mirror of
https://github.com/CyberMind-FR/secubox-deb.git
synced 2026-06-29 10:08:36 +00:00
Compare commits
base: gandalf:92c17b4755ed9c0cbd1022725d8c1cc82929f48a
gandalf:master
gandalf:fix/remove-authelia-sso
gandalf:feature/760-standardize-secubox-lan-to-192-168-10-0
gandalf:fix/secubox-p2p-master-link-statedir
gandalf:feature/761-fix-podcaster-audio-player-stops-every-f
gandalf:feature/758-nft-based-network-stats-log-counter-drop
gandalf:feature/748-enhanced-tow-boot-http-netboot-serial-fl
gandalf:feature/738-aggregator-resilience-sweep-async-handle
gandalf:feature/737-secubox-netboot-provisioning-reseau-over
gandalf:feature/728-sovereign-threat-intel-drop-crowdsec-cap
gandalf:feature/727-secubox-aggregator-auto-heal-watchdog-ti
gandalf:feature/726-secubox-podcaster-modern-podcast-manager
gandalf:fix/494-secubox-core-service-execstart-overrides
gandalf:feature/65-fix-nginx-add-missing-api-routes-to-webu
gandalf:fix/53-wazuh-uvicorn-process-causes-100-cpu-spi
gandalf:fix/121-metablog-ingest-site-dirs-should-be-crea
gandalf:feature/724-toolbox-banner-in-banner-r0-r3-level-swi
gandalf:feature/722-dpi-phase-3-ndpid-daemon-ci-cross-build
gandalf:feature/720-dpi-phase-3-per-device-daily-history-tim
gandalf:feature/718-dpi-phase-3-asn-enrichment-classify-sni
gandalf:feature/716-kbin-pdf-donut-grid-layout-broken-each-d
gandalf:feature/714-kbin-pdf-charts-blank-in-some-viewers-re
gandalf:feature/711-kbin-pdf-donut-charts-render-as-solid-pi
gandalf:feature/709-kbin-pdf-integrate-carto-graph-emoji-dat
gandalf:feature/707-kbin-report-cyberpunk-netrunner-characte
gandalf:feature/705-dpi-report-shows-zeros-exfil-is-a-60s-sn
gandalf:feature/703-kbin-pdf-render-visual-donut-charts-mitm
gandalf:feature/701-kbin-pdf-report-include-dpi-exfil-stats
gandalf:feature/699-kbin-report-tabbed-donut-stats-pistage-d
gandalf:feature/697-sbxmitm-truncates-responses-8mib-large-g
gandalf:feature/695-dpi-dashboard-fill-top-apps-protocols-ba
gandalf:feature/692-dpi-beaconing-rule-fires-on-sub-second-a
gandalf:feature/687-plan-full-flow-dpi-on-r3-ndpid-netifyd-p
gandalf:feature/689-sbxmitm-forged-leaf-certs-expire-after-2
gandalf:feature/683-plan-kbin-tor-endpoint-quick-switch-anon
gandalf:fix/662-altsvc-strip
gandalf:feat/662-client-geoflag
gandalf:feat/662-inline-banner
gandalf:feat/662-adlearn
gandalf:feat/662-social-relay
gandalf:feat/662-cumulative-live
gandalf:feat/662-analysis-relay
gandalf:feat/662-csp-demo
gandalf:feat/662-utls-chrome
gandalf:feat/662-adstats-popups
gandalf:fix/662-no-follow-redirect
gandalf:fix/662-gzip-banner
gandalf:feat/662-cutover-fix
gandalf:feat/662-transparent-machash
gandalf:feat/662-phase5prep-pkg
gandalf:feat/662-phase4-jar
gandalf:feat/662-phase3-parity
gandalf:feat/662-phase2b-bench
gandalf:fix/662-restore-ng-source
gandalf:feature/662-epic-migrate-toolbox-mitm-engine-off-pyt
gandalf:fix/cap-lists-5
gandalf:feature/659-feat-toolbox-per-visitor-ad-block-breakd
gandalf:fix/ad-learn-self-block-hardening
gandalf:feature/656-feat-toolbox-ad-intelligence-aggressive
gandalf:fix/653-fix-toolbox-banner-reliability-inline-bu
gandalf:feature/651-perf-toolbox-649-follow-up-broaden-splic
gandalf:feature/649-perf-toolbox-selective-sni-splice-passth
gandalf:fix/623-postinst-systemic-var-lib-log-cache-secu
gandalf:feature/646-perf-toolbox-adaptive-accept-encoding-st
gandalf:fix/644-hub-dashboard-latency-9-12s-per-module-s
gandalf:fix/642-social-graph-ip-literal-self-traffic-rec
gandalf:feature/634-toolbox-clients-reset-all-clients-reset
gandalf:fix/639-toolbox-banner-injected-into-iframes-sub
gandalf:fix/636-toolbox-r3-banner-stream-inject-loader-b
gandalf:feature/633-anti-track-v2-layered-block-poison-anony
gandalf:feature/630-make-live-ops-fixes-permanent-package-di
gandalf:feature/628-hub-health-monitor-page-vital-common-ser
gandalf:feature/626-haproxy-smart-self-healing-error-pages-5
gandalf:feature/624-waf-robustness-package-self-healing-insp
gandalf:feature/620-toolbox-ttfb-perf-stream-inject-async-pe
gandalf:fix/619-hub-dashboard-services-cache-never-warms
gandalf:feature/617-security-posture-full-rewrite-honest-boa
gandalf:feature/615-security-posture-add-security-posture-to
gandalf:feature/613-threat-analyst-add-country-flags-to-top
gandalf:feature/611-threat-analyst-limit-recent-attacks-tabl
gandalf:feature/609-waf-robust-route-propagation-dir-bind-mo
gandalf:feature/607-waf-behind-waf-media-cache-image-video-s
gandalf:feature/605-waf-refuse-unmapped-hosts-close-open-for
gandalf:feature/603-waf-port-live-mitmproxy-fixes-to-source
gandalf:feature/601-vm-vm-shows-0-containers-lxc-enumeration
gandalf:feature/599-threat-analyst-ingest-real-crowdsec-aler
gandalf:feature/597-threat-analyst-global-security-overview
gandalf:fix/595-threat-analyst-service-ends-up-disabled
gandalf:fix/593-webui-fix-metrics-mitm-0-wrong-unit-thre
