4.2.0

Announcing the immediate availability of passbolt's docker repository 4.2.0.

This release, the first based on Debian 13, adds:

• Openshift support for non-root images
• Pin Passbolt server key generation to RSA by default
• Bump supercronic to 0.2.39

Moreover, it also fixes:

• mediaType OCI mismatch between index and manifest
• JWT directory permission error

And brings miscellaneous testing improvements.

4.1.1

Announcing the immediate availability of passbolt's docker repository 4.1.1.

This release adds docker secrets support for EMAIL_TRANSPORT_DEFAULT_PASSWORD
and EMAIL_TRANSPORT_DEFAULT_USERNAME environment variables thanks to @Shtiggs

It also includes a warning message when APP_FULL_BASE_URL environment variable
is not set to mitigate host header injection attacks. You can obtain more
information about the subject in the following link: https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection

4.1.0

Announcing the immediate availability of passbolt's docker image 4.1.0.

This is a minor change that fixes a logging issue where 500 errors were not redirected to standard output.
Also, it fixes issues on image testing and added the release notes automation on GitHub.

4.0.0

Added

• bookworm as base container
• php version set to 8.2
• Mariadb set to 10.11
• Updated rootless superchronic to 0.2.25
• Supervisor php-fpm command updated to php-fpm8.2
• Small refactor in kitchen tests

v3.10.0

Update changelog v3.10.0

v3.9.4

Added

• Update mariadb to version 10.10 #190
• Added PASSBOLT_GPG_SERVER_KEY_FINGERPRINT_FORCE env variable. Fixes #192
• Arm arch support for arm64/v8, arm/v7 and arm/v5 linux architectures.

v3.9.3

Merged multiple community PRs

v3.9.2

Updated internal pipelines

v3.9.1

Fix github actions

v3.8.1

Minor adjustments for internal pipelines