Skip to content

v0.0.1

Latest

Choose a tag to compare

@SoFMeRight SoFMeRight released this 28 Jun 06:17

πŸ“¦ release β€” v0.0.1

Release type: stable β€’ Commit: 7e9478a

Security: πŸ›‘οΈ βœ… Passed β€” 8 vulnerabilities (6 medium, 2 low)

Image Availability

Registry Image Tags
Docker Hub docker.io/hlhd/osticket v0.0.1 latest
cr.pcfae.com cr.pcfae.com/hlhd/osticket v0.0.1 latest
GitHub Container Registry ghcr.io/homelabhd/osticket v0.0.1 latest
Digest pull commands & supply chain artifacts

docker.io/hlhd/osticket

docker pull docker.io/hlhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0

cr.pcfae.com/hlhd/osticket

docker pull cr.pcfae.com/hlhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0

ghcr.io/homelabhd/osticket

docker pull ghcr.io/homelabhd/osticket@sha256:ca0747ff4bfd0f50be2ababe99d431a9b85246e66a27960b664f89c618dcaab0

Highlights

  • image: enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example
  • image: rootless osTicket image + StageFreight CI
  • image: nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes
  • image: nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work
  • image: run install-seed every boot; always (re)write ost-config.php so existing DBs migrate
  • image: headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params
  • image: point image.source at the GitHub mirror; drop drift-prone base.name label
  • image: repoint moved field-radiobuttons plugin; tolerate unavailable community plugins

Notable Changes

Features

  • image: enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example (SoFMeRight)
  • image: rootless osTicket image + StageFreight CI (SoFMeRight)

Bug Fixes

  • image: nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes (SoFMeRight)
  • image: nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work (SoFMeRight)
  • image: run install-seed every boot; always (re)write ost-config.php so existing DBs migrate (SoFMeRight)
  • image: headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params (SoFMeRight)
  • image: point image.source at the GitHub mirror; drop drift-prone base.name label (SoFMeRight)
  • image: repoint moved field-radiobuttons plugin; tolerate unavailable community plugins (SoFMeRight)
  • image: pin PHP 8.3 (imap) + plugins develop; drop archived-upstream references (SoFMeRight)

Refactoring

  • image: drop supervisor/Python; nginx+php-fpm under tini, cron as a CronJob (SoFMeRight)

Documentation

  • refresh generated docs and badges [skip ci] (stagefreight) Γ—5
  • readme: add README with narrator embed markers (SoFMeRight)

CI/CD

  • gitlab: render gitlab CI pipeline (SoFMeRight)

Maintenance

  • deps: update managed dependencies (stagefreight) Γ—2

Security

πŸ›‘οΈ βœ… Passed β€” 8 vulnerabilities (6 medium, 2 low)

Vulnerability details (6 medium, 2 low)
Severity CVE Package Installed Fixed Description
Medium CVE-2026-45802 setasign/fpdi v2.6.4 2.6.7 FPDI: Memory Exhaustion and Endless Loop in FPDI leads to...
Medium CVE-2026-5704 tar 1.35-r5 β€” A flaw was found in tar. A remote attacker could exploit ...
Medium CVE-2025-60876 busybox 1.37.0-r31 β€” BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ...
Medium CVE-2025-60876 busybox-binsh 1.37.0-r31 β€” BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ...
Medium CVE-2025-60876 ssl_client 1.37.0-r31 β€” BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) ...
Medium GHSA-2mgw-7q6p-8grg setasign/fpdi v2.6.4 2.6.7 FPDI: Memory Exhaustion and Endless Loop in FPDI leads to...
Low CVE-2026-46644 symfony/polyfill-intl-idn v1.29.0 1.38.1 [insecure equivalence in symfony/polyfill-intl-idn for AS...
Low GHSA-2xf4-cg6j-vhgq symfony/polyfill-intl-idn v1.29.0 1.38.1 symfony/polyfill-intl-idn: xn-- labels with ASCII-only Pu...
---
Full changelog
  • [7e9478a] nginx: capture PATH_INFO via $path_info (canonical osTicket recipe) so the API dispatcher matches all routes (SoFMeRight)
  • [84e53e0] refresh generated docs and badges [skip ci] (stagefreight)
  • [6144682] nginx: dispatch all /api/* via http.php with PATH_INFO so SSO/OAuth2 callbacks work (SoFMeRight)
  • [4d86145] refresh generated docs and badges [skip ci] (stagefreight)
  • [6070ff8] enforce external cron + file-based secret injection (_FILE allowlist); docker-compose example (SoFMeRight)
  • [536e7d5] refresh generated docs and badges [skip ci] (stagefreight)
  • [17ff4e2] run install-seed every boot; always (re)write ost-config.php so existing DBs migrate (SoFMeRight)
  • [ff699f9] refresh generated docs and badges [skip ci] (stagefreight)
  • [10bb109] headless env-driven install via osTicket's Installer; fix runtime nginx fastcgi_params (SoFMeRight)
  • [7203917] refresh generated docs and badges [skip ci] (stagefreight)
  • [6b0faee] drop supervisor/Python; nginx+php-fpm under tini, cron as a CronJob (SoFMeRight)
  • [6c9af43] point image.source at the GitHub mirror; drop drift-prone base.name label (SoFMeRight)
  • [3fefcc2] repoint moved field-radiobuttons plugin; tolerate unavailable community plugins (SoFMeRight)
  • [1223317] update managed dependencies (stagefreight)
  • [e4da024] pin PHP 8.3 (imap) + plugins develop; drop archived-upstream references (SoFMeRight)
  • [5faf790] add README with narrator embed markers (SoFMeRight)
  • [4011595] update managed dependencies (stagefreight)
  • [02083d1] render gitlab CI pipeline (SoFMeRight)
  • [c7ee031] rootless osTicket image + StageFreight CI (SoFMeRight)