gandalf:fix/autolearn-exclude-antibot
gandalf:feature/589-autolearn-bad-trackers-actors-from-threa
gandalf:feature/587-eye-graph-domain-suffix-country-cloud-nu
gandalf:feature/578-banner-shareable-top-1-pin-quick-button
gandalf:feature/577-perf-video-photo-cdn-proxy-cache-shared
gandalf:fix/ad-ghost-collapse-placeholders
gandalf:feature/576-ad-ghost-replace-ghosted-ad-with-a-css-l
gandalf:fix/581-postinst-portal-stays-dead-after-dpkg-up
gandalf:fix/575-eye-graph-remove-hide-all-ip-nodes-count
gandalf:feature/574-webext-popup-protection-stats-quick-filt
gandalf:feature/572-banner-colorful-emoji-chip-guirlande-fla
gandalf:feature/570-toolbox-mitm-dpi-media-type-statistifier
gandalf:feature/568-webext-popup-cap-top-tracker-list-to-5-e
gandalf:feature/566-r3-r4-silent-ad-banner-ghoster-economisa
gandalf:feature/564-detect-antibot-split-deployment-vs-chall
gandalf:feature/562-ca-fingerprint-surface-the-r3-ca-on-the
gandalf:feature/560-toolbox-protective-mode-tracker-alerting
gandalf:feature/558-apk-make-zero-tap-auto-run-robust-real-f
gandalf:feature/555-favicons-of-major-sites-in-the-xpi-popup
gandalf:feature/553-cartographie-graph-impact-sized-icon-bub
gandalf:feature/549-social-tracker-domain-rollup-history-tim
gandalf:feature/545-injected-banner-neon-tube-redesign-for-r
gandalf:feature/551-android-apk-zero-tap-auto-run-silent-onb
gandalf:feature/547-linux-firefox-installer-script-for-the-t
gandalf:feature/543-kbin-landing-radical-simplify-livelier-f
gandalf:feature/532-plan-browser-xpi-webextension-emancipate
gandalf:feature/490-phase-2c-toolbox-receiving-modules-actua
gandalf:feature/538-android-app-root-mode-fully-automated-si
gandalf:feature/536-serve-the-android-toolbox-apk-from-the-t
gandalf:feature/531-plan-android-apk-one-tap-toolbox-r3-clie
gandalf:fix/509-waf-soc-perf-double-buffered-cache-memor
gandalf:fix/503-ci-disable-espressobin-v7-ultra-image-bu
gandalf:feature/501-mitm-wg-multi-worker-fanout
gandalf:perf/500-captive-flags-and-addon-async
gandalf:feature/500-landing-platform-install
gandalf:perf/500-mitm-wg-h2-and-concurrency
gandalf:feature/500-phase8-utiq-quickwin
gandalf:fix/498-crowdsec-sudoers-status
gandalf:fix/498-auth-perms-and-rw
gandalf:fix/498-ntp-health-timesyncd
gandalf:feature/498-lxc-wg-privileged
gandalf:feature/498-lxc-cutover-nm-name
gandalf:feature/498-mitm-lxc-hardening
gandalf:fix/498-crowdsec-health
gandalf:chore/498-version-bump-wip
gandalf:feature/498-nm-keyfile
gandalf:fix/498-toolbox-ratelimit
gandalf:fix/498-cert-probe
gandalf:fix/498-r3-probe-same-origin
gandalf:fix/498-xff-r3-detect
gandalf:fix/498-wg-dns-fix
gandalf:feature/498-wg-boot-and-waf-history
gandalf:feature/498-asgi-migrate
gandalf:feature/498-asgi-consolidation
gandalf:feature/498-phase-6Q-quickwins
gandalf:feature/498-phase-7-waf-active-enforcement-mitm-crow
gandalf:feature/496-phase-6-wireguard-mitm-autocert-mode-r3
gandalf:feature/495-phase-5-toolbox-mitm-in-dedicated-lxc-co
gandalf:feature/492-phase-3-toolbox-transparency-layer-white
gandalf:feature/488-phase-2b-toolbox-wire-mitm-addons-to-rec
gandalf:feature/486-toolbox-phase-2a-geoip-flags-asn-secubox
gandalf:feature/485-toolbox-phase-2a-soc-scoring-multi-signa
gandalf:fix/465-revert-dts-patch-004-revert-hardware-usb
gandalf:fix/463-dts-enable-usb3-superspeed-on-mpcie-slot
gandalf:fix/458-mochabin-btusb-claims-mt7632u-interface
gandalf:feature/450-refactor-move-secubox-mesh-yggdrasil-vpn
gandalf:fix/444-kiosk-enable-cursor-on-pi-400-remove-noc
gandalf:fix/442-rpi400-image-mass-mask-non-essential-ser
gandalf:fix/436-build-scripts-stub-systemctl-handle-rasp
gandalf:fix/433-build-rpi-usb-sh-kiosk-install-silently
gandalf:fix/431-ci-install-binutils-aarch64-linux-gnu-fo
gandalf:feature/429-secubox-nextcloud-dashboard-api-renvoie
gandalf:feature/427-ci-build-packages-yml-arm64-matrix-build
gandalf:feature/425-secubox-sentinelle-gsm-arm64-build-fails
gandalf:feature/423-build-rpi-usb-sh-kiosk-flag-is-a-stub-pa
gandalf:fix/150-nftables-service-masked-at-boot-board-lo
gandalf:feature/152-roundcube-in-mail-lxc-configure-sqlite-b
gandalf:fix/394-nextcloud-remove-authelia-auth-request-f
gandalf:feature/410-secubox-user-provisioning-push-master-us
gandalf:feature/409-secubox-avatar-smart-media-cookie-hoster
gandalf:feature/407-privilege-separated-cookie-install-root
gandalf:feature/401-secubox-webext-firefox-webextension-comp
gandalf:feature/402-secubox-avatar-peek-poke-credential-brok
gandalf:feature/400-secubox-sso-lite-native-auth-request-ver
gandalf:feature/397-rework-secubox-photoprism-native-lxc-ins
gandalf:feature/388-rework-secubox-peertube-align-with-secub
gandalf:feature/398-secubox-nextcloud-capture-photolibrary-e
gandalf:fix/395-waf-cred-004-false-positive-on-nextcloud
gandalf:fix/392-vhost-health-error-status-404-502-hidden
