Commit dc304d18 authored by Clément OUDOT's avatar Clément OUDOT

Update Debian NEWS file

parent 1a31edcf
lemonldap-ng (2.0.9-1) unstable; urgency=medium
This release fixes 2 CVE:
- CVE-2020-24660: Nginx configuration for Handler protected applications
must be updated if your virtual host configuration contains per-URL access
rules based on regular expressions in addition to the built-in default access rule.
- CVE-2020-16093: LDAP server certificates were previously not verified by default
when using secure transports (LDAPS or TLS). Starting from this release, certificate
validation is now enabled by default, including on existing installations. If
your SSL configuration is not valid, you can temporarily disable certificate
verification.
See upgrade notes in local documentation or on https://lemonldap-ng.org
-- Clement OUDOT <clement@oodo.net> Sun, 06 Sep 2020 22:00:00 +0100
lemonldap-ng (2.0.6-1) unstable; urgency=medium
FastCGI / uWsgi servers require llng-lmlog.conf and llng-lua-headers.conf.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment