Merge branch 'main' into feature/package-management

CHANGELOG.md

@@ -43,6 +43,14 @@ All notable changes to this project will be documented in this file.
 - Fixed xss vulnerability in v-add-sys-ip and user history log (thanks **@numanturle**)
 - Fixed remote execution possibility when deleting ssh key (thanks **@numanturle**)
 
+## [1.3.4] - Service Release
+### Features
+- No new features have been introduced in this release.
+
+### Bugfixes
+- Fixed xss vulnerability in v-add-sys-ip and user history log (thanks **@numanturle**)
+- Fixed remote execution possibility when deleting ssh key (thanks **@numanturle**)
+
 ## [1.3.3] - Service Release
 ### Bugfixes
 - Improved if web folder already exists and do not follow symlink on chmod (thanks @0xGsch and @kikoas1995).

README.md

@@ -2,7 +2,7 @@
 
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Latest stable release:** Version 1.3.3 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
+**Latest stable release:** Version 1.3.4 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
 
 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>

bin/v-add-sys-filemanager

@@ -19,8 +19,8 @@ MODE=$1
 user="admin"
 
 FM_INSTALL_DIR="$HESTIA/web/fm"
-FM_FILE="filegator_v${FM_V}.zip"
-FM_URL="https://github.com/filegator/filegator/releases/download/v${FM_V}/${FM_FILE}"
+FM_FILE="filegator_v${fm_v}.zip"
+FM_URL="https://github.com/filegator/filegator/releases/download/v${fm_v}/${FM_FILE}"
 COMPOSER_BIN="$HOMEDIR/$user/.composer/composer"
 
 

bin/v-add-sys-ip

@@ -42,7 +42,7 @@ source $HESTIA/conf/hestia.conf
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'IP NETMASK [INTERFACE] [USER] [STATUS] [NAME] [NATED_IP] [HELO]'
-is_format_valid 'ip' 'netmask' 'interface' 'user' 'ip_status'
+is_format_valid 'ip' 'netmask' 'iface' 'user' 'ip_status'
 is_ip_free
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

bin/v-delete-sys-filemanager

@@ -19,7 +19,6 @@ source $HESTIA/conf/hestia.conf
 
 user='admin'
 FM_INSTALL_DIR="$HESTIA/web/fm"
-FM_V="7.4.1"
 COMPOSER_BIN="$HOMEDIR/$user/.composer/composer"
 
 #----------------------------------------------------------#

func/main.sh

@@ -962,7 +962,6 @@ is_format_valid() {
                 host)           is_object_format_valid "$arg" "$arg_name" ;;
                 hour)           is_cron_format_valid "$arg" $arg_name ;;
                 id)             is_int_format_valid "$arg" 'id' ;;
-                interface)      is_interface_format_valid "$arg" ;;
                 iface)          is_interface_format_valid "$arg" ;;
                 ip)             is_ip_format_valid "$arg" ;;
                 ip_name)        is_domain_format_valid "$arg" 'IP name';;

func/upgrade.sh

@@ -650,7 +650,7 @@ upgrade_roundcube(){
         if [ ! -z "$(echo "$WEBMAIL_SYSTEM" | grep -w 'roundcube')" ]; then
             rc_version=$(cat /var/lib/roundcube/index.php | grep -o -E '[0-9].[0-9].[0-9]+' | head -1);
             if [ "$rc_version" == "$rc_v" ]; then
-                echo "[ * ] Upgrading RoundCube to version v$rc_v..."
+                echo "[ * ] Upgrading Roundcube to version v$rc_v..."
                 $HESTIA/bin/v-add-sys-roundcube
             fi
         fi
@@ -662,7 +662,7 @@ upgrade_rainloop(){
         if [ ! -z "$(echo "$WEBMAIL_SYSTEM" | grep -w 'rainloop')" ]; then
             rc_version=$(cat /var/lib/rainloop/data/VERSION);
             if [ "$rc_version" == "$rc_v" ]; then
-                echo "[ * ] Upgrading rainloop to version v$rc_v..."
+                echo "[ * ] Upgrading Rainloop to version v$rl_v..."
                 $HESTIA/bin/v-add-sys-rainloop
             fi
         fi

install/deb/filemanager/install-fm.sh

@@ -13,6 +13,7 @@ fi
 user='admin'
 fm_error='no'
 source $HESTIA/func/main.sh
+source $HESTIA/install/upgrade/upgrade.conf
 
 if [ -z "$HOMEDIR" ] || [ -z "$HESTIA_INSTALL_DIR" ]; then
     echo "Error: Hestia environment vars not present"
@@ -21,9 +22,8 @@ fi
 
 FM_INSTALL_DIR="$HESTIA/web/fm"
 
-FM_V="7.4.1"
-FM_FILE="filegator_v${FM_V}.zip"
-FM_URL="https://github.com/filegator/filegator/releases/download/v${FM_V}/${FM_FILE}"
+FM_FILE="filegator_v${fm_v}.zip"
+FM_URL="https://github.com/filegator/filegator/releases/download/v${fm_v}/${FM_FILE}"
 
 
 COMPOSER_BIN="$HOMEDIR/$user/.composer/composer"

install/upgrade/upgrade.conf

@@ -36,7 +36,7 @@ UPGRADE_UPDATE_RAINLOOP='true'
 
 # Update the File Manager or it's configuration file
 # UPGRADE_UPDATE_FILEMANAGER: Performs an upgrade/repair install of the File Manager
-# UPGRADE_UPDATE_FILEMANAGER: Updates only the configuration file
+# UPGRADE_UPDATE_FILEMANAGER_CONFIG: Updates only the configuration file
 UPGRADE_UPDATE_FILEMANAGER='true'
 UPGRADE_UPDATE_FILEMANAGER_CONFIG='false'
 
@@ -59,4 +59,4 @@ rc_v="1.4.11"
 rl_v="1.15.0"
 
 # Set version of File manager to update during upgrade if not already installed
-FM_V="7.5.0"
+fm_v="7.5.0"

install/upgrade/versions/1.3.4.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Hestia Control Panel upgrade script for target version 1.3.4
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################
+
+echo '[ * ] Updating System Administrator account permissions...'
+$HESTIA/bin/v-change-user-role admin admin
+
+# Send end-of-life notification to admin user on servers running Ubuntu 16.04
+if [ "$OS_TYPE" = "Ubuntu" ]; then
+    if [ "$OS_VERSION" = '16.04' ]; then
+        $HESTIA/bin/v-add-user-notification admin 'IMPORTANT: End of support for Ubuntu 16.04 LTS' '<b>Hestia Control Panel no longer supports Ubuntu 16.04 LTS</b>, as a result your server will no longer receive upgrades or security patches after <b>v1.3.4</b>.<br><br>Please upgrade to a supported operating system.'
+    fi
+fi

install/upgrade/versions/1.4.0.sh

@@ -107,6 +107,6 @@ fi
 
 # Fix PostgreSQL repo
 if [ -f /etc/apt/sources.list.d/postgresql.list ]; then
-    echo "[*] Updating PostgreSQL repository..."
+    echo "[ * ] Updating PostgreSQL repository..."
     sed -i 's|deb https://apt.postgresql.org/pub/repos/apt/|deb [arch=amd64] https://apt.postgresql.org/pub/repos/apt/|g' /etc/apt/sources.list.d/postgresql.list
 fi