turnkey-tomcat-18.0 (1) turnkey; urgency=low * Updated all relevant Debian packages to Bookworm/12 versions; including Tomcat 10 and Java 17 (OpenJDK). [Anton Pyrogovskyi ] * Confconsole: bugfix broken DNS-01 Let's Encrypt challenge- closes #1876 & #1895. [Jeremy Davis ] * Ensure hashfile includes URL to public key - closes #1864. * Include webmin-logviewer module by default - closes #1866. * Upgraded base distribution to Debian 12.x/Bookworm. * Configuration console (confconsole): - Support for DNS-01 Let's Encrypt challenges. [ Oleh Dmytrychenko github: @NitrogenUA ] - Support for getting Let's Encrypt cert via IPv6 - closes #1785. - Refactor network interface code to ensure that it works as expected and supports more possible network config (e.g. hotplug interfaces & wifi). - Show error message rather than stacktrace when window resized to incompatable resolution - closes #1609. [ Stefan Davis ] - Bugfix exception when quitting configuration of mail relay. [ Oleh Dmytrychenko github: @NitrogenUA ] - Improve code quality: implement typing, fstrings and make (mostly) PEP8 compliant. [Stefan Davis & Jeremy Davis * Firstboot Initialization (inithooks): - Refactor start up (now hooks into getty process, rather than having it's own service). [ Stefan Davis ] - Refactor firstboot.d/01ipconfig (and 09hostname) to ensure that hostname is included in dhcp info when set via inithooks. - Package turnkey-make-ssl-cert script (from common overlay - now packaged as turnkey-ssl). Refactor relevant scripts to leverage turnkey-ssl. - Refactor run script - use bashisms and general tidying. - Show blacklisted password characters more nicely. - Misc packaging changes/improvements. - Support returning output from MySQL - i.e. support 'SELECT'. (Only applies to apps that include MySQL/MariaDB). * Web management console (webmin): - Upgraded webmin to v2.105. - Replace webmin-shell with webmin-xterm module by default - closes #1904. - Removed stunnel reverse proxy (Webmin hosted directly now). - Ensure that Webmin uses HTTPS with default cert (/etc/ssl/private/cert.pem). - Disabled Webmin Let's Encrypt (for now). * Web shell (shellinabox): - Completely removed in v18.0 (Webmin now has a proper interactive shell). - Note: previous v18.0 releases did not include webmin-xterm pkg - see above webmin note &/or #1904. * Backup (tklbam): - Ported dependencies to Debian Bookworm; otherwise unchanged. * Security hardening & improvements: - Generate and use new TurnKey Bookworm keys. - Automate (and require) default pinning for packages from Debian backports. Also support non-free backports. * IPv6 support: - Adminer (only on LAMP based apps) listen on IPv6. - Nginx/NodeJS (NodeJS based apps only) listen on IPv6. * Misc bugfixes & feature implementations: - Remove rsyslog package (systemd journal now all that's needed). - Include zstd compression support. - Enable new non-free-firmware apt repo by default. - Improve turnkey-artisan so that it works reliably in cron jobs (only Laravel based LAMP apps). * Use MariaDB (MySQL replacement) v10.11.3 (from debian repos). -- Jeremy Davis Tue, 07 May 2024 02:11:13 +0000 turnkey-tomcat-17.1 (1) turnkey; urgency=low * Updated all Debian packages to latest. [ autopatched by buildtasks ] * Patched bugfix release. Closes #1734. [ autopatched by buildtasks ] -- Jeremy Davis Wed, 14 Sep 2022 07:11:52 +0000 turnkey-tomcat-17.0 (1) turnkey; urgency=low * Rebuild on latest Debian Bullseye. * Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Zhenya Hvorostian Tue, 10 Sep 2022 21:18:40 +0300 turnkey-tomcat-16.1 (1) turnkey; urgency=low * Rebuild on latest Debian Buster. * Note: Please refer to turnkey-core's 16.1 changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Stefan Davis Mon, 29 Mar 2021 18:18:56 +1100 turnkey-tomcat-16.0 (1) turnkey; urgency=low * Updated all relevant Debian packages to Buster/10 versions; including Tomcat 9 and Java 11 (OpenJDK). * Explcitly disable TLS<1.2 (i.e. SSLv3, TLSv1, TLSv1.1). (v15.x TurnKey releases supported TLS 1.2, but could fallback as low as TLSv1). * Update SSL/TLS cyphers to provide "Intermediate" browser/client support (suitable for "General-purpose servers with a variety of clients, recommended for almost all systems"). As provided by Mozilla via https://ssl-config.mozilla.org/. * Updated version of mysqltuner script - now installed as per upstream recommendation. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Thu, 25 Jun 2020 18:32:25 +1000 turnkey-tomcat-15.1 (1) turnkey; urgency=low * Rebuild to resolve inadvertant removal of mariadb during sec-updates - part of #1246. -- Jeremy Davis Wed, 21 Nov 2018 18:22:09 +1100 turnkey-tomcat-15.0 (1) turnkey; urgency=low * Tomcat: - Update to Tomcat8 (Latest Debian 9/Stretch package version of Tomcat). - Update to OpenJDK-8 (Latest Debian 9/Stretch package version of OpenJDK). * Install Adminer directly from stretch/main repo * Replace MySQL with MariaDB * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Vlad Kuzmenko Thu, 12 Jul 2018 14:42:42 +1000 turnkey-tomcat-14.2 (1) turnkey; urgency=low * Installed security updates. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Wed, 19 Apr 2017 12:36:24 +1000 turnkey-tomcat-14.1 (1) turnkey; urgency=low * Installed security updates. * Installed updated packages from TurnKey repo - includes relevant Webmin packages (v1.780) * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Tue, 01 Mar 2016 04:30:43 +0000 turnkey-tomcat-14.0 (1) turnkey; urgency=low * Tomcat: - Update to Tomcat7 (Latest Debian Jessie package version of Tomcat). - Update to OpenJDK-7 (Latest Debian Jessie package version of OpenJDK). * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Jeremy Davis Fri, 05 Jun 2015 15:05:19 +1000 turnkey-tomcat-13.0 (1) turnkey; urgency=low * Latest Debian Wheezy package version of Tomcat. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Fri, 11 Oct 2013 11:21:42 +0300 turnkey-tomcat-12.1 (1) turnkey; urgency=low * Latest Debian Squeeze package version of Tomcat. * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 07 Apr 2013 08:00:00 +0200 turnkey-tomcat-12.0 (1) turnkey; urgency=low * Tomcat: Upgraded to latest upstream package. * Major component versions tomcat6 6.0.35-1+squeeze2 openjdk-6-jdk 6b18-1.8.13-0+squeeze2 openjdk-6-jre 6b18-1.8.13-0+squeeze2 ant 1.8.0-4 mysql-server 5.1.63-0+squeeze1 libmysql-java 5.1.10+dfsg-2 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Wed, 01 Aug 2012 08:00:00 +0200 turnkey-tomcat-11.3 (1) turnkey; urgency=low * Installed security updates. * Enabled etckeeper garbage collection by default. * Upgraded to latest inithooks version (adhoc re-initialization via turnkey-init) -- Alon Swartz Mon, 05 Dec 2011 10:48:44 +0000 turnkey-tomcat-11.2 (1) turnkey; urgency=low * Installed security updates. * Added HubDNS package and firstboot configuration. -- Alon Swartz Fri, 15 Jul 2011 07:47:08 +0000 turnkey-tomcat-11.1 (1) turnkey; urgency=low * Tomcat: - Upgraded to tomcat6 from tomcat5.5 - Transitioned to OpenJDK (moving away from Sun Java). - Installed, configured and bugfixes authbind (bind to 80/443). - Set Tomcat admin password on firstboot (convenience, security). - Added URIEncoding="UTF-8" to SSL connection. - Added offline documentation. * MySQL: - Added MySQL as per common request. - Set MySQL root password on firstboot (convenience, security). - Force MySQL to use Unicode/UTF8. * Set postfix MTA myhostname to localhost (bugfix). * Updated TKL web control panel (admin not ported to tomcat6). * Major component versions: tomcat6 6.0.24-2ubuntu1.5 openjdk-6-jdk 6b20-1.9.2-0ubuntu1~10.04.1 openjdk-6-jre 6b20-1.9.2-0ubuntu1~10.04.1 ant 1.7.1-4ubuntu1.1 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Sun, 19 Dec 2010 15:01:05 +0200 turnkey-tomcat-2009.10 (2) hardy; urgency=low * Installed all security updates (see manifest for package versions). * Install security updates on firstboot (except when running live). * Trick webmin into not checking for upgrades (managed by apt). * Included latest version of inithooks and updated scripts. * Included wget as per common request. -- Alon Swartz Mon, 29 Mar 2010 09:02:11 +0200 turnkey-tomcat-2009.10 (1) hardy; urgency=low * Initial public release of TurnKey Tomcat. * SSL support out of the box. * Includes Turnkey web control panel (convenience). * Includes postfix MTA (bound to localhost) to allow sending of email from web applications (e.g., password recovery). Also added webmin-postfix module for convenience. * Tomcat and Java configurations: - Configured Tomcat admin/manager roles and admin user. - Configured Tomcat HTTP connector to bind to port 80 (default: 8180). - Configured SSL port to bind to port 443 (default: 8443). - Disabled AJP connector on port 8009 (security). - Tomcat and Java environment variables configuration system wide. * Enabled multiverse Ubuntu repository and pinned sun-java6 so it can be updated (security). * Regenerates all secrets during installation / firstboot (security). * Major component versions: tomcat5.5 5.5.25-5ubuntu1.2 sun-java6-jdk 6-16-0ubuntu1.8.04 sun-java6-jre 6-16-0ubuntu1.8.04 ant 1.7.0-3 * Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance. -- Alon Swartz Tue, 29 Sep 2009 15:39:41 +0200