turnkey-drupal7-18.1 (1) turnkey; urgency=low * v18.1 rebuild - includes latest Debian & TurnKey packages. * Update Drupal 7 to lastest v7.101. * Ensure hashfile includes URL to public key - closes #1864. * Configuration console (confconsole) - v2.1.6: - Bugfix broken DNS-01 Let's Encrypt challenge - closes #1876 & #1895. Fixed in v2.1.5 - already included in some appliances. - Let's Encrypt/Dehydrated - bugfix cron failure - closes #1962. - General dehydrated-wrapper code cleanup - now passes shellcheck. * Web management console (webmin): - Include webmin-logviewer module by default - closes #1866. - Upgraded webmin to v2.105. - Replace webmin-shell with webmin-xterm module by default - closes #1904. * Reduce log noise by creating ntpsec log dir - closes #1952. * Apache mod_evasive config improvements: - Bump DOSPageCount from (default) 2 -> 5 - closes #1951. - DOSLogDir - use default log dir & fix permissions - closes #1950. - Add DOSWhitelist example - commented out. * Include new 'tkl-update-php' script - to make updating/changing PHP version easier for end users. [Marcos Méndez @ POPSOLUTIONS * DEV: Add support for setting max_execution_time & max_input_vars in php.ini via appliance Makefile (PHP_MAX_EXECUTION_TIME & PHP_MAX_INPUT_VARS). -- Jeremy Davis Fri, 05 Jul 2024 11:24:55 +0000 turnkey-drupal7-18.0 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.98. * Fix drush-mail-securityupdates cron job - closes #1748. * Include and enable mod_evasive and mod_security2 by default in Apache. [ Stefan Davis ] * Debian default PHP updated to v8.2. * Use MariaDB (MySQL replacement) v10.11.3 (from debian repos). * Install composer from Debian repos (previously installed from source) [ Stefan Davis ] * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole): - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.0.21. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). -- Stefan Davis Thu, 21 Sep 2023 22:25:01 +0000 turnkey-drupal7-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Tue, 12 May 2022 01:41:55 +0000 turnkey-drupal7-17.0 (1) turnkey; urgency=low * Includes PHP 7.4. * Updated all relevant Debian packages to Bullseye/11 versions * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Tue, 26 Apr 2022 02:41:14 +0000 turnkey-drupal7-16.2 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.82. * Update Drush to latest v8.x - 8.4.8. -- Jeremy Davis Wed, 25 Aug 2021 10:36:33 +1000 turnkey-drupal7-16.1 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.78. Resolves a number of security related issues. * Update Drush to latest v8.x - 8.4.6. * Include 'turnkey-composer' wrapper script - runs composer as www-data user. Makes it easy to not run composer as root - part of #1539. * Explicitly install composer (rather than automatically include in all LAMP based appliances) - part of #1563. * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Wed, 10 Feb 2021 15:43:02 +1100 turnkey-drupal7-16.0 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.72. Resolves a number of security related issues. * Update Drush to latest v8.x - 8.4.0. * Explicitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update SSL/TLS ciphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Updated all relevant Debian packages to Buster/10 versions; including PHP 7.3. * Updated version of mysqltuner script - now installed as per upstream recommendation. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Fri, 31 Jul 2020 17:24:09 +1000 turnkey-drupal7-15.4 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.67. Resolves: - SA-CORE-2019-006 - Moderately critical security issue(s). - SA-CORE-2019-007 - Moderately critical security issue(s). * Enable utf8-mb DB character encoding, so the full utf8 character set is supported. * Include php-mbstring package for improved full utf8 support. * Include php-uploadprogress so upload progress bar is displayed. -- Jeremy Davis Mon, 13 May 2019 10:28:06 +1000 turnkey-drupal7-15.3 (1) turnkey; urgency=low * Update Drupal7 to latest upstream version - 7.65. -- Jeremy Davis Thu, 21 Mar 2019 16:38:37 +1100 turnkey-drupal7-15.2 (1) turnkey; urgency=low * Updated Drupal7 to latest upstream version - 7.61. * Rebuild to resolve inadvertent removal of mariadb during sec-updates - part of #1246. -- Jeremy Davis Wed, 21 Nov 2018 18:08:23 +1100 turnkey-drupal7-15.1 (1) turnkey; urgency=low * Rebuilt to include Drupal 7.60 due to security issue(s) described in