gandalf:feature/391-package-the-gk2-ram-optimization-pattern
gandalf:feature/390-peertube-url-backport-vhost-template-por
gandalf:docs/389-navbar-resort-hardening-repo-into-root-c
gandalf:feature/377-feat-fmrelay-stream-fm-rds-as-icecast-mo
gandalf:feat/sentinelle-v0-4-0-rds-extension
gandalf:feat/zigbee-v2-6-0-backup-restore
gandalf:fix/core-lxc-autostart-wait-for-data
gandalf:fix/zigbee-access-list-public-url
gandalf:fix/hub-sidebar-precache-instant-render
gandalf:feature/370-x64-netplan-profiles-static-ip-fallback
gandalf:feat/threat-analyst-v1-4-0-actually-useful
gandalf:feat/threat-analyst-v1-3-0-simple-rewrite
gandalf:fix/threat-analyst-v1-2-0-jwt-noop
gandalf:fix/threat-analyst-v1-1-3-nocache
gandalf:fix/threat-analyst-v1-1-2-cors-credentials
gandalf:fix/threat-analyst-v1-1-1-navbar-padding
gandalf:fix/361-secubox-threat-analyst-v1-1-0-wire-metri
gandalf:fix/360-fix-secubox-hub-soc-dashboard-card-metri
gandalf:feature/357-secubox-sentinelle-gsm-v0-3-6-async-job
gandalf:feature/356-secubox-sentinelle-gsm-v0-3-5-scan-auto
gandalf:fix/354-secubox-sentinelle-gsm-v0-3-4-monkey-pat
gandalf:feature/345-mochabin-mpcie-slot-j5-investigate-w-dis
gandalf:fix/353-secubox-sentinelle-gsm-v0-3-3-drop-args
gandalf:feature/319-data-essential-data-convention-audit-30
gandalf:fix/286-haproxyctl-cmd-generate-drops-backend-de
gandalf:feature/312-secubox-threats-rebuild-threats-as-the-c
gandalf:feature/310-secubox-authelia-split-auth-control-dash
gandalf:feature/306-consolidate-navbar-to-6-charter-categori
gandalf:fix/303-secubox-zigbee-menu-d-80-zigbee-json-is
gandalf:fix/301-secubox-dns-provider-add-provider-modal
gandalf:fix/299-secubox-dns-provider-webui-add-provider
gandalf:feature/297-kernel-build-github-actions-workflow-for
gandalf:feature/295-kernel-build-add-config-zram-m-zstd-comp
gandalf:fix/293-secubox-zigbee-zigbee-config-ui-hidden-u
gandalf:fix/290-health-banner-remove-clickable-alert-lin
gandalf:feature/289-secubox-zigbee-split-secubox-config-modu
gandalf:feature/287-secubox-lyrion-move-public-vhost-from-ly
gandalf:feature/284-secubox-nextcloud-ship-etc-secubox-nextc
gandalf:fix/282-secubox-nextcloud-nextcloud-must-stay-th
gandalf:feature/280-secubox-nextcloud-modernize-lxc-install
gandalf:feature/278-secubox-authelia-own-the-sbx-auth-login
gandalf:fix/274-secubox-authelia-verify-must-forward-x-o
gandalf:fix/273-secubox-zigbee-secubox-lyrion-auth-redir
gandalf:feature/272-secubox-authelia-session-cookies-must-in
gandalf:feature/270-secubox-authelia-server-level-banner-sub
gandalf:feature/268-secubox-authelia-x-forwarded-proto-must
gandalf:feature/266-secubox-authelia-zigbee-lyrion-4-fixes-f
gandalf:feature/264-secubox-zigbee-secubox-lyrion-swap-lan-o
gandalf:feature/262-secubox-authelia-implement-verify-real-a
gandalf:feature/260-secubox-lyrion-lan-only-gate-on-lyrion-l
gandalf:fix/241-secubox-zigbee-v2.4.1-sonoff-mg21
gandalf:feature/255-mochabin-dt-board-mpcie-slot-usb-pins-no
gandalf:feature/237-secubox-sentinelle-gsm-passive-rx-sdr-se
gandalf:feature/236-secubox-rbs-sensor-wall-opad-rogue-base
gandalf:feature/241-secubox-zigbee-v2-4-0-rewrite-in-place-z
gandalf:feature/240-secubox-mqtt-v2-4-0-rewrite-in-place-mos
gandalf:feature/247-health-banner-clickable-cross-domain-lin
gandalf:feature/246-secubox-yacy-nginx-vhost-missing-well-kn
gandalf:feature/248-secubox-lyrion-expose-web-ui-on-lan-ip-1
gandalf:feature/244-secubox-lyrion-lxc-host-lyrion-music-ser
gandalf:feature/239-secubox-authelia-sso-idp-lxc-authelia-oi
gandalf:feature/234-secubox-rustdesk-new-lxc-module-for-self
gandalf:feature/232-secubox-yacy-new-lxc-module-for-peer-to
gandalf:feature/230-secubox-grafana-new-lxc-module-for-secur
gandalf:fix/228-missing-tools-on-images-secubox-flash-di
gandalf:fix/226-bare-metal-x86-64-polish-gate-pi-hardwar
gandalf:fix/224-kiosk-launcher-chromium-fails-on-debian
gandalf:fix/222-login-redirect-loop-68-web-ui-files-stil
gandalf:fix/220-secubox-health-doctor-duplicate-debhelpe
gandalf:fix/218-build-image-sh-skips-debian-deps-python3
gandalf:docs/216-docs-codify-the-secubox-grammar-modular
gandalf:feature/214-health-doctor-drop-act-runner-arm64-from
gandalf:feature/212-secubox-health-doctor-vital-services-hea
gandalf:fix/210-firstboot-users-json-wrong-schema-sha256
gandalf:fix/200-metablogizerctl-publish-should-orchestra
gandalf:fix/207-eye-square-ship-firstboot-sh-outside-usr
gandalf:fix/202-eye-square-debian-rules-content-drift-re
gandalf:fix/203-ci-build-packages-discover-step-schedule
gandalf:fix/201-secubox-eye-square-switch-to-architectur
gandalf:feature/196-implement-secubox-droplet-cli-dropletctl
gandalf:fix/197-api-v1-health-alias
gandalf:fix/round-real-root-icons
gandalf:fix/round-armv6-boot-services
gandalf:fix/194-secubox-metrics-visitororigin-entries-em
gandalf:feature/192-portal-regenerate-full-dashboard-navbar
gandalf:feature/190-giteactl-runner-forge-runner-add-remove
gandalf:feature/180-publishctl-rename-metactl-forge-post-nou
gandalf:feature/182-streamlitctl-extend-lifecycle-only-ctl-w
gandalf:feature/183-streamforgectl-forge-missing-ctl-streaml
gandalf:feature/184-metablogizerctl-extend-reference-ctl-wit
gandalf:feature/181-dropletctl-forge-missing-ctl-file-upload
gandalf:feature/176-giteactl-forge-repo-mirror-add-remove-li
gandalf:feature/177-ci-mirror-github-workflows-gitea-workflo
gandalf:feature/173-mitmproxyctl-align-with-lxc-reality-add
gandalf:fix/rpi4b-radar-arcs-top-centered
gandalf:fix/170-cookie-audit-pipeline-hardening-apparmor
gandalf:fix/167-secubox-hub-vs-secubox-portal-login-html
gandalf:fix/163-triple-soc-location-duplicate-breaks-ngi
gandalf:fix/162-secubox-core-postinst-overwrites-etc-ngi
gandalf:feature/158-live-deploy-fixes-followup
gandalf:feature/158-eye-remote-multi-gadget-l3-dhcp-server-o
gandalf:fix/155-eye-remote-link-rename-collision-when-mu
gandalf:feature/153-mail-stack-phase-2-rspamd-migration-roun
gandalf:feature/156-cookie-audit-pipeline-rgpd-eprivacy-comp
gandalf:feature/147-add-scripts-check-dashboard-cache-py-lin
gandalf:feature/136-mail-stack-phase-1-source-catch-up-legac
gandalf:fix/145-secubox-waf-apply-double-cache-pattern-o
gandalf:feature/138-port-radar-concentric-into-secubox-commo
gandalf:fix/139-round-image-usb0-otg-networking-dead-ifu
gandalf:fix/133-remote-ui-square-4-bugs-caught-at-pi-4b
gandalf:feature/127-add-remote-ui-square-variant-for-pi-4b-7
gandalf:feature/127-phase3-python-kiosk
gandalf:feature/127-phase2-square-variant
gandalf:feature/120-auth-rework-secubox-users-as-identity-so
gandalf:fix/124-build-live-usb-safety-protect-host-dev-f
gandalf:feature/122-build-live-usb-sh-add-static-ip-hostname
gandalf:fix/117-metablogizer-webhook-git-pull-fails-on-d
gandalf:feature/113-metablogizer-deploy-webhook-sub-e-of-49
gandalf:fix/114-secubox-hub-sidebar-enters-mobile-mode-o
gandalf:fix/111-metablogizer-api-load-sites-called-repea
gandalf:fix/109-metablogizer-api-sub-c-runtime-imports-f
gandalf:fix/106-metablogizer-api-delete-site-name-fails
gandalf:fix/105-metablogizer-ui-api-helper-swallows-res
gandalf:feature/103-metablogizer-version-dashboard-ui-module
gandalf:feature/101-metablogizer-site-json-schema-version-me
gandalf:feature/95-streamlit-per-site-version-pinning-conta
gandalf:feature/94-metablogizer-gitea-ingest-import-166-sit
gandalf:feature/49-feat-metablogizer-streamlit-version-mana
gandalf:fix/92-uvicorn-sibling-imports
gandalf:feature/92-health-banner-visitor-origin-feed-anonym
gandalf:feature/89-secubox-apt-clone-validate-implementatio
gandalf:feature/license-headers-phase-a
gandalf:feature/license-phase-b-full
gandalf:feature/83-multi-agent-worktree-workflow
gandalf:feature/eye-remote-auto-mode
gandalf:feature/sync-workflow-eyemote
gandalf:feature/multigadget-docs
gandalf:v2.14.1
gandalf:v2.14.0
gandalf:android-v0.4.0
gandalf:webext-v0.1.5
gandalf:webext-v0.1.4
gandalf:webext-v0.1.3
gandalf:webext-v0.1.2
gandalf:android-v0.3.0
gandalf:android-v0.2.0
gandalf:webext-v0.1.1
gandalf:webext-v0.1.0
gandalf:android-v0.1.0
gandalf:v2.13.20
gandalf:v2.13.19
gandalf:v2.13.18
gandalf:v2.13.17
gandalf:v2.13.16
gandalf:v2.13.15
gandalf:v2.13.14
gandalf:v2.13.13
gandalf:v2.13.12
gandalf:v2.13.11
gandalf:v2.13.10
gandalf:v2.13.9
gandalf:v2.13.8
gandalf:v2.13.7
gandalf:v2.13.6
gandalf:v2.13.5
gandalf:v2.13.4
gandalf:v2.13.3
gandalf:v2.13.2
gandalf:v2.13.1
gandalf:v2.13.0
gandalf:v2.12.18
gandalf:v2.12.17
gandalf:v2.12.16
gandalf:v2.12.15
gandalf:v2.12.14
gandalf:v2.12.13
gandalf:v2.12.12
gandalf:v2.12.11
gandalf:v2.12.10
gandalf:v2.12.9
gandalf:v2.12.8
gandalf:v2.12.7
gandalf:v2.12.6
gandalf:v2.12.5
gandalf:v2.12.4
gandalf:v2.12.3
gandalf:v2.12.2
gandalf:v2.12.1
gandalf:v2.12.0
gandalf:v2.11.1
gandalf:v2.11.0
gandalf:v2.10.3
gandalf:v2.10.2
gandalf:v2.10.1
gandalf:v2.10.0
gandalf:v2.9.0
gandalf:v2.2.1-eye-remote
gandalf:v2.8.0
gandalf:v2.7.3
gandalf:v2.7.2
gandalf:v2.7.1
gandalf:v2.7.0
gandalf:v2.6.1
gandalf:v2.6.0
gandalf:v2.5.0
gandalf:v2.4.0
gandalf:v2.3.0
gandalf:v2.2.0
gandalf:v2.1.1
gandalf:v1.9.0
gandalf:multiboot-v2.2.4-live
gandalf:multiboot-v2.2.4-pre1
gandalf:v2.1.0
gandalf:v1.8.0
gandalf:v1.7.1
gandalf:v1.7.0.1
gandalf:v1.7.0
gandalf:v1.6.7.14
gandalf:v1.6.7.13
gandalf:v1.6.7.12
gandalf:v1.6.7.11
gandalf:v1.6.7
gandalf:v1.6.5
gandalf:v1.6.0
gandalf:v1.5.9
gandalf:v1.5.8
gandalf:v1.5.7
gandalf:v1.5.6
gandalf:v1.5.5
gandalf:v1.5.4
gandalf:v1.5.3
gandalf:v1.5.2
gandalf:v1.5.1
gandalf:v1.5.0
gandalf:v1.4.2
gandalf:v1.4.1
gandalf:v1.4.0
gandalf:v1.3.11
gandalf:v1.3.10
gandalf:v1.3.9
gandalf:v1.3.8
gandalf:v1.3.7
gandalf:v1.3.6
gandalf:v1.3.5
gandalf:v1.3.4
gandalf:v1.3.3
gandalf:v1.3.2
gandalf:v1.3.1
gandalf:v1.3.0
gandalf:v1.2.0
gandalf:v1.1.0
gandalf:v1.0.0
gandalf:test-devel
...
