[Certbot-dev] Certbot 0.21.1 Release

Brad Warren bmw at eff.org
Fri Jan 26 15:31:31 PST 2018

Certbot 0.21.1 has been released. The changelog is:

### Fixed

* When creating an HTTP to HTTPS redirect in Nginx, we now ensure the Host header of the request is set to an expected value before redirecting users to the domain found in the header. The previous way Certbot configured Nginx redirects was a potential security issue which you can read more about at https://community.letsencrypt.org/t/security-issue-with-redirects-added-by-certbots-nginx-plugin/51493.
* Fixed a problem where Certbot's Apache plugin could fail HTTP-01 challenges if basic authentication is configured for the domain you request a certificate for.
* certbot-auto --no-bootstrap now properly tries to use Python 3.4 on RHEL 6 based systems rather than Python 2.6.

More details about these changes can be found on our GitHub repo:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.eff.org/pipermail/certbot-dev/attachments/20180126/b7d0308c/attachment.sig>

More information about the Certbot-dev mailing list