Dear Froxlor Community,
this release integrates a few security improvements that have been reported to us regarding the session settings, session id and possible url manipulation. Additionally, thanks to the guys from INWX, support for mysql-tls settings have been integrated in the installation-process and the system. Thanks again for the contribution.
Changes in 0.10.29:
set php session security related settings (httponly and secure flag)
secure commonly used filename-variable against url manipulation
generate unpredictable unique session ids
fix session for 2fa enabled logins
integrate the new czech language file; refs #976
possibility to decide whether target database should be dropped after backup when installing
adds mysql tls support, refs #979
Changes in 0.10.29.1:
fix fresh installation (database exist check)
Download: 0.10.29.1 | website
Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat
Thank you,
d00p