diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:06:15 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:06:15 +0000 |
commit | 57c1466d28d7bcb198ac8ccf6bfeddf8aa350373 (patch) | |
tree | 6af81cf6104abf4c184dc4263607ad32c4bb62df | |
parent | Enabling dehydrated ssl certificates. (diff) | |
download | apache2-57c1466d28d7bcb198ac8ccf6bfeddf8aa350373.tar.xz apache2-57c1466d28d7bcb198ac8ccf6bfeddf8aa350373.zip |
Releasing progress-linux version 2.4.38-3+deb10u8progress5u1.progress-linux/2.4.38-3+deb10u8progress5u1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | debian/changelog | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 64570c6..bd65ffd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,57 @@ +apache2 (2.4.38-3+deb10u8progress5u1) engywuck; urgency=medium + + * Initial reupload to engywuck. + * Updating maintainer field. + * Updating uploaders field. + * Updating bugs field. + * Updating vcs fields. + * Setting Restart to always in systemd unit. + * Exporting hostname variable in global environment. + * Setting ServerTokens to Prod in security.conf. + * Setting ServerSignature to Off in security.conf. + * Setting Content-Security-Policy to "default-src https: 'self'; style- + src https: 'self' 'unsafe-inline'". + * Setting HSTS options to "max-age=63072000; includeSubDomains; + preload". + * Setting additional Set-Cookie options HttpOnly;SameSite=Strict;Secure. + * Setting SSLCipherSuite to EECDH+AESGCM:EDH+AESGCM. + * Setting SSLCompression to off. + * Setting SSLHonorCipherOrder to on. + * Setting SSLOpenSSLConfCmd Curves to X25519:prime256v1. + * Setting SSLProtocol to -all +TLSv1.3 +TLSV1.2. + * Setting SSLSessionTickets to off. + * Setting Cache-Control headers to "max-age=0, no-cache, no-store, no- + transform, private". + * Setting X-Frame-Options to deny. + * Adding configuration file to no accidentally serve git files. + * Setting Referrer-Policy to no-referrer. + * Setting X-Content-Type-Options to nosniff. + * Setting SSLUseStapling to on. + * Setting SSLStaplingCache to shmcb:/var/run/ocsp(32768). + * Setting SSLStaplingResponderTimeout to 5. + * Setting SSLStaplingReturnResponderErrors to off. + * Adding configuration file to rewrite http to https. + * Adding configuration file for dehydrated ssl certificates. + * Adding configuration file for DH parameter. + * Adding configuration file for snakeoil ssl certificates. + * Setting X-XSS-Protection to "1; mode=block". + * Enabling headers module. + * Enabling http2 module. + * Enabling rewrite module. + * Enabling ssl module. + * Renaming default-ssl.conf site to 000-default-ssl.conf. + * Setting ServerAdmin to root@localhost in default sites. + * Setting example ServerName localhost in default sites. + * Trimming default sites. + * Enabling default-ssl site by default. + * Depending on ssl-cert or dehydrated. + * Enabling rewrite http to https. + * Enabling snakeoil ssl certificates. + * Enabling DH parameter. + * Enabling dehydrated ssl certificates. + + -- Daniel Baumann <daniel.baumann@progress-linux.org> Tue, 07 May 2024 04:06:10 +0200 + apache2 (2.4.38-3+deb10u8) buster; urgency=medium * Non-maintainer upload. |