compare: gandalf:4e20e32c8ab9b3313561e059dbb594b84a3e0275
gandalf:master
gandalf:fix/remove-authelia-sso
gandalf:feature/760-standardize-secubox-lan-to-192-168-10-0
gandalf:fix/secubox-p2p-master-link-statedir
gandalf:feature/761-fix-podcaster-audio-player-stops-every-f
gandalf:feature/758-nft-based-network-stats-log-counter-drop
gandalf:feature/748-enhanced-tow-boot-http-netboot-serial-fl
gandalf:feature/738-aggregator-resilience-sweep-async-handle
gandalf:feature/737-secubox-netboot-provisioning-reseau-over
gandalf:feature/728-sovereign-threat-intel-drop-crowdsec-cap
gandalf:feature/727-secubox-aggregator-auto-heal-watchdog-ti
gandalf:feature/726-secubox-podcaster-modern-podcast-manager
gandalf:fix/494-secubox-core-service-execstart-overrides
gandalf:feature/65-fix-nginx-add-missing-api-routes-to-webu
gandalf:fix/53-wazuh-uvicorn-process-causes-100-cpu-spi
gandalf:fix/121-metablog-ingest-site-dirs-should-be-crea
gandalf:feature/724-toolbox-banner-in-banner-r0-r3-level-swi
gandalf:feature/722-dpi-phase-3-ndpid-daemon-ci-cross-build
gandalf:feature/720-dpi-phase-3-per-device-daily-history-tim
gandalf:feature/718-dpi-phase-3-asn-enrichment-classify-sni
gandalf:feature/716-kbin-pdf-donut-grid-layout-broken-each-d
gandalf:feature/714-kbin-pdf-charts-blank-in-some-viewers-re
gandalf:feature/711-kbin-pdf-donut-charts-render-as-solid-pi
gandalf:feature/709-kbin-pdf-integrate-carto-graph-emoji-dat
gandalf:feature/707-kbin-report-cyberpunk-netrunner-characte
gandalf:feature/705-dpi-report-shows-zeros-exfil-is-a-60s-sn
gandalf:feature/703-kbin-pdf-render-visual-donut-charts-mitm
gandalf:feature/701-kbin-pdf-report-include-dpi-exfil-stats
gandalf:feature/699-kbin-report-tabbed-donut-stats-pistage-d
gandalf:feature/697-sbxmitm-truncates-responses-8mib-large-g
gandalf:feature/695-dpi-dashboard-fill-top-apps-protocols-ba
gandalf:feature/692-dpi-beaconing-rule-fires-on-sub-second-a
gandalf:feature/687-plan-full-flow-dpi-on-r3-ndpid-netifyd-p
gandalf:feature/689-sbxmitm-forged-leaf-certs-expire-after-2
gandalf:feature/683-plan-kbin-tor-endpoint-quick-switch-anon
gandalf:fix/662-altsvc-strip
gandalf:feat/662-client-geoflag
gandalf:feat/662-inline-banner
gandalf:feat/662-adlearn
gandalf:feat/662-social-relay
gandalf:feat/662-cumulative-live
gandalf:feat/662-analysis-relay
gandalf:feat/662-csp-demo
gandalf:feat/662-utls-chrome
gandalf:feat/662-adstats-popups
gandalf:fix/662-no-follow-redirect
gandalf:fix/662-gzip-banner
gandalf:feat/662-cutover-fix
gandalf:feat/662-transparent-machash
gandalf:feat/662-phase5prep-pkg
gandalf:feat/662-phase4-jar
gandalf:feat/662-phase3-parity
gandalf:feat/662-phase2b-bench
gandalf:fix/662-restore-ng-source
gandalf:feature/662-epic-migrate-toolbox-mitm-engine-off-pyt
gandalf:fix/cap-lists-5
gandalf:feature/659-feat-toolbox-per-visitor-ad-block-breakd
gandalf:fix/ad-learn-self-block-hardening
gandalf:feature/656-feat-toolbox-ad-intelligence-aggressive
gandalf:fix/653-fix-toolbox-banner-reliability-inline-bu
gandalf:feature/651-perf-toolbox-649-follow-up-broaden-splic
gandalf:feature/649-perf-toolbox-selective-sni-splice-passth
gandalf:fix/623-postinst-systemic-var-lib-log-cache-secu
gandalf:feature/646-perf-toolbox-adaptive-accept-encoding-st
gandalf:fix/644-hub-dashboard-latency-9-12s-per-module-s
gandalf:fix/642-social-graph-ip-literal-self-traffic-rec
gandalf:feature/634-toolbox-clients-reset-all-clients-reset
gandalf:fix/639-toolbox-banner-injected-into-iframes-sub
gandalf:fix/636-toolbox-r3-banner-stream-inject-loader-b
gandalf:feature/633-anti-track-v2-layered-block-poison-anony
gandalf:feature/630-make-live-ops-fixes-permanent-package-di
gandalf:feature/628-hub-health-monitor-page-vital-common-ser
gandalf:feature/626-haproxy-smart-self-healing-error-pages-5
gandalf:feature/624-waf-robustness-package-self-healing-insp
gandalf:feature/620-toolbox-ttfb-perf-stream-inject-async-pe
gandalf:fix/619-hub-dashboard-services-cache-never-warms
gandalf:feature/617-security-posture-full-rewrite-honest-boa
gandalf:feature/615-security-posture-add-security-posture-to
gandalf:feature/613-threat-analyst-add-country-flags-to-top
gandalf:feature/611-threat-analyst-limit-recent-attacks-tabl
gandalf:feature/609-waf-robust-route-propagation-dir-bind-mo
gandalf:feature/607-waf-behind-waf-media-cache-image-video-s
gandalf:feature/605-waf-refuse-unmapped-hosts-close-open-for
gandalf:feature/603-waf-port-live-mitmproxy-fixes-to-source
gandalf:feature/601-vm-vm-shows-0-containers-lxc-enumeration
gandalf:feature/599-threat-analyst-ingest-real-crowdsec-aler
gandalf:feature/597-threat-analyst-global-security-overview
gandalf:fix/595-threat-analyst-service-ends-up-disabled
gandalf:fix/593-webui-fix-metrics-mitm-0-wrong-unit-thre
gandalf:fix/autolearn-exclude-antibot
gandalf:feature/589-autolearn-bad-trackers-actors-from-threa
gandalf:feature/587-eye-graph-domain-suffix-country-cloud-nu
gandalf:feature/578-banner-shareable-top-1-pin-quick-button
gandalf:feature/577-perf-video-photo-cdn-proxy-cache-shared
gandalf:fix/ad-ghost-collapse-placeholders
gandalf:feature/576-ad-ghost-replace-ghosted-ad-with-a-css-l
gandalf:fix/581-postinst-portal-stays-dead-after-dpkg-up
gandalf:fix/575-eye-graph-remove-hide-all-ip-nodes-count
gandalf:feature/574-webext-popup-protection-stats-quick-filt
gandalf:feature/572-banner-colorful-emoji-chip-guirlande-fla
gandalf:feature/570-toolbox-mitm-dpi-media-type-statistifier
gandalf:feature/568-webext-popup-cap-top-tracker-list-to-5-e
