Merge remote-tracking branch 'origin/main' into release

Author: jaapmarcus

CHANGELOG.md

@@ -1,6 +1,17 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [1.5.11] - Service release
+
+### Bugfixes
+- Fixed an issue where Hestia port change did not update chain for fail2ban (#2465)
+- Fixed permission issues with /var/log/roundcube (#2466)
+- Fixed multiple issues in UI (#2464)
+- Allow v-change-user-template update backend templates (#2475)
+- Update composer dependencies (#2458 #2459)
+- Fixed an XSS vulnerability in "Edit" server page. (#2471) [CVE-2022-0986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0986)
+- Fixed an issue with caching templates and internal redirects (#2482)
+
 ## [1.5.10] - Service release
 
 ### Bugfixes

README.md

@@ -2,7 +2,7 @@
 
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Latest stable release:** Version 1.5.10 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md) | [![Build Status](https://drone.hestiacp.com/api/badges/hestiacp/hestiacp/status.svg?ref=refs/heads/main)](https://drone.hestiacp.com/hestiacp/hestiacp) <br>
+**Latest stable release:** Version 1.5.11 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md) | [![Build Status](https://drone.hestiacp.com/api/badges/hestiacp/hestiacp/status.svg?ref=refs/heads/main)](https://drone.hestiacp.com/hestiacp/hestiacp) <br>
 
 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>

bin/v-change-sys-port

@@ -73,6 +73,11 @@ else
     fi
     sed -i "/COMMENT='HESTIA'/c\RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='$PORT' IP='0.0.0.0/0' COMMENT='HESTIA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'" $HESTIA/data/firewall/rules.conf
 
+    # Update F2B chains config
+    if [ -f "$HESTIA/data/firewall/chains.conf" ]; then
+        sed -i "s/PORT='$ORIGINAL_PORT'/PORT='$PORT'/g" $HESTIA/data/firewall/chains.conf
+    fi
+    
     # Restart services
     if [ -n "$FIREWALL_SYSTEM" ] && [ "$FIREWALL_SYSTEM" != no ]; then
         $HESTIA/bin/v-restart-service iptables

bin/v-change-user-template

@@ -46,6 +46,8 @@ case $type in
         update_user_value "$user" '$WEB_TEMPLATE' "$template";;
     PROXY) is_proxy_template_valid "$template";
         update_user_value "$user" '$PROXY_TEMPLATE' "$template";;
+    BACKEND) is_backend_template_valid "$template";
+        update_user_value "$user" '$BACKEND_TEMPLATE' "$template";;
     DNS) is_dns_template_valid "$template";
         update_user_value "$user" '$DNS_TEMPLATE' "$template";;
     *) check_args '1' '0' 'USER TYPE TEMPLATE'

install/deb/nginx/nginx.conf

@@ -128,7 +128,7 @@ http {
 
     # Proxy cache
     proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
-    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_cache_key "$scheme$request_method$host$request_uri";
     proxy_temp_path  /var/cache/nginx/temp;
     proxy_ignore_headers Expires Cache-Control;
     proxy_cache_use_stale error timeout invalid_header http_502;

install/hst-install-debian.sh

@@ -31,7 +31,7 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.5.10'
+HESTIA_INSTALL_VER='1.5.11'
 # Dependencies
 pma_v='5.1.3'
 rc_v="1.5.2"
@@ -1898,14 +1898,6 @@ fi
 #                   Configure IP                           #
 #----------------------------------------------------------#
 
-# Roundcube permissions fix
-if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
-    if [ ! -d "/var/log/roundcube" ]; then
-        mkdir /var/log/roundcube
-    fi
-    chown admin:admin /var/log/roundcube
-fi
-
 # Configuring system IPs
 echo "[ * ] Configuring System IP..."
 $HESTIA/bin/v-update-sys-ip > /dev/null 2>&1

install/hst-install-ubuntu.sh

@@ -31,7 +31,7 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.5.10'
+HESTIA_INSTALL_VER='1.5.11'
 # Dependencies
 pma_v='5.1.3'
 rc_v="1.5.2"

install/upgrade/versions/1.5.10.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Hestia Control Panel upgrade script for target version 1.5.9
+# Hestia Control Panel upgrade script for target version 1.5.10
 
 #######################################################################################
 #######                      Place additional commands below.                   #######

install/upgrade/versions/1.5.11.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+
+# Hestia Control Panel upgrade script for target version 1.5.11
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################
+####### Pass through information to the end user in case of a issue or problem  #######
+#######                                                                         #######
+####### Use add_upgrade_message "My message here" to include a message          #######
+####### in the upgrade notification email. Example:                             #######
+#######                                                                         #######
+####### add_upgrade_message "My message here"                                   #######
+#######                                                                         #######
+####### You can use \n within the string to create new lines.                   #######
+#######################################################################################
+
+upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
+
+PORT=$(cat $HESTIA/nginx/conf/nginx.conf | grep "listen" | sed 's/[^0-9]*//g')
+
+if [ "$PORT" != "8083" ]; then 
+    # Update F2B chains config
+    if [ -f "$HESTIA/data/firewall/chains.conf" ]; then
+        # Update value in chains.conf
+        sed -i "s/PORT='8083'/PORT='$PORT'/g" $HESTIA/data/firewall/chains.conf
+    fi
+    
+    # Restart services
+    if [ -n "$FIREWALL_SYSTEM" ] && [ "$FIREWALL_SYSTEM" != no ]; then
+        $HESTIA/bin/v-stop-firewall
+        $HESTIA/bin/v-update-firewall
+                
+    fi
+fi
+
+# Fix Roundcube logdir permission
+if [ -d "/var/log/roundcube" ]; then
+    chown www-data:www-data /var/log/roundcube
+fi
+
+# Fix bug in nginx.conf for proxy cache
+if [ -d "/etc/nginx/nginx.conf" ]; then
+    echo "[ ! ] Fixed an issue with proxy cache and redirects"
+    sed -i 's/proxy_cache_key "$host$request_uri $cookie_user";/proxy_cache_key "$scheme$request_method$host$request_uri";/g' /etc/nginx/nginx.conf
+fi

src/deb/hestia/control

@@ -1,7 +1,7 @@
 Source: hestia
 Package: hestia
 Priority: optional
-Version: 1.5.10
+Version: 1.5.11
 Section: admin
 Maintainer: HestiaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com