1.10 release notes

The Aegir team is proud to announce the tenth release in the stable 1.x release branch! This release ships a moderately critical security fix (see the Security fixes section below) and a number of bugfixes that have accumulated in the issue queue since the 1.9 release. Everyone is encouraged to upgrade.

We also want to announce that ergonlogic and helmo have joined the list of core maintainers supporting the core development of the Aegir project. Along with the existing commitments of the Aegir core maintainer team, Aegir is well assured of continuous development and long term maintenance.

1. Installing and upgrading

The canonical source of installation documentation is on the community site at:

http://community.aegirproject.org/installing

In a similar fashion, the upgrade documentation is:

http://community.aegirproject.org/upgrading

Within those sections you'll find step-by-step instructions for performing both manual and automatic upgrade processes.

It is still imperative that you read the the upgrade path and version-specific information and follow all version-specific upgrade instructions before trying to run the upgrade script or manual upgrade. This especially applies to users upgrading from releases prior to 0.4-alpha8, including 0.3.

For users coming from the 0.4 betas or rc releases, there are unlikely to be any version-specific manual steps required to upgrade, but you should make a habit of reading them anyway just to make sure. No-one likes a nasty surprise!

2. Need help?

If you struggle to install or upgrade your Aegir system, you have a number of options available to you for getting help.

Consult this page for more information: http://community.aegirproject.org/help

Thanks to our awesome community for their help, support and encouragement as always! Enjoy the new release :)

3. Known issues

Upgrades may fail if the SSL certificates are actually symlinks to files not readable by Aegir, a rare but legitimate use-case. A fix is available in git, see #2046249 for more information.

4. Features

  • #1781832 by Steven Jones: Added hosting_available_tasks() should invoke alter.
  • #1760962 by Jon Pugh: Added Allow any hosting task to flag itself for needing a provision-save.

5. Security fixes

  • Fix access control to sites.

See also the security advisory (SA-CONTRIB-2013-059) for more information.

6. Bug fixes

  • #1990370 by ergonlogic: Enable Hosting feature dependencies.
  • #1435098 by Steven Jones: Fixed Client name validate sometimes gives erroneous results.
  • #1585820 by Steven Jones: Fixed Can't disable the 'client" feature.
  • #1573162 by mig5, Steven Jones: Fixed Drush hosting_task_()%task_rollback() invocations are never executed.
  • #1513678 by Jon Pugh, fastangel: Fixed Hooks based on TASK_NAME should handle task names with dashes in them.
  • #913228 by Steven Jones: Fixed Unresponsive submit button in platform migration form.
  • #1441970 by Steven Jones: Fixed Client Block assigned by default to non-existing region.
  • #1441970 by jlscott: Fixed Client Block assigned by default to non-existing region.
  • #1597648 by jlscott: Fixed Hosting Queues Summary Block is stale.
  • #2044251: Remove '@none' from call to drush_invoke_process(), since it isn't supported in Drush 4.5.
  • #1678528 by helmo: Fixed Database deleted on edge cases.
  • #1912666 by ergonlogic: Fixed Stable manual 6.x-1.x install test failure.
  • #1912666 by ergonlogic: Fix command to run tests for 6.x-1.x.
  • Nginx: Fix typo in the location regex.
  • Nginx Security: BEAST attack protection and fix for PCI compliance.
  • #1906900 by fall_0ut - Nginx microcaching not disabled on localized/prefixed admin URIs.
  • Nginx: Make upload progress configuration compatible with latest release of Nginx extension and integration module for Drupal 7.
  • Nginx: Move some dynamic directives up in the location.
  • Nginx: Better protection for private URLs from bots/spiders (2)
  • Nginx: Improve locations for static files.
  • Nginx: Better protection for private URLs from bots/spiders.
  • Nginx: Add support for http://drupal.org/project/js module.
  • Nginx: Improve no-cache exceptions for known AJAX and webform requests.
  • Nginx: Improve performance for dynamic requests and reduce logging 404 errors.
  • Nginx: Remove duplicate location - already protected in the server template.
  • Nginx: Do not use device-specific, never working paths for Boost cache.
  • Nginx: Make json compatible with boost caching but dynamic for POST requests.
  • Nginx: Add Wysiwyg Fields support.
  • Nginx: Do not block spiders on URIs with event/calendar regex match.
  • Nginx: Avoid breaking WordPress import when WP-specific URI is used.
  • Nginx: Avoid caching /civicrm* and protect it from bots.
  • remove perlism in sed which would never match (\s).
  • explain why we do the crazy sed on dump (mysql bug)
  • #1786702 by clemens.tolboom - be nice to non-aegir backups like drush archive.
  • #1788398 by marvil07: Fixed Force dependency to drush < 5.
  • add missing robots and files/ rules to SSL hosts.
  • remove redundant paramenters to the CSR, fix email to use a standard default.
  • clarify comment on self-signed certificates.
  • #941870 - check for errors when copying certificates.
  • improve error handling in SSL key generation.
  • bump up the SSL key size to 2048 bit.
  • clarify the SSL key signing code.
  • don't encrypt SSL keys only to decrypt them after.
  • #1741814 by wamilton: Fixed Support For Non-Alphanumeric MySQL Passwords in provision-backup, migrate, and clone.
  • #1612252 by mig5, Steven Jones: Fixed 'site_offline()' variable needs to be 'maintenance_mode()' in Drupal 7.
  • #1440646 by tstoeckler, cafuego, mig5: Make Drush be runnable as Root with Provision installed.
  • #1734500 by Steven Jones: Fixed Can't run tests with Drush 4.6.
  • move files and robots.txt rewrite rules to the vhost.
  • #1108810 - protect the complete private files directory.

6. Known issues

Upgrades may fail if the SSL certificates are actually symlinks to files not readable by Aegir, a rare but legitimate use-case. A fix is available in git, see #2046249 for more information.