Update Debian NEWS file
This commit is contained in:
parent
1a31edcf9e
commit
dc304d18db
|
@ -1,3 +1,18 @@
|
||||||
|
lemonldap-ng (2.0.9-1) unstable; urgency=medium
|
||||||
|
|
||||||
|
This release fixes 2 CVE:
|
||||||
|
- CVE-2020-24660: Nginx configuration for Handler protected applications
|
||||||
|
must be updated if your virtual host configuration contains per-URL access
|
||||||
|
rules based on regular expressions in addition to the built-in default access rule.
|
||||||
|
- CVE-2020-16093: LDAP server certificates were previously not verified by default
|
||||||
|
when using secure transports (LDAPS or TLS). Starting from this release, certificate
|
||||||
|
validation is now enabled by default, including on existing installations. If
|
||||||
|
your SSL configuration is not valid, you can temporarily disable certificate
|
||||||
|
verification.
|
||||||
|
See upgrade notes in local documentation or on https://lemonldap-ng.org
|
||||||
|
|
||||||
|
-- Clement OUDOT <clement@oodo.net> Sun, 06 Sep 2020 22:00:00 +0100
|
||||||
|
|
||||||
lemonldap-ng (2.0.6-1) unstable; urgency=medium
|
lemonldap-ng (2.0.6-1) unstable; urgency=medium
|
||||||
|
|
||||||
FastCGI / uWsgi servers require llng-lmlog.conf and llng-lua-headers.conf.
|
FastCGI / uWsgi servers require llng-lmlog.conf and llng-lua-headers.conf.
|
||||||
|
|
Loading…
Reference in New Issue