b1gMail 7.4.1 RC 2 (security release) released

    b1gMail 7.4.1 Release Candidate 2 is now available for download at https://github.com/b1gMail-OSS/b1gMail/releases! It is the first version released under the GPL license. Its the second release candidate of b1gMail which fixes known bugs from rc1 and is also an important security release. You should apply this update soon as possible. With every pre-release: use with own caution! If there is no any faulty reports, we will release the final release in 1-2 months.

    Before updating, please make a backup of the database and the b1gMail folder including the data folder!

    Changes 7.4.1-rc1->7.4.1-rc2

    • fix a Security vulnerability: It was possible to execute HTML code on an attachment
    • fix undefined array key strike
    • php 8 fixes on BMWorkGroup
    • fix Setup Encode
    • updated b1gMailServer Admin Plugin to the OSS Version
    • add http response codes on error pages
    • fix endless update with the switch to JSON database struct

    This version is fully compatible with the latest PHP 8.2 version.

    There may a small low undefined index and variables warning. Please help to find the last issues and report this to us, to fix this. Please note: Also third party plugins could cause an undefined index and variables warning, since mostly are not tested with PHP 8. Please report these errors to the plugin developer or fix yourself.

    Important for plugin authors

    With Beta 3, the static Function BMUser::Fetch was changed to BMUser::staticFetch. If you use this function in plugins you have to change this.

    New installation

    Download complete package. In serverlib rename config.default.inc.php to config.inc.php and version.default.inc.php to version.inc.php.

    Update from 7.4.1-beta

    upload the files. After call /setup/update.php. Alternatively delete in serverlib the file version.inc.php and rename version.default.inc.php to version.inc.php and call tools/db_sync.php. In both cases the setup folder must be deleted afterwards.

    Update from b1gMail 7.4.0

    Make a backup of serverlib/init.inc.php first. Then upload the files. Put the B1GMAIL_SIGNKEY from former init.inc.php to serverlib/config.inc.php. After call /setup/update.php. Alternatively delete in serverlib the file version.inc.php and rename version.default.inc.php to version.inc.php and call tools/db_sync.php. In both cases the setup folder must be deleted afterwards.

    Update from b1gMail 7.3.0

    Same as 7.4, but call /setup/update.php after the upload and don't use tools/db_sync.php.

    Update from other b1gMail 7.4 beta versions

    You have to update to b1gMail 7.4.0-Beta4 first.

    Update from b1gMail versions older than 7.3.0

    The update routine goes from 7.0.0. However, this has not been tested and it is therefore recommended to update to b1gMail 7.3.0 first, if you have access to this version.

    Update from b1gMail6

    If you are already using b1gMail6, please update to b1gMail 7.2.0 first, then to 7.3.0 and then to this version.

    Notes

    • Before updating, please make a backup of your database and files. No liability for data loss!
    • b1gMail 7.4.1 requires at least PHP 5.4 and will also the last release which support PHP5.4. With starting b1gMail 7.4.2 it will require at least PHP7 or 8.
    • New installation requires at least MySQL / MariaDB 5.5.3. MySQL 8.x and higher is currently not supported ( except MariaDB ). We recommend MariaDB as Database Engine.
    • After the update please delete your browser cache
    • b1gMail 7.4.1 also contains the PremiumAccount and Fax plugin.
    • If b1gMailServer is used, please restart the queue service after the update and make sure that the latest version is used.
    • If you want use the new features also on b1gMailServer, please upgrade your b1gMailServer to the OSS version: https://www.github.com/b1gMail/b1gMailServer
    • Plugins from ThinkClever GmbH are not compatible with the b1gMail 7.4 version. These must be uninstalled before update.
    • If the b1gMail installation is still running in ISO character set / Latin mode, it is strongly recommended to convert to UTF-8 format.
    • This version is shipped on the latest CKEditor4 version which reached its end-of-life in June 2023. There will no more any updates. If you want receive updates for CKEditor, you can use the commercial LTS version of CKEditor4 or upgrade to CKEditor 5. See https://ckeditor.com/docs/ckeditor5…ckeditor-4.html for migration guide.

    Limitations compared with the old commercial version

    • The toolbox is currently not available. License holders of the former commercial b1gMail version can still use the service, see below for more information. You find the source code at https://www.github.com/b1gMail/BMToolbox
    • Update notifications are not available
    • Fax plugin: Since the proprietary FPDI parser library is not allowed to be shipped in a GPL project, it was removed with the update of the FPDI class. This removes support for compressed PDF files. If one still needs this, a license must be purchased at https://www.setasign.com/products/fpdi-pdf-parser/pricing/. Alternatively, the last commercial version of the fax plugin can be used if a license was purchased at that time.

    Note for users who previously used the commercial version:

    The service at b1gMail.org are currently not accessible. This includes the toolbox. If you want to use the toolbox from b1gMail.com, you have to add the following to config.inc.php:

    PHP: config.inc.php
    define('B1GMAIL_SIGNKEY', ''); //Here add signkey
define('TOOLBOX_SERVER', 'http://service.b1gmail.com/toolbox/');
define('UPDATE_SERVER', 'http://service.b1gmail.com/patches/');
define('SIGNATURE_SERVER', 'http://service.b1gmail.com/signatures/');

    You get these values from serverlib/init.php of the commercial version.

    Character sets

    Before converting, be sure to back up the database and files. No liability for data loss!

    ISO character set

    b1gMail 7.4.1 will be the last version that will still support the old ISO character set or latin1. For a problem-free operation the conversion to UTF-8 format is therefore strongly recommended.

    If you are using a version older than 7.4.0:

    Saving emails to database causes character set errors, so the file system variant is the safest. Therefore, before conversion, log into the admin area, go to "Settings" " "Mail" and make sure that mail storage is set to "File system". Even if this was already the case, then go to "Tools" " "Optimization" " "File System" and run the "Mail Storage" function (Database -> Files). This is necessary to make sure that there are no more emails in the database, since this storage method has been removed as of version 7.4.0-Beta1.

    When updating: After running setup/update.php do not delete the "setup" folder yet but run setup/utf8convert.php first. Allow some time for the conversion.

    UTF8MB4

    New installations always use UTF8MB4, because the old UTF-8 implementation of MySQL cannot store 4 byte character sets. When updating from an older b1gMail version: run setup/utf8mb4convert.php. You need a little time for the conversion.

  • Sebijk 2. Mai 2024 um 19:16

    Hat das Thema freigeschaltet.

  • Sebijk 3. Mai 2024 um 08:15

    Hat den Titel des Themas von „b1gMail 7.4.1 RC 2 released“ zu „b1gMail 7.4.1 RC 2 (security release) released“ geändert.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden