||||
@@ -6259,9 +6297,21 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
}
|
||||
break;
|
||||
}
|
||||
if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'resource')) && getenv('SKIP_SOGO') != "y") {
|
||||
if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'resource', 'mailbox')) && getenv('SKIP_SOGO') != "y") {
|
||||
try {
|
||||
update_sogo_static_view();
|
||||
if (($_type == 'alias' || $_type == 'resource' || $_type == 'mailbox') && !empty($update_sogo_mailboxes)) {
|
||||
// INCREMENTAL UPDATE: Update only affected mailboxes/resources
|
||||
$update_sogo_mailboxes = array_unique($update_sogo_mailboxes);
|
||||
foreach ($update_sogo_mailboxes as $mailbox) {
|
||||
update_sogo_static_view($mailbox);
|
||||
}
|
||||
}
|
||||
else {
|
||||
// FULL REBUILD: For domain and alias_domain operations or if no tracked mailboxes
|
||||
// Domain operations affect all mailboxes
|
||||
// Alias_domain operations affect entire target domain
|
||||
update_sogo_static_view();
|
||||
}
|
||||
}catch (PDOException $e) {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'success',
|
||||
|
||||
@@ -200,7 +200,7 @@ services:
|
||||
- phpfpm
|
||||
|
||||
sogo-mailcow:
|
||||
image: ghcr.io/mailcow/sogo:5.12.4-2
|
||||
image: ghcr.io/mailcow/sogo:5.12.5-1
|
||||
environment:
|
||||
- DBNAME=${DBNAME}
|
||||
- DBUSER=${DBUSER}
|
||||
@@ -225,12 +225,12 @@ services:
|
||||
- ./data/hooks/sogo:/hooks:Z
|
||||
- ./data/conf/sogo/:/etc/sogo/:z
|
||||
- ./data/web/inc/init_db.inc.php:/init_db.inc.php:z
|
||||
- ./data/conf/sogo/custom-favicon.ico:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
|
||||
- ./data/conf/sogo/custom-shortlogo.svg:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo-compact.svg:z
|
||||
- ./data/conf/sogo/custom-fulllogo.svg:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo-full.svg:z
|
||||
- ./data/conf/sogo/custom-fulllogo.png:/usr/lib/GNUstep/SOGo/WebServerResources/img/sogo-logo.png:z
|
||||
- ./data/conf/sogo/custom-theme.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
|
||||
- ./data/conf/sogo/custom-sogo.js:/usr/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
|
||||
- ./data/conf/sogo/custom-favicon.ico:/usr/local/lib/GNUstep/SOGo/WebServerResources/img/sogo.ico:z
|
||||
- ./data/conf/sogo/custom-shortlogo.svg:/usr/local/lib/GNUstep/SOGo/WebServerResources/img/sogo-compact.svg:z
|
||||
- ./data/conf/sogo/custom-fulllogo.svg:/usr/local/lib/GNUstep/SOGo/WebServerResources/img/sogo-full.svg:z
|
||||
- ./data/conf/sogo/custom-fulllogo.png:/usr/local/lib/GNUstep/SOGo/WebServerResources/img/sogo-logo.png:z
|
||||
- ./data/conf/sogo/custom-theme.js:/usr/local/lib/GNUstep/SOGo/WebServerResources/js/theme.js:z
|
||||
- ./data/conf/sogo/custom-sogo.js:/usr/local/lib/GNUstep/SOGo/WebServerResources/js/custom-sogo.js:z
|
||||
- mysql-socket-vol-1:/var/run/mysqld/:z
|
||||
- sogo-web-vol-1:/sogo_web
|
||||
- sogo-userdata-backup-vol-1:/sogo_backup
|
||||
@@ -449,7 +449,7 @@ services:
|
||||
- ./data/web/inc/functions.inc.php:/mailcowauth/functions.inc.php:z
|
||||
- ./data/web/inc/functions.auth.inc.php:/mailcowauth/functions.auth.inc.php:z
|
||||
- ./data/web/inc/sessions.inc.php:/mailcowauth/sessions.inc.php:z
|
||||
- sogo-web-vol-1:/usr/lib/GNUstep/SOGo/
|
||||
- sogo-web-vol-1:/usr/local/lib/GNUstep/SOGo/
|
||||
ports:
|
||||
- "${HTTPS_BIND:-}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}"
|
||||
- "${HTTP_BIND:-}:${HTTP_PORT:-80}:${HTTP_PORT:-80}"
|
||||
|
||||
Reference in New Issue
Block a user