SA-CORE-2018-006 - https://www.drupal.org/sa-core-2018-006 -- Jeremy Davis Thu, 18 Oct 2018 10:37:23 +1100 turnkey-drupal7-15.0 (1) turnkey; urgency=low * Updated Drupal7 to latest stable upstream (via drush) * Updated Drush to latest stable relevant version * Install Adminer directly from stretch/main repo * Provide "adminer" root-like user for Adminer MySQL access * Replace MySQL with MariaDB (drop-in MySQL replacement) * Updated version of mysqltuner script * Includes PHP7.0 (installed from Debian repos) * Updated PHP default settings * Remove phpsh (no longer maintained) * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Thu, 18 Nov 2017 04:00:42 +0200 turnkey-drupal7-14.2 (1) turnkey; urgency=low * Updated Drupal7 to latest stable upstream (via drush). * Updated Drush to latest stable relevant version. * Updated Adminer to 4.2.5 * Installed security updates. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Wed, 19 Apr 2017 15:41:40 +1000 turnkey-drupal7-14.1 (1) turnkey; urgency=low * Drupal7: - Latest stable version of Drush v7.x (installed via composer at build time). - Latest version of Drupal 7 installed via Drush. - Fixed cron (closes #559). - Removed php5-xcache (#untracked-bug) - Changed included modules as per recommendation of Mike Stiv (drupal ninja). - Latest versions of modules & dependencies installed (& some enabled). - Removed superfluous dependencies. - Increased PHP memory limits for both cli & web (#untracked-bug) * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Fri, 05 Feb 2016 18:11:26 +1100 turnkey-drupal7-14.0 (1) turnkey; urgency=low * Drupal7: - Latest 7.x version of Drush is now installed via composer at build time. - Latest version of Drupal7 is installed via Drush. - Latest versions of modules are now installed via Drush. * Replaced phpMyAdmin with Adminer * Hardened default SSL settings * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Fri, 03 Jul 2015 13:55:12 +1000 turnkey-drupal7-13.0 (1) turnkey; urgency=low * Drupal7: - Latest version of Drush is now installed via pear at build time. - Latest version of Drupal7 is now installed via Drush. - Latest versions of modules are now installed via Drush. * phpMyAdmin: - Configured to allow users preferences stored in database. - Specified blowfish_secret and regeneration on firstboot (security). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Thu, 10 Oct 2013 17:45:58 +0300 turnkey-drupal7-12.1 (1) turnkey; urgency=low * Drupal7: - Latest version of Drush is now installed via pear at build time. - Latest version of Drupal7 is now installed via Drush. - Latest versions of modules are now installed via Drush. - Fixed support for complex passwords in inithook (LP#1102662). - Increased php cli memory limit for Drush (LP#1048443). * Added phpsh (interactive shell for PHP) and php5-cli (generically useful). * Upstream source component versions: ckeditor 4.0.2 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 07 Apr 2013 08:00:00 +0200 turnkey-drupal7-12.0 (1) turnkey; urgency=low * Initial public release of TurnKey Drupal7, based on TKLPatch submitted by John Carver. * Installed from upstream tarball, includes support for inline upgrades. * Set Drupal admin email and password on firstboot (convenience, security). * Regenerates all secrets during installation / firstboot (security). * Includes drush for command line administration and configuration. * Replaced Drupal's poor-man-cron with drush cron. * Includes many useful/popular drupal7 modules: - devel - views - panels - rules - pathauto - google_analytics - backup_migrate - recaptcha - imageapi - lightbox2 - getid3 - imce - ckeditor - jquery_ui - transliteration - tagadelic - advanced_help - admin_menu - ctools - globalredirect - logintoboggan - simpletest - fivestart - token - webform - email - link - date * MySQL related: - Set MySQL root password on firstboot (convenience, security). - Force MySQL to use Unicode/UTF8. - Includes PhpMyAdmin (listening on port 12322 - uses SSL). * SSL support out of the box. * Includes php-xcache PHP opcode cacher / optimizer (performance). * Includes postfix MTA (bound to localhost) for sending of email (e.g. password recovery). Also includes webmin postfix module for convenience. * Major component versions drupal 7.14 (upstream archive) drush 7.x-5.1 (upstream archive) apache2 2.2.16-6+squeeze7 mysql-server 5.1.63-0+squeeze1 phpmyadmin 4:3.3.7-7 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200