gandalf:feature/566-r3-r4-silent-ad-banner-ghoster-economisa
gandalf:feature/564-detect-antibot-split-deployment-vs-chall
gandalf:feature/562-ca-fingerprint-surface-the-r3-ca-on-the
gandalf:feature/560-toolbox-protective-mode-tracker-alerting
gandalf:feature/558-apk-make-zero-tap-auto-run-robust-real-f
gandalf:feature/555-favicons-of-major-sites-in-the-xpi-popup
gandalf:feature/553-cartographie-graph-impact-sized-icon-bub
gandalf:feature/549-social-tracker-domain-rollup-history-tim
gandalf:feature/545-injected-banner-neon-tube-redesign-for-r
gandalf:feature/551-android-apk-zero-tap-auto-run-silent-onb
gandalf:feature/547-linux-firefox-installer-script-for-the-t
gandalf:feature/543-kbin-landing-radical-simplify-livelier-f
gandalf:feature/532-plan-browser-xpi-webextension-emancipate
gandalf:feature/490-phase-2c-toolbox-receiving-modules-actua
gandalf:feature/538-android-app-root-mode-fully-automated-si
gandalf:feature/536-serve-the-android-toolbox-apk-from-the-t
gandalf:feature/531-plan-android-apk-one-tap-toolbox-r3-clie
gandalf:fix/509-waf-soc-perf-double-buffered-cache-memor
gandalf:fix/503-ci-disable-espressobin-v7-ultra-image-bu
gandalf:feature/501-mitm-wg-multi-worker-fanout
gandalf:perf/500-captive-flags-and-addon-async
gandalf:feature/500-landing-platform-install
gandalf:perf/500-mitm-wg-h2-and-concurrency
gandalf:feature/500-phase8-utiq-quickwin
gandalf:fix/498-crowdsec-sudoers-status
gandalf:fix/498-auth-perms-and-rw
gandalf:fix/498-ntp-health-timesyncd
gandalf:feature/498-lxc-wg-privileged
gandalf:feature/498-lxc-cutover-nm-name
gandalf:feature/498-mitm-lxc-hardening
gandalf:fix/498-crowdsec-health
gandalf:chore/498-version-bump-wip
gandalf:feature/498-nm-keyfile
gandalf:fix/498-toolbox-ratelimit
gandalf:fix/498-cert-probe
gandalf:fix/498-r3-probe-same-origin
gandalf:fix/498-xff-r3-detect
gandalf:fix/498-wg-dns-fix
gandalf:feature/498-wg-boot-and-waf-history
gandalf:feature/498-asgi-migrate
gandalf:feature/498-asgi-consolidation
gandalf:feature/498-phase-6Q-quickwins
gandalf:feature/498-phase-7-waf-active-enforcement-mitm-crow
gandalf:feature/496-phase-6-wireguard-mitm-autocert-mode-r3
gandalf:feature/495-phase-5-toolbox-mitm-in-dedicated-lxc-co
gandalf:feature/492-phase-3-toolbox-transparency-layer-white
gandalf:feature/488-phase-2b-toolbox-wire-mitm-addons-to-rec
gandalf:feature/486-toolbox-phase-2a-geoip-flags-asn-secubox
gandalf:feature/485-toolbox-phase-2a-soc-scoring-multi-signa
gandalf:fix/465-revert-dts-patch-004-revert-hardware-usb
gandalf:fix/463-dts-enable-usb3-superspeed-on-mpcie-slot
gandalf:fix/458-mochabin-btusb-claims-mt7632u-interface
gandalf:feature/450-refactor-move-secubox-mesh-yggdrasil-vpn
gandalf:fix/444-kiosk-enable-cursor-on-pi-400-remove-noc
gandalf:fix/442-rpi400-image-mass-mask-non-essential-ser
gandalf:fix/436-build-scripts-stub-systemctl-handle-rasp
gandalf:fix/433-build-rpi-usb-sh-kiosk-install-silently
gandalf:fix/431-ci-install-binutils-aarch64-linux-gnu-fo
gandalf:feature/429-secubox-nextcloud-dashboard-api-renvoie
gandalf:feature/427-ci-build-packages-yml-arm64-matrix-build
gandalf:feature/425-secubox-sentinelle-gsm-arm64-build-fails
gandalf:feature/423-build-rpi-usb-sh-kiosk-flag-is-a-stub-pa
gandalf:fix/150-nftables-service-masked-at-boot-board-lo
gandalf:feature/152-roundcube-in-mail-lxc-configure-sqlite-b
gandalf:fix/394-nextcloud-remove-authelia-auth-request-f
gandalf:feature/410-secubox-user-provisioning-push-master-us
gandalf:feature/409-secubox-avatar-smart-media-cookie-hoster
gandalf:feature/407-privilege-separated-cookie-install-root
gandalf:feature/401-secubox-webext-firefox-webextension-comp
gandalf:feature/402-secubox-avatar-peek-poke-credential-brok
gandalf:feature/400-secubox-sso-lite-native-auth-request-ver
gandalf:feature/397-rework-secubox-photoprism-native-lxc-ins
gandalf:feature/388-rework-secubox-peertube-align-with-secub
gandalf:feature/398-secubox-nextcloud-capture-photolibrary-e
gandalf:fix/395-waf-cred-004-false-positive-on-nextcloud
gandalf:fix/392-vhost-health-error-status-404-502-hidden
gandalf:feature/391-package-the-gk2-ram-optimization-pattern
gandalf:feature/390-peertube-url-backport-vhost-template-por
gandalf:docs/389-navbar-resort-hardening-repo-into-root-c
gandalf:feature/377-feat-fmrelay-stream-fm-rds-as-icecast-mo
gandalf:feat/sentinelle-v0-4-0-rds-extension
gandalf:feat/zigbee-v2-6-0-backup-restore
gandalf:fix/core-lxc-autostart-wait-for-data
gandalf:fix/zigbee-access-list-public-url
gandalf:fix/hub-sidebar-precache-instant-render
gandalf:feature/370-x64-netplan-profiles-static-ip-fallback
gandalf:feat/threat-analyst-v1-4-0-actually-useful
gandalf:feat/threat-analyst-v1-3-0-simple-rewrite
gandalf:fix/threat-analyst-v1-2-0-jwt-noop
gandalf:fix/threat-analyst-v1-1-3-nocache
gandalf:fix/threat-analyst-v1-1-2-cors-credentials
gandalf:fix/threat-analyst-v1-1-1-navbar-padding
gandalf:fix/361-secubox-threat-analyst-v1-1-0-wire-metri
gandalf:fix/360-fix-secubox-hub-soc-dashboard-card-metri
gandalf:feature/357-secubox-sentinelle-gsm-v0-3-6-async-job
gandalf:feature/356-secubox-sentinelle-gsm-v0-3-5-scan-auto
gandalf:fix/354-secubox-sentinelle-gsm-v0-3-4-monkey-pat
gandalf:feature/345-mochabin-mpcie-slot-j5-investigate-w-dis
gandalf:fix/353-secubox-sentinelle-gsm-v0-3-3-drop-args
gandalf:feature/319-data-essential-data-convention-audit-30
gandalf:fix/286-haproxyctl-cmd-generate-drops-backend-de
gandalf:feature/312-secubox-threats-rebuild-threats-as-the-c
