elho-webserver (9) stable; urgency=medium

  * Update to Buster.
  * Update to standards version 4.3.0.

 -- Elmar Hoffmann <elho@elho.net>  Wed, 17 Mar 2021 15:37:45 +0100

elho-webserver (8) stable; urgency=medium

  * Add X-Content-Type-Options header to disable MIMI-type sniffing.

 -- Elmar Hoffmann <elho@elho.net>  Wed, 21 Aug 2019 17:54:59 +0200

elho-webserver (7) stable; urgency=medium

  * Update to Stretch.
  * Update to standards version 3.9.8.

 -- Elmar Hoffmann <elho@elho.net>  Sun, 07 Apr 2019 10:48:31 +0200

elho-webserver (6) stable; urgency=low

  * Update to Jessie.
  * Update to standards version 3.9.6.
  * Deny loading sites within frames at all instead of allowing from the
    same origin as X-Frame-Options specification does not specify to check
    all ancestors.

 -- Elmar Hoffmann <elho@elho.net>  Fri, 05 Oct 2018 18:15:43 +0200

elho-webserver (5) stable; urgency=low

  * Update to standards version 3.9.1.
  * Fix lintian warnings.

 -- Elmar Hoffmann <elho@elho.net>  Tue, 07 Jul 2015 05:39:53 +0200

elho-webserver (4) stable; urgency=low

  * Make security related configuration snippets unconditional, failing
    when a required module is not loaded.
  * Support more variants of the Content-Security-Policy header.
  * Add X-XSS-Protection and Content-Security-Policy headers to make
    reflected cross-site scripting filters use blocking mode.

 -- Elmar Hoffmann <elho@elho.net>  Wed, 16 Jul 2014 18:31:12 +0200

elho-webserver (3) stable; urgency=low

  * Customize module configuration files as well.

 -- Elmar Hoffmann <elho@elho.net>  Sat, 14 Jul 2012 19:17:04 +0200

elho-webserver (2) stable; urgency=low

  * Add customization of configuration files.
  * Set X-Frame-Options and X-Content-Security-Policy headers to restrict
    loading within frames to the same origin.

 -- Elmar Hoffmann <elho@elho.net>  Sun, 12 Feb 2012 17:29:41 +0100

elho-webserver (1) stable; urgency=low

  * Initial Release.

 -- Elmar Hoffmann <elho@elho.net>  Tue, 07 Feb 2012 17:01:28 +0100
