RE: LimeSurvey - Package Updates

[1.16.0]

• Update LimeSurvey to 4.3.9+200806

Did you try to remount that volume and retrigger the backup?
Otherwise do you know if it fails consistently at the same file and also are you using backup encryption?

Is the browser extension otherwise working? I am using that everyday and thus I am not able to reproduce it. Do you see anything in the app or extension logs?

We usually take a day or two to find any regressions and would release a patch version then. Then again we would wait for 1 or 2 days in case a regression is still there. If it goes smooth we will put it for auto-update in a couple of days latest.

I think this only works if you move/copy those emails to some local folder (in Thunderbird there is a "Local Folders" in the left pane) and then if you did a copy, you have to trash them normally.

[2.3.2]

• Update Roundcube to 1.4.2
• Full changelog
• Fix potential XSS issue in HTML editor of the identity signature input
• Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
• Fix cross-site scripting (XSS) via HTML messages with malicious math content

Depending on how sensitive your data is, it might be very helpful to get a copy of this to debug and verify a potential fix on our side. If that is ok with you, maybe send a mail to support@cloudron.io with a possible download link for the data set. Otherwise we may have to find a way how to produce such a large set in the first place.

Hi, do you see any errors in the app logs? If you need the app immediately please after taking a look at the logs and possibly posting the error here, you can restore the app to the previous version.

Looking at the docs you provided, it indeed seems that there is no way around updating mongodb in the addon to support that case.
This may take some time though to test and possibly find any backwards compatibility issues.

I've added an issue to track this at https://git.cloudron.io/cloudron/box/-/issues/725

So according to the upstream project, the api tokens are actually the only way to do so. The text in monica is just wrong by now.

[1.4.3]

• Update BitwardenRS to 1.16.3
• Fixed mysql and postgresql releases not building correctly
• Added support for restricting org creation to certain users: Examples
• Syncronized global_domains.json with upstream

Fixed in https://git.cloudron.io/cloudron/minio-app/-/commit/6eb1e7b4b9bbb3f8a2c1e44ac6d78b232ed79162

[1.4.2]

• Update BitwardenRS to 1.16.2
• Fixed issue unlocking vault in the desktop client.
• Added back arm32v6 tag, because docker fails to select that image in ARMv6 devices.
• Fixed websocket notifications when sending an item to the trash.

[1.3.2]

• Update OnlyOffice to 5.6.2
• Fix Path Traversal vulnerability via savefile param (Bug #46037)%

[2.5.4]

• Update Taiga to 5.0.15

[1.3.1]

• Update OnlyOffice to 5.6.1
• Fix Path Traversal vulnerability via Convert Service param (Bug #45976)

I was able to get it working with using api tokens, however they are very long and evolution for example would not accept that as a password.

I've created an upstream issue at https://github.com/monicahq/monica/issues/4295

Actually the well-known just redirects to /dav/ which is correct, but at least in my case I can't get over the authentication issue then. Both username/password nor api token allow me to access the dav resources. Always get 401 status code.

I can confirm that it does not work with evolution/thunderbird/davx
The logs show a PROPFIND /.well-known/caldav HTTP/1.1" 301 which seems to be correct, but then nothing happens further.

The current limit from the db on Cloudron for the zone is VARCHAR(128), so I don't think that is the issue. This may be best debugged with that very zone then. Not sure if this is a production server, but if you want, maybe send a mail to support@cloudron.io if you want us to take a direct look.