gandalf:feature/310-secubox-authelia-split-auth-control-dash
gandalf:feature/306-consolidate-navbar-to-6-charter-categori
gandalf:fix/303-secubox-zigbee-menu-d-80-zigbee-json-is
gandalf:fix/301-secubox-dns-provider-add-provider-modal
gandalf:fix/299-secubox-dns-provider-webui-add-provider
gandalf:feature/297-kernel-build-github-actions-workflow-for
gandalf:feature/295-kernel-build-add-config-zram-m-zstd-comp
gandalf:fix/293-secubox-zigbee-zigbee-config-ui-hidden-u
gandalf:fix/290-health-banner-remove-clickable-alert-lin
gandalf:feature/289-secubox-zigbee-split-secubox-config-modu
gandalf:feature/287-secubox-lyrion-move-public-vhost-from-ly
gandalf:feature/284-secubox-nextcloud-ship-etc-secubox-nextc
gandalf:fix/282-secubox-nextcloud-nextcloud-must-stay-th
gandalf:feature/280-secubox-nextcloud-modernize-lxc-install
gandalf:feature/278-secubox-authelia-own-the-sbx-auth-login
gandalf:fix/274-secubox-authelia-verify-must-forward-x-o
gandalf:fix/273-secubox-zigbee-secubox-lyrion-auth-redir
gandalf:feature/272-secubox-authelia-session-cookies-must-in
gandalf:feature/270-secubox-authelia-server-level-banner-sub
gandalf:feature/268-secubox-authelia-x-forwarded-proto-must
gandalf:feature/266-secubox-authelia-zigbee-lyrion-4-fixes-f
gandalf:feature/264-secubox-zigbee-secubox-lyrion-swap-lan-o
gandalf:feature/262-secubox-authelia-implement-verify-real-a
gandalf:feature/260-secubox-lyrion-lan-only-gate-on-lyrion-l
gandalf:fix/241-secubox-zigbee-v2.4.1-sonoff-mg21
gandalf:feature/255-mochabin-dt-board-mpcie-slot-usb-pins-no
gandalf:feature/237-secubox-sentinelle-gsm-passive-rx-sdr-se
gandalf:feature/236-secubox-rbs-sensor-wall-opad-rogue-base
gandalf:feature/241-secubox-zigbee-v2-4-0-rewrite-in-place-z
gandalf:feature/240-secubox-mqtt-v2-4-0-rewrite-in-place-mos
gandalf:feature/247-health-banner-clickable-cross-domain-lin
gandalf:feature/246-secubox-yacy-nginx-vhost-missing-well-kn
gandalf:feature/248-secubox-lyrion-expose-web-ui-on-lan-ip-1
gandalf:feature/244-secubox-lyrion-lxc-host-lyrion-music-ser
gandalf:feature/239-secubox-authelia-sso-idp-lxc-authelia-oi
gandalf:feature/234-secubox-rustdesk-new-lxc-module-for-self
gandalf:feature/232-secubox-yacy-new-lxc-module-for-peer-to
gandalf:feature/230-secubox-grafana-new-lxc-module-for-secur
gandalf:fix/228-missing-tools-on-images-secubox-flash-di
gandalf:fix/226-bare-metal-x86-64-polish-gate-pi-hardwar
gandalf:fix/224-kiosk-launcher-chromium-fails-on-debian
gandalf:fix/222-login-redirect-loop-68-web-ui-files-stil
gandalf:fix/220-secubox-health-doctor-duplicate-debhelpe
gandalf:fix/218-build-image-sh-skips-debian-deps-python3
gandalf:docs/216-docs-codify-the-secubox-grammar-modular
gandalf:feature/214-health-doctor-drop-act-runner-arm64-from
gandalf:feature/212-secubox-health-doctor-vital-services-hea
gandalf:fix/210-firstboot-users-json-wrong-schema-sha256
gandalf:fix/200-metablogizerctl-publish-should-orchestra
gandalf:fix/207-eye-square-ship-firstboot-sh-outside-usr
gandalf:fix/202-eye-square-debian-rules-content-drift-re
gandalf:fix/203-ci-build-packages-discover-step-schedule
gandalf:fix/201-secubox-eye-square-switch-to-architectur
gandalf:feature/196-implement-secubox-droplet-cli-dropletctl
gandalf:fix/197-api-v1-health-alias
gandalf:fix/round-real-root-icons
gandalf:fix/round-armv6-boot-services
gandalf:fix/194-secubox-metrics-visitororigin-entries-em
gandalf:feature/192-portal-regenerate-full-dashboard-navbar
gandalf:feature/190-giteactl-runner-forge-runner-add-remove
gandalf:feature/180-publishctl-rename-metactl-forge-post-nou
gandalf:feature/182-streamlitctl-extend-lifecycle-only-ctl-w
gandalf:feature/183-streamforgectl-forge-missing-ctl-streaml
gandalf:feature/184-metablogizerctl-extend-reference-ctl-wit
gandalf:feature/181-dropletctl-forge-missing-ctl-file-upload
gandalf:feature/176-giteactl-forge-repo-mirror-add-remove-li
gandalf:feature/177-ci-mirror-github-workflows-gitea-workflo
gandalf:feature/173-mitmproxyctl-align-with-lxc-reality-add
gandalf:fix/rpi4b-radar-arcs-top-centered
gandalf:fix/170-cookie-audit-pipeline-hardening-apparmor
gandalf:fix/167-secubox-hub-vs-secubox-portal-login-html
gandalf:fix/163-triple-soc-location-duplicate-breaks-ngi
gandalf:fix/162-secubox-core-postinst-overwrites-etc-ngi
gandalf:feature/158-live-deploy-fixes-followup
gandalf:feature/158-eye-remote-multi-gadget-l3-dhcp-server-o
gandalf:fix/155-eye-remote-link-rename-collision-when-mu
gandalf:feature/153-mail-stack-phase-2-rspamd-migration-roun
gandalf:feature/156-cookie-audit-pipeline-rgpd-eprivacy-comp
gandalf:feature/147-add-scripts-check-dashboard-cache-py-lin
gandalf:feature/136-mail-stack-phase-1-source-catch-up-legac
gandalf:fix/145-secubox-waf-apply-double-cache-pattern-o
gandalf:feature/138-port-radar-concentric-into-secubox-commo
gandalf:fix/139-round-image-usb0-otg-networking-dead-ifu
gandalf:fix/133-remote-ui-square-4-bugs-caught-at-pi-4b
gandalf:feature/127-add-remote-ui-square-variant-for-pi-4b-7
gandalf:feature/127-phase3-python-kiosk
gandalf:feature/127-phase2-square-variant
gandalf:feature/120-auth-rework-secubox-users-as-identity-so
gandalf:fix/124-build-live-usb-safety-protect-host-dev-f
gandalf:feature/122-build-live-usb-sh-add-static-ip-hostname
gandalf:fix/117-metablogizer-webhook-git-pull-fails-on-d
gandalf:feature/113-metablogizer-deploy-webhook-sub-e-of-49
gandalf:fix/114-secubox-hub-sidebar-enters-mobile-mode-o
gandalf:fix/111-metablogizer-api-load-sites-called-repea
