github mailcow/mailcow-dockerized 2024-01c
🦾6️⃣4️⃣ 🐄 Janmooary 2024 Update Revision C | Netfilter Security Update

latest releases: 2024-11a, 2024-11, 2024-08a...
9 months ago

⚠️This update includes a security fix, so we highly recommend that all users upgrade to this latest version to ensure the security of their systems. ⚠️

Users who are unable to update and share their system with potential attackers on the same network, such as with some hosting providers, should apply the following iptables/nftables rule:

iptables:
iptables -I DOCKER-USER ! -i br-mailcow -o br-mailcow -p tcp -m multiport --dport 3306,6379,8983,12345 -j DROP

nftables:
nft insert rule ip "filter" "DOCKER-USER" iifname != "br-mailcow" oifname "br-mailcow" tcp dport {3306, 6379, 8983, 12345} counter packets 0 bytes 0 drop

Read the Security advisory here: GHSA-gmpj-5xcm-xxx6

What's Changed

  • chore(deps): update peter-evans/create-pull-request action to v6 by @renovate in #5683
  • sogo: fix ACL allow authenticated users + rebuild on Bookworm by @DerLinkman in #5688
  • [Postfix] update postscreen_access.cidr by @milkmaker in #5686
  • [Netfilter] add mailcow isolation rule to MAILCOW chain by @FreddleSpl0it in #5696

Full Changelog: 2024-01b...2024-01c
Blog: https://mailcow.email/posts/2024/release-2024-01/

Don't miss a new mailcow-dockerized release

NewReleases is sending notifications on new releases.