Update changelogs

82dc67cb · Paul Cammish · 9aa036d0 · 82dc67cb · 82dc67cb · 82dc67cb
Commit 82dc67cb authored Jun 19, 2019 by Paul Cammish
--- a/CHANGELOG
+++ b/CHANGELOG
 CHANGELOG
 ---------

-* 2019-06-16 - Significantly improved default security for PHP
+* 2019-06-19 - Significantly improved default security for PHP
  - PHP is now restricted to public/, and has domain-specific tmp and
    sessions directories which are automatically created.
  - PHP is now disabled in a path that matches 'wp-content/uploads'
@@ -9,8 +9,8 @@ CHANGELOG
  - Enables OSCP stapling by default. Disables HSTS by default.
  - zz-mass-hosting now configures all sites, not just SSL sites.
  - sympl-web-logger now only used for the zz-mass-hosting fallbacks.
-  - PHP defaults to blocking dangerous functions such as eval() and
-    exec() which should not be needed typically. This can be re-enabled
+  - PHP can block dangerous functions such as eval() and exec() which
+    should not be needed typically. This can be enabled manually
    but effects all sites on the server.
  - new config files: config/disable-php-security and config/hsts.


--- a/core/debian/changelog
+++ b/core/debian/changelog
+sympl-core (9.0.190619.0) stable; urgency=medium
+
+  * Removed backward compatibility for /etc/symbiosis
+
+ -- Paul Cammish <sympl@kelduum.net>  Wed, 19 Jun 2019 17:12:00 +0100
+
 sympl-core (9.0.190614.0) stable; urgency=medium

  * Added stubbed out version of the sympl command line.

--- a/phpmyadmin/debian/changelog
+++ b/phpmyadmin/debian/changelog
+sympl-phpmyadmin (9.0.190619.0) stable; urgency=medium
+
+  * Added blowfish_secret configuration
+
+ -- Paul Cammish <sympl@kelduum.net>  Wed, 19 Jun 2019 17:14:00 +0100
+
 sympl-phpmyadmin (9.0.190611.0) stable; urgency=medium

  * Merged sympl-common into sympl-core

--- a/web/debian/changelog
+++ b/web/debian/changelog
-sympl-web (9.0.190616.0) stable; urgency=medium
+sympl-web (9.0.190619.0) stable; urgency=medium

  * Massively improved security for PHP
  * PHP is now restricted to public/, and has domain-specific tmp and
@@ -8,12 +8,12 @@ sympl-web (9.0.190616.0) stable; urgency=medium
  * Enables OSCP stapling by default. Disables HSTS by default.
  * zz-mass-hosting now configures all sites, not just SSL sites.
  * sympl-web-logger now only used for the zz-mass-hosting fallbacks.
-  * PHP defaults to blocking dangerous functions such as eval() and
-    exec() which should not be needed typically. This can be re-enabled
+  * PHP can block dangerous functions such as eval() and exec() which
+    should not be needed typically. This can be enabled manually
    but effects all sites on the server.
  * new config files: config/disable-php-security and config/hsts.

- -- Paul Cammish <sympl@kelduum.net>  Sun, 16 Jun 2019 22:25:00 +0100
+ -- Paul Cammish <sympl@kelduum.net>  Wed, 19 Jun 2019 17:15:00 +0100

 sympl-web (9.0.190612.0) stable; urgency=medium


--- a/webmail/debian/changelog
+++ b/webmail/debian/changelog
+sympl-webmail (9.0.190619.0) stable; urgency=medium
+
+  * Updated configuration to restrict PHP directory access
+
+ -- Paul Cammish <sympl@kelduum.net>  Thu, 19 Jun 2019 17:17:00 +0100
+
 sympl-webmail (9.0.190612.0) stable; urgency=medium

  * Improved webmail auto-configuration