Releases: HomeLabHD/osticket
Releases · HomeLabHD/osticket
Release list
v0.0.1
📦 release — v0.0.1
Release type: stable • Commit:
7e9478a
Security: 🛡️ ✅ Passed — 8 vulnerabilities (6 medium, 2 low)
Image Availability
| Registry | Image | Tags |
|---|---|---|
| Docker Hub | docker.io/hlhd/osticket |
v0.0.1 latest |
| cr.pcfae.com | cr.pcfae.com/hlhd/osticket |
v0.0.1 latest |
| GitHub Container Registry | ghcr.io/homelabhd/osticket |
v0.0.1 latest |
Digest pull commands & supply chain artifacts
docker.io/hlhd/osticket
docker pull docker.io/hlhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0
cr.pcfae.com/hlhd/osticket
docker pull cr.pcfae.com/hlhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0
ghcr.io/homelabhd/osticket
docker pull ghcr.io/homelabhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0
Highlights
- image: enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example
- image: rootless osTicket image + StageFreight CI
- image: nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes
- image: nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work
- image: run install-seed every boot; always (re)write ost-config.php so existing DBs migrate
- image: headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params
- image: point image.source at the GitHub mirror; drop drift-prone base.name label
- image: repoint moved field-radiobuttons plugin; tolerate unavailable community plugins
Notable Changes
Features
- image: enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example (SoFMeRight)
- image: rootless osTicket image + StageFreight CI (SoFMeRight)
Bug Fixes
- image: nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes (SoFMeRight)
- image: nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work (SoFMeRight)
- image: run install-seed every boot; always (re)write ost-config.php so existing DBs migrate (SoFMeRight)
- image: headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params (SoFMeRight)
- image: point image.source at the GitHub mirror; drop drift-prone base.name label (SoFMeRight)
- image: repoint moved field-radiobuttons plugin; tolerate unavailable community plugins (SoFMeRight)
- image: pin PHP 8.3 (imap) + plugins develop; drop archived-upstream references (SoFMeRight)
Refactoring
- image: drop supervisor/Python; nginx+php-fpm under tini, cron as a CronJob (SoFMeRight)
Documentation
- refresh generated docs and badges [skip ci] (stagefreight) ×5
- readme: add README with narrator embed markers (SoFMeRight)
CI/CD
- gitlab: render gitlab CI pipeline (SoFMeRight)
Maintenance
- deps: update managed dependencies (stagefreight) ×2
Security
🛡️ ✅ Passed — 8 vulnerabilities (6 medium, 2 low)
Vulnerability details (6 medium, 2 low)
| Severity | CVE | Package | Installed | Fixed | Description |
|---|---|---|---|---|---|
| Medium | CVE-2026-45802 | setasign/fpdi | v2.6.4 | 2.6.7 | FPDI: Memory Exhaustion and Endless Loop in FPDI leads to... |
| Medium | CVE-2026-5704 | tar | 1.35-r5 | — | A flaw was found in tar. A remote attacker could exploit ... |
| Medium | CVE-2025-60876 | busybox | 1.37.0-r31 | — | BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ... |
| Medium | CVE-2025-60876 | busybox-binsh | 1.37.0-r31 | — | BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ... |
| Medium | CVE-2025-60876 | ssl_client | 1.37.0-r31 | — | BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ... |
| Medium | GHSA-2mgw-7q6p-8grg | setasign/fpdi | v2.6.4 | 2.6.7 | FPDI: Memory Exhaustion and Endless Loop in FPDI leads to... |
| Low | CVE-2026-46644 | symfony/polyfill-intl-idn | v1.29.0 | 1.38.1 | [insecure equivalence in symfony/polyfill-intl-idn for AS... |
| Low | GHSA-2xf4-cg6j-vhgq | symfony/polyfill-intl-idn | v1.29.0 | 1.38.1 | symfony/polyfill-intl-idn: xn-- labels with ASCII-only Pu... |
Full changelog
- [
7e9478a] nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes (SoFMeRight) - [
84e53e0] refresh generated docs and badges [skip ci] (stagefreight) - [
6144682] nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work (SoFMeRight) - [
4d86145] refresh generated docs and badges [skip ci] (stagefreight) - [
6070ff8] enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example (SoFMeRight) - [
536e7d5] refresh generated docs and badges [skip ci] (stagefreight) - [
17ff4e2] run install-seed every boot; always (re)write ost-config.php so existing DBs migrate (SoFMeRight) - [
ff699f9] refresh generated docs and badges [skip ci] (stagefreight) - [
10bb109] headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params (SoFMeRight) - [
7203917] refresh generated docs and badges [skip ci] (stagefreight) - [
6b0faee] drop supervisor/Python; nginx+php-fpm under tini, cron as a CronJob (SoFMeRight) - [
6c9af43] point image.source at the GitHub mirror; drop drift-prone base.name label (SoFMeRight) - [
3fefcc2] repoint moved field-radiobuttons plugin; tolerate unavailable community plugins (SoFMeRight) - [
1223317] update managed dependencies (stagefreight) - [
e4da024] pin PHP 8.3 (imap) + plugins develop; drop archived-upstream references (SoFMeRight) - [
5faf790] add README with narrator embed markers (SoFMeRight) - [
4011595] update managed dependencies (stagefreight) - [
02083d1] render gitlab CI pipeline (SoFMeRight) - [
c7ee031] rootless osTicket image + StageFreight CI (SoFMeRight)