From aecee0e087c2eba600dd662f10d5179c927b5e93 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Pialasse Date: Tue, 31 Dec 2024 11:09:42 -0500 Subject: [PATCH] * Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-11.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816] - add referrer-Policy same-origin [SME: 12817] - add OCSP Stapling support [SME: 12819] - add CSP Content-Security-Policy support [SME: 9567] - add .well-known and .well-known/security.txt [SME: 12818] --- root/usr/lib/systemd/system/httpd-e-smith.service | 2 +- smeserver-apache.spec | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/root/usr/lib/systemd/system/httpd-e-smith.service b/root/usr/lib/systemd/system/httpd-e-smith.service index 1c0c0f2..e626f2f 100644 --- a/root/usr/lib/systemd/system/httpd-e-smith.service +++ b/root/usr/lib/systemd/system/httpd-e-smith.service @@ -8,7 +8,7 @@ Documentation=man:apachectl(8) Type=notify ExecStartPre=/sbin/e-smith/service-status httpd-e-smith ExecStartPre=/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf -ExecStartPre=-/sbin/e-smith/expand-template /var/www/html/.well-known/acme-challenge/security.txt +ExecStartPre=-/sbin/e-smith/expand-template /var/www/html/.well-known/security.txt ExecStartPre=/sbin/e-smith/systemd/httpd-e-smith-prepare ExecStart=/usr/sbin/httpd -f /etc/httpd/conf/httpd.conf -DFOREGROUND ExecReload=/usr/sbin/httpd -f /etc/httpd/conf/httpd.conf -k graceful diff --git a/smeserver-apache.spec b/smeserver-apache.spec index 76c0114..8feb67a 100644 --- a/smeserver-apache.spec +++ b/smeserver-apache.spec @@ -4,7 +4,7 @@ Summary: smeserver server and gateway - apache module %define name smeserver-apache Name: %{name} %define version 11.0.0 -%define release 10 +%define release 11 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -74,7 +74,7 @@ if [ $1 -gt 1 ] ; then fi %changelog -* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-10.sme +* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-11.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816]