Proxmox/ProxmoxVE
1
0
Fork 1
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-06-28 18:24:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
16,419 Commits 25 Branches 570 Tags
ab549baa1f12c6be28c5f909f79c4f4cad8bedbd
Commit Graph

16419 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Security Fix ab549baa1f security: Fix MITM RCE vulnerability in microcode scripts 
- Changed Intel microcode download from HTTP to HTTPS
- Added --proto '=https' flag to curl to prevent protocol downgrade attacks
- Simplified output parameter from basename to direct variable reference
- Affects: tools/pve/microcode.sh (line 79) and tools/pve/pbs-microcode.sh (line 93)
- CVSS: 6.5 (Medium) - CWE-494, CWE-300, CWE-829
- Impact: Prevents network-path MITM attacks that could lead to root RCE

The AMD branch was already using HTTPS, this fix brings Intel branch
to parity and closes the vulnerability reported in security advisory.
 2026-06-08 21:10:11 +02:00
community-scripts-pr-app[bot] 131545081c Update CHANGELOG.md (#15004) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-08 13:36:24 +00:00
Michel Roegl-Brunner f98a64b632 Move flowiseai to node 24 to alligne with upstream (#14999) 2026-06-08 15:35:50 +02:00
community-scripts-pr-app[bot] 56129f7833 Update CHANGELOG.md (#15001) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-08 11:34:16 +00:00
Stéphane FERREIRA 68af0f5b41 homelable: preserve MCP server config across updates (#14996) 
* homelable: preserve MCP server config across updates

The update path runs CLEAN_INSTALL=1 fetch_and_deploy_gh_release, which
wipes /opt/homelable before redeploying. The backup/restore only covers
backend/.env and data/, so an optionally-installed MCP server (set up via
Pouzor/homelable's own scripts/lxc-mcp-install.sh, which targets exactly
this LXC and lives in /opt/homelable/mcp) loses its .env and .venv on
every update. The homelable-mcp service then keeps running on deleted
inodes and dies at the next restart.

Back up mcp/.env when present, and after the deploy restore it, rebuild
the venv (same uv pattern as the backend), restore ownership and restart
the service. Fully conditional: installs without the MCP are unaffected.

* homelable: remove comments per maintainer review
 2026-06-08 13:33:50 +02:00
community-scripts-pr-app[bot] 0a21262cf1 Update CHANGELOG.md (#14997) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-08 06:33:47 +00:00
Stéphane FERREIRA b3a2fbbf98 changedetection: migrate Python install to uv venv (#14995) 
The update path installed into the global interpreter with a global
--ignore-installed flag, which leaves the previous *.dist-info behind
on every dependency bump. Duplicate metadata makes pip resolve against
stale requirements (e.g. downgrading pydantic-core) and the service
crashes at the next restart. Fixes the typing_extensions workaround
(#13548) at the root: in a venv there are no Debian-owned packages to
conflict with, so neither --ignore-installed nor --break-system-packages
is needed.

Follows the existing setup_uv + venv-or-migrate pattern from
prometheus-pve-exporter and esphome. Existing installs are migrated
automatically on the next update; the systemd unit is repointed to the
venv binary.

