From d7ed3bd49dae4f0a778fe945772d60a4eecb3576 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Pialasse Date: Tue, 31 Dec 2024 03:55:45 -0500 Subject: [PATCH] * Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-10.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816] - add referrer-Policy same-origin [SME: 12817] - add OCSP Stapling support [SME: 12819] - add CSP Content-Security-Policy support [SME: 9567] - add .well-known and .well-known/security.txt [SME: 12818] --- .../templates/var/www/html/.well-known/security.txt/10contact | 2 +- smeserver-apache.spec | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact index 60618a1..23ad826 100644 --- a/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact +++ b/root/etc/e-smith/templates/var/www/html/.well-known/security.txt/10contact @@ -5,5 +5,5 @@ Contact: { # Contact: mailto:security%2Buri%2Bencoded@example.com # Contact: tel:+1-201-555-0123 # Contact: https://example.com/security-contact.html -${'httpd-e-smith'}{'SecurityContact'}||"mailto:admin@$DomainName"} +${'httpd-e-smith'}{'SecurityContact'}||"mailto:admin\@$DomainName"} diff --git a/smeserver-apache.spec b/smeserver-apache.spec index 9fea7b7..76c0114 100644 --- a/smeserver-apache.spec +++ b/smeserver-apache.spec @@ -4,7 +4,7 @@ Summary: smeserver server and gateway - apache module %define name smeserver-apache Name: %{name} %define version 11.0.0 -%define release 9 +%define release 10 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -74,7 +74,7 @@ if [ $1 -gt 1 ] ; then fi %changelog -* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-9.sme +* Fri Dec 27 2024 Jean-Philippe Pialasse 11.0.0-10.sme - add X-Content-Type-Options nosniff [SME: 12835] - add Strict Transport Security support HSTS [SME: 12815] - add X-Frame-Options SAMEORIGIN Header to prevent clickjacking [SME: 12816]