Releases: internetstandards/Internet.nl
1.8.8.1
1.8.8.1 is a release only to add an intermediate news post.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.8.1 && \
TAG=v1.8.8.1 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
curl -sSfO https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/user_manage.sh && \
chmod 755 user_manage.sh && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.8
1.8.8 is a release only to add an intermediate news post.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.8 && \
TAG=v1.8.8 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
curl -sSfO https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/user_manage.sh && \
chmod 755 user_manage.sh && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.7
1.8.7 mainly contains various important fixes to support batch deployment.
- Updated sectxt to use a patched version of PGPy with a fix for a
catastrophic regex backtracking issue - Updated nassl to fix memory leak in OCSP check.
- Connection test zones are now re-signed every week instead of every month.
- Support for new Docker (compose) versions and some checks for incompatible versions.
- Many updates to the Docker setup to handle issues with large batch jobs
- Extensions in Grafana dashboards for batch monitoring.
- Various improvements to CI UX.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.7 && \
TAG=v1.8.7 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
curl -sSfO https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/user_manage.sh && \
chmod 755 user_manage.sh && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.6
Release 1.8.6 contains numerous fixes.
Functional changes:
- Fixed an issue where redirects with an explicit port 443 were incorrectly.
rejected in the HTTPS redirect test (#1291). - 4xx and 5xx in the IPv4/6 similarity test are now permitted (#1267).
- Changed user agent to a common format (#1224).
- Fixed excessive caching TTLs in some DNS queries for some tests.
- Added support for br and zstd compression in HTTP compression test.
Internal changes:
- Access and user management was improved with a separate command to manage users,
which can be applied to batch API only, or all URLS (#1267, #1274, #1396). - Added periodic re-signing of connection test DNS zones.
- DNS configuration was documented along with several fixes in the certbot config (#1275, #1228, #1411).
- Added a log exporter for nginx.
- Added test probes every 15 minutes.
- Added periodic restart for nassl worker.
- Several other bugfixes.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.6 && \
TAG=v1.8.6 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.5
Release 1.8.5 contains a hotfix for the sectxt library failing on leap days.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.5 && \
TAG=v1.8.5 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.4
Release 1.8.4:
- Updates unbound to 1.19.1-internetnl to fix CVE-2023-50387 and CVE-2023-50868.
- Restricts HTTPS redirects to the same domain, no longer allowing directions to a subdomain first (#1208).
- Updates a number of other dependencies.
- Fixes an issue where certbot renewals were not correctly run.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.4 && \
TAG=v1.8.4 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.3
Release 1.8.3 fixes an issue where HSTS and CSP headers were missing from the www-subdomain of the main domain (#1210, #1211).
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.3 && \
TAG=v1.8.3 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to earlier 1.8 releases, so no special instructions for a downgrade to the previous release.
1.8.2
Fixes an issue where the connection test would fail to start in certain cases due to an incorrect HTTP downgrade (#1194, #1195).
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.2 && \
TAG=v1.8.2 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to 1.8.2, so no special instructions for a downgrade to the previous release.
1.8.1
Version 1.8.1 has a number of internal improvements, including:
- Various improvements in the build setup, including building forks.
- Improvements in logging quality and reducing log volume.
- Corrections in the deployment test suite.
- Improved error handling in TLS certificate requests in deployments.
There are no changes to functionality or requirements of the tests for users.
To upgrade from a previous Docker release (note it may take several minutes after this release for the packages to be available):
RELEASE=1.8.1 && \
TAG=v1.8.1 && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/${TAG}/docker/docker-compose.yml && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE=$RELEASE docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
There are no database (version) migrations compared to 1.8.0, so no special instructions for a 1.8.1->1.8.0 downgrade.
1.8.0
- A new Docker based deployment, development, testing and CI setup has been added to replace all previous processes. See the documentation overview for how to use this.
- The test for Referrer-Policy has been updated to check for a sufficiently secure and valid policy.
- The security.txt test now checks the Canonical field as well.
- Updated to version 0.8.3 of the sectxt library including validation of CSAF fields.
- RFC9091 np= is now permitted in DMARC policies.
- The Content-Security-Policy check now requires explicit https: scheme and an issue was fixed where 'none' combined with other sources was incorrectly accepted.
- The IPv4/IPv6 similarity test was relaxed to a notice when the response contents are different.
- Fixed incorrect handling of IPv6-mapped IPv4 addresses in the RPKI test.
- Improved attributes in input fields for improved user experience.
- Fixed an issue in footer alignment.
This release has API version 2.4.0:
- The
referrer_policy_errorsandreferrer_policy_recommendationsfields were added.
These contain errors and/or recommendations regarding the Referrer-Policy test. https_redirectcan now also have “no_https” as status, for a web server that offers either no HTTPS or HTTPS with a very outdated, insecure TLS configuration, as in this case the redirect is not evaluated.
To update an existing Docker deployment to this version:
export RELEASE="1.8.0" && \
export TAG="v$RELEASE" && \
cd /opt/Internet.nl/ && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/$TAG/docker/defaults.env && \
curl -sSfO --output-dir docker https://raw.githubusercontent.com/internetstandards/Internet.nl/$TAG/docker/docker-compose.yml && \
env -i RELEASE="$RELEASE" docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env pull && \
env -i RELEASE="$RELEASE" docker compose --env-file=docker/defaults.env --env-file=docker/host.env --env-file=docker/local.env up --remove-orphans --wait --no-build
For new Docker-based deployments, see the Docker documentation overview.