You are here
Changes:
- Updated all Debian packages to latest.
[ autopatched by buildtasks ]
- Patched bugfix release. Closes #1734.
[ autopatched by buildtasks ]
Links
Changes:
- Latest upstream versiion of CakePHP - v4.3.6.
- Includes PHP 8.1 from Sury repos.
- Updated all relevant Debian packages to Bullseye/11 versions.
- Provide predefined dh_params (via 'turnkey-make-ssl-cert' where relevant)
as per RFC7919 - part of #1653.
- Updated version of mysqltuner script.
- Enable HTTP/2 by default (where possible). Note: will not actually work
until a CA signed cert is generated or installed.
- Configure OCSP stapling (will only work once a valid cert is configured).
- Enable HSTS by default (only effects HTTPS traffic - full implementation
also requires HTTP redirect to HTTPS and valid cert).
- Enable Apache mod-headers by default (required for HSTS).
- Disable cipher order in default ssl.conf (no longer required with the
secure cipher suites we use; mild improvement in cpu resources).
- Note: Please refer to turnkey-core's 17.0 changelog for changes common to all appliances. Here we only describe changes specific to this appliance.
Links
Changes:
- Latest upstream version of CakePHP - v4.2.4.
- Include 'turnkey-composer' wrapper script - runs composer as www-data
user. Makes it easy to not run composer as root - part of #1539. Note by
default, /var/www/cakephp is still owned by root. To get full value of
'turnkey-composer'::
chown -R www-data:www-data /var/www/cakephp
- Explicitly install composer (rather than automatically include in all LAMP
based appliances) - part of #1563.
- Note: Please refer to turnkey-core's 16.1 changelog for changes common to
all appliances. Here we only describe changes specific to this appliance.
Links
Pages