mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-22 18:19:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade to unRAID-6.2 will add new variables to config/domain.cfg:

Browse Source 
IMAGE_FILE="/mnt/user/system/libvirt/libvirt.img"
  IMAGE_SIZE="1"

Fix buffer overflow bug in emhttp user credentials validation.
This commit is contained in:
Tom Mortensen
2016-03-03 10:47:44 -08:00
parent e72e358207
commit 807d1563e8
1 changed files with 10 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/unRAIDServer/unRAIDServer.plg
+10 -245
View File
@@ -137,250 +137,6 @@ Version 6.2-beta1
-----------------
- switch to 'slackware64-current' base packages
Version 6.1.3 2015-09-20
------------------------
- firmware: version 20150820
These are firmware files for the linux kernel loaded into devices by certain drivers. There are some
updates to Realtek firmware which may or may not improve certain Realtek NIC performance.
- linux: version 4.1.7
- linux: add kernel options (all per user request):
- CONFIG_SENSORS_NCT7904: Nuvoton NCT7904
- CONFIG_FMC_CHARDEV: FMC mezzanine driver that registers a char device
- CONFIG_FMC_TRIVIAL: FMC trivial mezzanine driver (software testing)
- CONFIG_FMC_WRITE_EEPROM: FMC mezzanine driver to write I2C EEPROM
- linux: removed kernel options:
- CONFIG_SCSI_AIC94XX: Adaptec AIC94xx SAS/SATA support
This was removed because required firmware file is not redistributable. This is for an old PCI-X
card anyway. If you are using this card contact <support@lime-technology.com>.
- CONFIG_EXT2_FS: Second extended fs support
- CONFIG_EXT3_FS: Ext3 journalling file system support
Removing these options omits the code for these file systems because the ext4 file system driver
now also handles ext2 and ext3 mounts.
- php: version 5.4.45
This is a security update. Refer to <http://php.net/ChangeLog-5.php#5.4.45>.
- webGUI changes:
- Remember view selection on Dashboard page
- Correct disk utilization on dashboard page
- Correction in days calculation of parity in statuscheck script
- Return disk PoH value as years, months, days, hours
- Allow SMART info for unassigned devices
- Corrected display of flash device in Main
- VM Manager: allow 128MB and 256MB memory options
Version 6.1.2 2015-09-08
------------------------
- emhttp: fix possible infinite loop if client closes HTTP connection during POST data transmission
This should fix some instances of webGui *hanging*.
- emhttp: force close smb share connections if that share security mode or access list is changed
Used to be that Windows would close SMB connections shortly after last I/O to a server. These days
Windows likes to keep conections open. Consequently, changing a share security mode or user access
list would appear to not take effect. This change fixes that behavior.
- linux: add kernel options:
- CONFIG_SCSI_MVSAS_TASKLET: Support for interrupt tasklet
The was removed to test effect on mvsas *slowdown* issue. Since it did not fix the issue we are
restoring it.
- slack: added a couple terminfo mappings (user request):
- xterm-color
- xterm-256color
Version 6.1.1 2015-09-06
------------------------
- emhttp: fix: for new installations: disk share export set to 'Auto', user share export set to 'Yes'
- docker: fix: create initial docker template repo
- emhttp: for new installations: disk spindown delay set to 0 (never spin down)
- linux: enable kernel options:
- CONFIG_BLK_DEV_NVME: NVM Express block device
- CONFIG_USB_ACM: USB Modem (CDC ACM) support
- linux: remove kernel options:
- CONFIG_SCSI_MVSAS_TASKLET: Support for interrupt tasklet
- linux: patch to ignore logging those useless and harmless msr errors that flood the syslog when running VMs
- qemu: ovmf: firmware Date: 20150904
- qemu: remove unneeded UefiShell.iso file
- VM Manager: noVNC: performance improvements and enhancements
Version 6.1.0 2015-08-31
------------------------
- avahi: supress "Invalid response packet from host" messages
- btrfs-progs: version 4.1.2
- docker: less verbose logging by default
- docker: version 1.7.1
- emhttp: bridge forward delay configurable
- emhttp: disk share export Yes/No/Auto support
- emhttp: fix problem not able to start multiple btrfs scrubs
- emhttp: get rid of passing arbitrary commands in URL
- emhttp: let Pro start regardless of attached device count
- emhttp: let Trial support disks in any slots
- emhttp: properly handle non-rotational devices standby mode (ie, 'spindown')
- emhttp: properly handle requests from localhost (IP address 127.0.0.1)
- emhttp: require credentials on all accesses, not just webGui pages
- gnutls: 3.3.17.1 (SSA:2015-233-01)
- libvirt: version 1.2.18
- linux: version 4.1.5
- linux: support "Lite-On IT Corp. / Plextor M6e PCI Express SSD [Marvell 88SS9183] (rev 14)", see https://lkml.org/lkml/2015/2/2/226
- mover: only move objects where "Use Cache" is set to "Yes" for a share
- ntp: enable by default
- ntp: 4.2.8p3 (SSA:2015-188-03)
- OpenELEC: added 6.0-beta3 image (beta3 includes hdmi sound fixes for nvidia cards and corrected 'addon_url' to allow plugins in Kodi once again)
- OpenELEC: use readonly for openelec disk image
- openssl: 1.0.1p (SSA:2015-190-01)
- php: enable pcntl
- php: version 5.4.44
- samba: include linux "dot" objects in directory listings
- samba: version 4.1.19
- slack: ca-certificates version 20150426
- slack: check USB Flash device upon startup (set 6th field of fstab to 1)
- unRAIDServer.plg: improvements in unRAID-5 update: ping google instead of local gateway to determine if network up
- VM Manager: allow usb devices to be used that do not have a name/desciption
- VM Manager: Fix: OVMF+Q35 needs the bus set to 'usb' instead of 'ide' for CD-ROMs
- VM Manager: support OpenELEC template
- VM Manager: Updated noVNC (using latest as of 8/5/15, commit 8f3c0f6)
- webGui: Add APCUPS summary to dashboard page
- webGui: Add refresh button to Docker Scrub operation
- webGui: added "Hide dot files" control on SMB Settings page
- webGUI: added banner and user thumbnail image upload support
- webGui: additional options for text/graphical display of Used/Free.
- webGui: all '#command' and 'cmd' values must reference scripts within /usr/local/emhttp/ jail.
- webGui: Corrected: default settings were not applied for apcupsd
- webGui: disable Array Stop button when mover is running
- webGui: enhanced report generation
- webGui: feedback for kool kids
- webGui: fix issues with uploading thumbnails, banner
- webGui: fix docker update regression introduced in 6.1-rc1
- webGui: fixed memory max display in dashboard
- webGui: fix notifications not initialized on reboot
- webGui: force browser reload of selected scripts and css files
- webGui: include linux "hidden" objects in directory listings
- webGui: install key: accept pre-keyserver links to key files
- webGui: integrate latest dynamix changes; many changes, refer to github
- webGui: Only show docker utilization when docker is enabled
- webGui: rearrange columns on Main page
- webGui: Replace alert-box for SweetAlert (enhanced messaging)
- webGui: use 'ftpusers' script to define ftp users
- webGui: use 'agent' script to control notification agents
- webGui: other misc. bug fixes and improvements
Version 6.0.1 2015-06-26
------------------------
- linux: enable kernel options:
- CONFIG_USB_PRINTER: USB Printer support
- CONFIG_USB_SERIAL_CP210X: USB CP210x family of UART Bridge Controllers
- openssl: 1.0.1o (SSA:2015-162-01)
- php: 5.4.41 (SSA:2015-162-02)
- unRAIDServer plugin (this file): be compatible with both unRAID-5 and unRAID-6
- webGui: Docker: Fix: volume mappings with apostrophes not escaping correctly
- webGui: integrate online feedback
- wget: version 1.16.3
Version 6.0.0 2015-06-15
------------------------
- docker: set default template repo
- webGui: other cosmetic changes
Version 6.0-rc6a
----------------
- docker: fix bug in docker/daemon/container.go: /etc/resolv.conf permissions should be 0644 not 0600
- webGui: add 'restart' to docker context menu
Version 6.0-rc6
---------------
- dhcpcd: update to 6.8.1
- dhcpcd: put dhcpcd in background if no carrier and/or no IP address after 60 seconds
- docker: trigger docker inotify watches on /etc/resolve.conf
- emhttp: fix cache devices getting unassigned when array slot count decreased
- slack: create informative /etc/issue file
- slack: maintain /etc/hostname file
- slack: added 'inet' command to /root - just a symlink to /etc/rc.d/rc.inet1
- webGui: Info page memory display corrections; other misc. changes
- webGui: other misc changes (see github)
Version 6.0-rc5
---------------
- bonding: fix to bring ethX i/f down before adding to bond; remove dhcp delay
- emhttp: fix disk/share status indicators
