release Release 0.10.29 - Security improvements, czech language support and mysql tls support

[d00p]

Dear Froxlor Community,

this release integrates a few security improvements that have been reported to us regarding the session settings, session id and possible url manipulation. Additionally, thanks to the guys from INWX, support for mysql-tls settings have been integrated in the installation-process and the system. Thanks again for the contribution.

Changes in 0.10.29:

• set php session security related settings (httponly and secure flag)
• secure commonly used filename-variable against url manipulation
• generate unpredictable unique session ids
• fix session for 2fa enabled logins
• integrate the new czech language file; refs #976
• possibility to decide whether target database should be dropped after backup when installing
• adds mysql tls support, refs #979

Changes in 0.10.29.1:

• fix fresh installation (database exist check)
   

Download: 0.10.29.1 | website

Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.libera.chat for support, help, participation or just a chat

Thank you,
d00p

Edited October 10, 2021 by d00p
added changes in 0.10.29.1

[Max Amigo]

Is there any guide of how to update froxlor right way?

Thank you in advance for your help!

[d00p]

23 minutes ago, Max Amigo said:

Is there any guide of how to update froxlor right way?

Thank you in advance for your help!

Use autoupdate from within froxlor (admin) or see update guides https://github.com/Froxlor/Froxlor/wiki

[llucps]

Thanks @d00p 👍

[Max Amigo]

Thanks @d00p! 👍

The update system is really cool and smooth!