summaryrefslogtreecommitdiffstats
path: root/debian
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-30 02:11:56 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-30 02:11:56 +0000
commit4723ed4a4dbd475a16ffc2cfa88e444a9a5bfeb1 (patch)
treef269ba0a16a33f6104c24e808fbf37bb7f9f26d3 /debian
parentMerging debian version 2.4.59-1~deb10u1. (diff)
downloadapache2-4723ed4a4dbd475a16ffc2cfa88e444a9a5bfeb1.tar.xz
apache2-4723ed4a4dbd475a16ffc2cfa88e444a9a5bfeb1.zip
Releasing progress-linux version 2.4.59-1~deb10u1progress5u1.HEADprogress-linux/2.4.59-1_deb10u1progress5u1progress-linux
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--debian/changelog56
1 files changed, 56 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index a8b85ce..95d18f7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,59 @@
+apache2 (2.4.59-1~deb10u1progress5u1) engywuck-security; urgency=medium
+
+ * Uploading to engywuck-security, remaining changes:
+ - Updating maintainer field.
+ - Updating uploaders field.
+ - Updating bugs field.
+ - Updating vcs fields.
+ - Setting Restart to always in systemd unit.
+ - Exporting hostname variable in global environment.
+ - Setting ServerTokens to Prod in security.conf.
+ - Setting ServerSignature to Off in security.conf.
+ - Setting Content-Security-Policy to "default-src https: 'self'; style-
+ src https: 'self' 'unsafe-inline'".
+ - Setting HSTS options to "max-age=63072000; includeSubDomains;
+ preload".
+ - Setting additional Set-Cookie options HttpOnly;SameSite=Strict;Secure.
+ - Setting SSLCipherSuite to EECDH+AESGCM:EDH+AESGCM.
+ - Setting SSLCompression to off.
+ - Setting SSLHonorCipherOrder to on.
+ - Setting SSLOpenSSLConfCmd Curves to X25519:prime256v1.
+ - Setting SSLProtocol to -all +TLSv1.3 +TLSV1.2.
+ - Setting SSLSessionTickets to off.
+ - Setting Cache-Control headers to "max-age=0, no-cache, no-store, no-
+ transform, private".
+ - Setting X-Frame-Options to deny.
+ - Adding configuration file to no accidentally serve git files.
+ - Setting Referrer-Policy to no-referrer.
+ - Setting X-Content-Type-Options to nosniff.
+ - Setting SSLUseStapling to on.
+ - Setting SSLStaplingCache to shmcb:/var/run/ocsp(32768).
+ - Setting SSLStaplingResponderTimeout to 5.
+ - Setting SSLStaplingReturnResponderErrors to off.
+ - Adding configuration file to rewrite http to https.
+ - Adding configuration file for dehydrated ssl certificates.
+ - Adding configuration file for DH parameter.
+ - Adding configuration file for snakeoil ssl certificates.
+ - Setting X-XSS-Protection to "1; mode=block".
+ - Enabling headers module.
+ - Enabling http2 module.
+ - Enabling rewrite module.
+ - Enabling ssl module.
+ - Renaming default-ssl.conf site to 000-default-ssl.conf.
+ - Setting ServerAdmin to root@localhost in default sites.
+ - Setting example ServerName localhost in default sites.
+ - Trimming default sites.
+ - Enabling default-ssl site by default.
+ - Depending on ssl-cert or dehydrated.
+ - Enabling rewrite http to https.
+ - Enabling snakeoil ssl certificates.
+ - Enabling DH parameter.
+ - Enabling dehydrated ssl certificates.
+ * Merging upstream version 2.4.59.
+ * Merging debian version 2.4.59-1~deb10u1.
+
+ -- Daniel Baumann <daniel.baumann@progress-linux.org> Sat, 25 May 2024 06:42:10 +0200
+
apache2 (2.4.59-1~deb10u1) buster-security; urgency=medium
[ Yadd ]