Fixes #14987
 2026-06-08 08:33:20 +02:00
community-scripts-pr-app[bot] 373b138fe0 Update CHANGELOG.md (#14994) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-06-07 		2026-06-07 20:56:35 +00:00
community-scripts-pr-app[bot] ed8b35f50b Update CHANGELOG.md (#14993) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-07 20:56:14 +00:00
CanbiZ (MickLesk) eab30076ca Navidrome: remove genereic filebrowser addon setup (#14991) 2026-06-07 22:56:12 +02:00
CanbiZ (MickLesk) dc2193f4bb Immich: use actual installed PostgreSQL version for vchord package (#14989) 2026-06-07 22:55:53 +02:00
community-scripts-pr-app[bot] 4dbefa70cd Update CHANGELOG.md (#14981) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-06-06 		2026-06-07 00:24:11 +00:00
community-scripts-pr-app[bot] 96c2032b60 Archive old changelog entries (#14980) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-07 00:23:51 +00:00
community-scripts-pr-app[bot] 125ff2b27e Update CHANGELOG.md (#14977) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-06 20:21:02 +00:00
push-app-to-main[bot] 3382ec22f7 Add spliit (ct) (#14966) 
Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
 2026-06-06 22:20:40 +02:00
community-scripts-pr-app[bot] 2c0ec7c64a Update CHANGELOG.md (#14976) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-06 20:11:41 +00:00
push-app-to-main[bot] 64009bee05 Add tolgee (ct) (#14965) 
Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
 2026-06-06 22:11:21 +02:00
community-scripts-pr-app[bot] ca3f80ed07 Update CHANGELOG.md (#14974) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-06 14:24:47 +00:00
Badintral 0a061c09e7 Allow env variables with spaces (#14969) 
In https://github.com/community-scripts/ProxmoxVE/pull/10023/commits/95dd153d81f96abfef26d6b3997dad3ff5469b05
the syntax used to export env variables, using xargs, meant it was impossible to use standard crontab syntax, with spaces, for a variable like PHOTOPRISM_INDEX_SCHEDULE.
This change should solve that.
 2026-06-06 16:24:26 +02:00
community-scripts-pr-app[bot] 7d3eb376d4 Update CHANGELOG.md (#14973) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-06 14:09:14 +00:00
push-app-to-main[bot] 25b5fc8866 Add xyops (ct) (#14967) 
Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
 2026-06-06 16:08:46 +02:00
community-scripts-pr-app[bot] 0deeccbce8 Update CHANGELOG.md (#14961) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-06-05 		2026-06-05 19:14:55 +00:00
Slaviša Arežina 78852f6161 Create missing .env file (#14959) 2026-06-05 21:14:29 +02:00
community-scripts-pr-app[bot] 26c7ffbbea Update CHANGELOG.md (#14956) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-05 12:01:25 +00:00
push-app-to-main[bot] 290df58f03 Add matterjs-server (ct) (#14951) 
Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
 2026-06-05 14:00:55 +02:00
community-scripts-pr-app[bot] 497591be6c Update CHANGELOG.md (#14955) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-05 11:56:02 +00:00
push-app-to-main[bot] 5b11b6cf15 Add cyberchef (ct) (#14952) 
Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com>
 2026-06-05 13:55:33 +02:00
community-scripts-pr-app[bot] bf319655e1 Update CHANGELOG.md (#14953) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-05 10:40:55 +00:00
Nick B 79ccc8ed6b AMD IGPU support (#14944) 2026-06-05 12:40:26 +02:00
community-scripts-pr-app[bot] 416717eeb1 Update CHANGELOG.md (#14950) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-05 10:05:04 +00:00
Tom Frenzel 9bb6480135 fix(openthread-br): use systemd instead of init.d (#14942) 2026-06-05 12:04:34 +02:00
community-scripts-pr-app[bot] 34a3322544 Update CHANGELOG.md (#14949) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-05 10:02:28 +00:00
thieneret e280a2d8ba update authentik to 2026.5.2 (#14846) 
* update authentik

* Apply e

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Apply requested change

* refactored

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update ct/authentik.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update ct/authentik.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update ct/authentik.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* update rust

* Update install/authentik-install.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

* add setup_yq

* update current version check

* Update ct/authentik.sh

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>

---------

Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>
Co-authored-by: CanbiZ (MickLesk) <47820557+MickLesk@users.noreply.github.com>
 2026-06-05 12:02:00 +02:00
community-scripts-pr-app[bot] f09b8ff9a8 Update CHANGELOG.md (#14945) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-06-04 		2026-06-04 21:51:26 +00:00
Tom Frenzel a6cb33e431 OpenThread-BR: use official GitHub releases (#14916) 2026-06-04 23:50:58 +02:00
community-scripts-pr-app[bot] 7099acc119 Update CHANGELOG.md (#14938) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-04 16:16:55 +00:00
Slaviša Arežina 8f770b4dd2 Fix status messages for several alpine scripts (#14911) 2026-06-04 18:16:21 +02:00
community-scripts-pr-app[bot] e160b22c81 Update CHANGELOG.md (#14932) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-04 11:44:29 +00:00
CanbiZ (MickLesk) ccd36df35d ReactiveResume: Fix Service Path (#14926) 2026-06-04 13:44:05 +02:00
community-scripts-pr-app[bot] 5296626c57 Update CHANGELOG.md (#14931) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-04 10:23:10 +00:00
CanbiZ (MickLesk) 370d164993 fix(jellyfin): install intel-igc deps before intel-opencl-icd to fix dependency order (#14927) 2026-06-04 12:22:41 +02:00
community-scripts-pr-app[bot] 601912340f Update CHANGELOG.md (#14930) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-04 09:41:29 +00:00
github-actions[bot] ba3708a351 chore(ct): sync sparkyfitness defaults with PocketBase (#14925) 2026-06-04 11:41:04 +02:00
community-scripts-pr-app[bot] d8bba89af2 Update CHANGELOG.md (#14923) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-04 05:19:30 +00:00
Slaviša Arežina f8195a0052 remove extra text (#14905) 2026-06-04 07:19:02 +02:00
community-scripts-pr-app[bot] 3908218829 Update CHANGELOG.md (#14910) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2026-06-03 		2026-06-03 13:34:00 +00:00
Slaviša Arežina 8532da6cb6 Glance: Use separate directory for configuration files (#14906) 
* Refactor

* FIX
 2026-06-03 15:33:29 +02:00
community-scripts-pr-app[bot] bbd9b715e6 Update CHANGELOG.md (#14909) 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2026-06-03 12:00:08 +00:00
Slaviša Arežina 5380f72986 Fix alignment for msg_ functions (#14908) 2026-06-03 13:59:38 +02:00
Michel Roegl-Brunner 28411ecb5f New workflow to delete stale branches 2026-06-03 11:13:00 +02:00