- emhttp: fix flash share comment not showing up, added flash share 'fsColor'
- emhttp: fix possible deadlock if http connection closed with output still pending
- emhttp: fix single-disk cache pool not mounting after format
- linux: enable kernel options:
- CONFIG_NFT_MASQ: Netfilter nf_tables masquerade support
- CONFIG_NFT_REDIR: Netfilter nf_tables redirect support
- CONFIG_NFT_MASQ_IPV4: IPv4 masquerading support for nf_tables
- CONFIG_NFT_REDIR_IPV4: IPv4 redirect support for nf_tables
- slack: fix ntp configuration handling
- syslinx: fix bug where Xen menu options are present in 'default' syslinux.cfg file
- webGui: added symlink to /usr/local/emhttp/plugins/dynamix/scripts/diagnostics in /usr/local/sbin
- webGui: file browswer: do not let user traverse up the tree beyond the mount point
- webGui: add rollover status indicator text for array status and user/disk share status
- webGui: add disclaimer to Diagnostics page (3rd party plugins may or may not expose personal information)
- webGui: custom user thumbnail/avatars support
- webGui: fix docker image file delete
- webGui: VM Manger changes (see github)
Version 6.0-rc4
---------------
- btrfs-progs: update to 4.0.1
- emhttp: fix bug where /mnt/user0 could be mounted when slot count decreased
- emhttp: do not count zero-size block devices against device limits
- emhttp: handle querystring variables with embedded single-quotes
- emhttp: added comment field for disk shares
- libvirt: patched rc.libvirt to eliminate bogus errors output to syslog
- libvirt: enabled virtual port capability
- linux: enable kernel options:
- CONFIG_MACVLAN: MAC-VLAN support
- CONFIG_MACVTAP: MAC-VLAN based tap driver
- CONFIG_NF_TABLES_BRIDGE: Ethernet Bridge nf_tables support
- CONFIG_NFT_BRIDGE_META: Netfilter nf_table bridge meta support
- CONFIG_BRIDGE_NF_EBTABLES: Ethernet Bridge tables (ebtables) support
- CONFIG_BRIDGE_EBT_*: (19 total Ethernet bridge tables)
- qemu: upgraded to SeaBIOS 1.8.1
- shfs: add NOCOW share support
- unRAIDServer plugin: preserve only "previous" release; removing current release will restore previous release
- webGui: fix Active Directory export settings not being active
- webGui: let user configure share COW flag
- webGui: make apcupsd driver_loaded script executable
- webGui: VM Manager: added Force Stop context menu option when VM is paused
- webGui: VM Manager: Fix: raw disk size display and adjustment capabilities
- webGUI: Docker: Fix: correctly calculate total data pulled stat
- webGUI: Docker: permit image to exist on user share
- webGUI: create Disk Shares page under Shares, move disk share settings
- webGUI: correct handling of sinqle quotes in share names
- webGUI: other misc changes/bug fixes
Version 6.0-rc3
---------------
- emhttp: fix Maintenance-mode array Start
- emhttp: properly output 'progress' strings output by emhttp_event scripts
- emhttp: let Pro start regardless of attached device count
- linux: update to 4.0.4 (btrfs fix from 4.0.3, spinlock fix from 4.0.4, btrfs balance patch)
- webGui: VM Manager bug fixes
- webGui: integrated improvements to apcupsd component
Version 6.0-rc2
---------------
- emhttp: restore default number of array slots to 24 (from 5 introduced in -rc1)
- slack: add package: patch version 2.7.4
- webGui: expunge all Xen "hooks"
- webGui: VM Manager bug fixes (refer to commit history on github)
Version 6.0-rc1
---------------
- docker: update to 1.6.2
- webGui: support replacement keys
- webGui: must be Stopped to change Identifcation settings
]]>
</CHANGES>
@@ -516,7 +272,16 @@ rmdir /boot/&name;
if [ "${version:0:2}" == "6." ]; then
echo "**REBOOT REQUIRED!**" &gt; /usr/local/emhttp/plugins/&name;/README.md
fi
# when upgading any version prior to 6.1
# when upgrading any version prior to 6.2
if [ "${version:0:3}" \&lt; "6.2" ]; then
if ! grep -q 'IMAGE_FILE' /boot/config/domains.cfg &amp;&gt; /dev/null ; then
echo 'IMAGE_FILE="/mnt/user/system/libvirt/libvirt.img"' &gt;&gt; /boot/config/domains.cfg
fi
if ! grep -q 'IMAGE_SIZE' /boot/config/domains.cfg &amp;&gt; /dev/null ; then
echo 'IMAGE_SIZE="1"' &gt;&gt; /boot/config/domains.cfg
fi
fi
# when upgrading any version prior to 6.1
if [ "${version:0:3}" \&lt; "6.1" ]; then
if ! grep -q 'shareDisk' /boot/config/share.cfg &amp;&gt; /dev/null ; then
echo 'shareDisk="yes"' &gt;&gt; /boot/config/share.cfg