SUSE-RU-2021:0734-1: moderate: Recommended update for dehydrated

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Mar 9 17:21:52 UTC 2021 

   SUSE Recommended Update: Recommended update for dehydrated
______________________________________________________________________________

Announcement ID:    SUSE-RU-2021:0734-1
Rating:             moderate
References:         #1154167 #1178927 SLE-15909 
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15-SP2
______________________________________________________________________________

   An update that has two recommended fixes and contains one
   feature can now be installed.

Description:

   This update for dehydrated fixes the following issues:

   Update to dehydrated 0.7.0 (jsc#SLE-15909)

   - Added

     - Support for external account bindings
     - Special support for ZeroSSL
     - Support presets for some CAs instead of requiring URLs
     - Allow requesting preferred chain (--preferred-chain)
     - Added method to show CAs current terms of service (--display-terms)
     - Allow setting path to domains.txt using cli arguments (--domains-txt)
     - Added new cli command --cleanupdelete which deletes old files instead
       of archiving them

   - Fixed

     - No more silent failures on broken hook-scripts
     - Better error-handling with KEEP_GOING enabled
     - Check actual order status instead of assuming it's valid
     - Don't include keyAuthorization in challenge validation (RFC compliance)

   - Changed

     - Using EC secp384r1 as default certificate type
     - Use JSON.sh to parse JSON
     - Use account URL instead of account ID (RFC compliance)
     - Dehydrated now has a new home:
       https://github.com/dehydrated-io/dehydrated
     - Added OCSP_FETCH and OCSP_DAYS to per-certificate configurable options

   - dehydrated-apache2: Check for mod_compat (bsc#1178927)

   - Update maintainer file and package description, remove features that are
     better described in the (upstream maintained) man page.

   - Remove potentially harmful scriptlet (bsc#1154167).

   - Removed lighttpd 1.x integration package. If you still would like to use
     lighttpd with dehydrated, follow the instructions in the
     README.maintainers file.


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15-SP2:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2021-734=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15-SP2 (noarch):

      dehydrated-0.7.0-11.3.1
      dehydrated-apache2-0.7.0-11.3.1
      dehydrated-nginx-0.7.0-11.3.1


References:

   https://bugzilla.suse.com/1154167
   https://bugzilla.suse.com/1178927

More information about the sle-updates mailing list