gandalf:fix/109-metablogizer-api-sub-c-runtime-imports-f
gandalf:fix/106-metablogizer-api-delete-site-name-fails
gandalf:fix/105-metablogizer-ui-api-helper-swallows-res
gandalf:feature/103-metablogizer-version-dashboard-ui-module
gandalf:feature/101-metablogizer-site-json-schema-version-me
gandalf:feature/95-streamlit-per-site-version-pinning-conta
gandalf:feature/94-metablogizer-gitea-ingest-import-166-sit
gandalf:feature/49-feat-metablogizer-streamlit-version-mana
gandalf:fix/92-uvicorn-sibling-imports
gandalf:feature/92-health-banner-visitor-origin-feed-anonym
gandalf:feature/89-secubox-apt-clone-validate-implementatio
gandalf:feature/license-headers-phase-a
gandalf:feature/license-phase-b-full
gandalf:feature/83-multi-agent-worktree-workflow
gandalf:feature/eye-remote-auto-mode
gandalf:feature/sync-workflow-eyemote
gandalf:feature/multigadget-docs
gandalf:v2.14.1
gandalf:v2.14.0
gandalf:android-v0.4.0
gandalf:webext-v0.1.5
gandalf:webext-v0.1.4
gandalf:webext-v0.1.3
gandalf:webext-v0.1.2
gandalf:android-v0.3.0
gandalf:android-v0.2.0
gandalf:webext-v0.1.1
gandalf:webext-v0.1.0
gandalf:android-v0.1.0
gandalf:v2.13.20
gandalf:v2.13.19
gandalf:v2.13.18
gandalf:v2.13.17
gandalf:v2.13.16
gandalf:v2.13.15
gandalf:v2.13.14
gandalf:v2.13.13
gandalf:v2.13.12
gandalf:v2.13.11
gandalf:v2.13.10
gandalf:v2.13.9
gandalf:v2.13.8
gandalf:v2.13.7
gandalf:v2.13.6
gandalf:v2.13.5
gandalf:v2.13.4
gandalf:v2.13.3
gandalf:v2.13.2
gandalf:v2.13.1
gandalf:v2.13.0
gandalf:v2.12.18
gandalf:v2.12.17
gandalf:v2.12.16
gandalf:v2.12.15
gandalf:v2.12.14
gandalf:v2.12.13
gandalf:v2.12.12
gandalf:v2.12.11
gandalf:v2.12.10
gandalf:v2.12.9
gandalf:v2.12.8
gandalf:v2.12.7
gandalf:v2.12.6
gandalf:v2.12.5
gandalf:v2.12.4
gandalf:v2.12.3
gandalf:v2.12.2
gandalf:v2.12.1
gandalf:v2.12.0
gandalf:v2.11.1
gandalf:v2.11.0
gandalf:v2.10.3
gandalf:v2.10.2
gandalf:v2.10.1
gandalf:v2.10.0
gandalf:v2.9.0
gandalf:v2.2.1-eye-remote
gandalf:v2.8.0
gandalf:v2.7.3
gandalf:v2.7.2
gandalf:v2.7.1
gandalf:v2.7.0
gandalf:v2.6.1
gandalf:v2.6.0
gandalf:v2.5.0
gandalf:v2.4.0
gandalf:v2.3.0
gandalf:v2.2.0
gandalf:v2.1.1
gandalf:v1.9.0
gandalf:multiboot-v2.2.4-live
gandalf:multiboot-v2.2.4-pre1
gandalf:v2.1.0
gandalf:v1.8.0
gandalf:v1.7.1
gandalf:v1.7.0.1
gandalf:v1.7.0
gandalf:v1.6.7.14
gandalf:v1.6.7.13
gandalf:v1.6.7.12
gandalf:v1.6.7.11
gandalf:v1.6.7
gandalf:v1.6.5
gandalf:v1.6.0
gandalf:v1.5.9
gandalf:v1.5.8
gandalf:v1.5.7
gandalf:v1.5.6
gandalf:v1.5.5
gandalf:v1.5.4
gandalf:v1.5.3
gandalf:v1.5.2
gandalf:v1.5.1
gandalf:v1.5.0
gandalf:v1.4.2
gandalf:v1.4.1
gandalf:v1.4.0
gandalf:v1.3.11
gandalf:v1.3.10
gandalf:v1.3.9
gandalf:v1.3.8
gandalf:v1.3.7
gandalf:v1.3.6
gandalf:v1.3.5
gandalf:v1.3.4
gandalf:v1.3.3
gandalf:v1.3.2
gandalf:v1.3.1
gandalf:v1.3.0
gandalf:v1.2.0
gandalf:v1.1.0
gandalf:v1.0.0
gandalf:test-devel
2 Commits
92c17b4755
...
4e20e32c8a
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
CyberMind
|
4e20e32c8a
|
Merge 4007d7f8ca into 5aef304ed7
|
||
| 4007d7f8ca |
fix(security-posture): postinst must not clobber /var/lib/secubox parent mode (ref #617)
2.0.0 ran 'install -d -m 0750 /var/lib/secubox/security-posture' which re-moded the shared parent to 0750 secubox:secubox, breaking traversal for other secubox-* daemons (kbin/toolbox -> HTTP 500). Keep parent 0755; restrict only the leaf; service creates its dir at runtime. Regression of the #511 class. |
2 changed files with 22 additions and 1 deletions
|
|
@ -1,3 +1,14 @@
|
|||
secubox-security-posture (2.0.1-1) unstable; urgency=medium
|
||||
|
||||
* fix(postinst): stop clobbering /var/lib/secubox parent mode. The 2.0.0
|
||||
postinst ran `install -d -m 0750 /var/lib/secubox/security-posture`, which
|
||||
re-moded the SHARED parent to 0750 secubox:secubox and broke directory
|
||||
traversal for every other secubox-* daemon (took kbin/toolbox to HTTP 500).
|
||||
Now: keep the parent 0755, create only the leaf restricted; service creates
|
||||
its own dir at runtime. (#511 traversal class — regression fix.)
|
||||
|
||||
-- Gerald Kerma <devel@cybermind.fr> Mon, 16 Jun 2026 18:00:00 +0200
|
||||
|
||||
secubox-security-posture (2.0.0-1) unstable; urgency=medium
|
||||
|
||||
* Full rewrite — honest, board-truthful posture scorecard (closes #617).
|
||||
|
|
|
|||
|
|
@ -3,8 +3,18 @@
|
|||
set -e
|
||||
|
||||
# Writable cache dir for the posture snapshot (service runs as secubox).
|
||||
# IMPORTANT: never use `install -d -m 0750 /var/lib/secubox/<leaf>` — it re-modes
|
||||
# the SHARED parent /var/lib/secubox to 0750, which breaks traversal for every
|
||||
# other secubox-* daemon (e.g. it took kbin/toolbox down). The parent must stay
|
||||
# 0755; only the leaf is restricted; the service (User=secubox) creates the leaf
|
||||
# itself at runtime, so we just guarantee the parent is traversable here.
|
||||
if [ -d /var/lib/secubox ]; then
|
||||
chmod 0755 /var/lib/secubox 2>/dev/null || true
|
||||
fi
|
||||
if getent passwd secubox >/dev/null 2>&1; then
|
||||
install -d -o secubox -g secubox -m 0750 /var/lib/secubox/security-posture 2>/dev/null || true
|
||||
mkdir -p /var/lib/secubox/security-posture 2>/dev/null || true
|
||||
chown secubox:secubox /var/lib/secubox/security-posture 2>/dev/null || true
|
||||
chmod 0750 /var/lib/secubox/security-posture 2>/dev/null || true
|
||||
fi
|
||||
|
||||
#DEBHELPER#
|
||||
|
|
|
|||
Write
Preview
Loading…
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.