From dc25ec7424775a544553ed41428f338ba2016d32 Mon Sep 17 00:00:00 2001
From: bfren <bf@bfren.dev>
Date: Fri, 7 Nov 2025 10:39:43 +0000
Subject: [PATCH 1/2] Bumping version to 7.1.5

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 334b5ce..a52e7a4 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-7.1.4
\ No newline at end of file
+7.1.5
\ No newline at end of file

From 541901398b8c7d4463aaa6203aa0d269cfc0b988 Mon Sep 17 00:00:00 2001
From: bfren <bf@bfren.dev>
Date: Fri, 7 Nov 2025 10:40:27 +0000
Subject: [PATCH 2/2] Updating SSL config templates

---
 overlay/etc/bf/templates/ssl-intermediate.conf.esh | 3 ++-
 overlay/etc/bf/templates/ssl-modern.conf.esh       | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/overlay/etc/bf/templates/ssl-intermediate.conf.esh b/overlay/etc/bf/templates/ssl-intermediate.conf.esh
index 4ead4f6..3385b34 100644
--- a/overlay/etc/bf/templates/ssl-intermediate.conf.esh
+++ b/overlay/etc/bf/templates/ssl-intermediate.conf.esh
@@ -4,8 +4,9 @@
 #======================================================================================================================
 
 ssl_protocols                   TLSv1.2 TLSv1.3;
-ssl_ciphers                     ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+ssl_ciphers                     ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
 ssl_prefer_server_ciphers       off;
+ssl_ecdh_curve                  X25519:prime256v1:secp384r1;
 ssl_session_timeout             1d;
 ssl_session_cache               shared:MozSSL:10m;
 ssl_session_tickets             off;
diff --git a/overlay/etc/bf/templates/ssl-modern.conf.esh b/overlay/etc/bf/templates/ssl-modern.conf.esh
index 8ee75c9..14674d8 100644
--- a/overlay/etc/bf/templates/ssl-modern.conf.esh
+++ b/overlay/etc/bf/templates/ssl-modern.conf.esh
@@ -5,6 +5,7 @@
 
 ssl_protocols                   TLSv1.3;
 ssl_prefer_server_ciphers       off;
+ssl_ecdh_curve                  X25519:prime256v1:secp384r1;
 ssl_session_timeout             1d;
 ssl_session_cache               shared:MozSSL:10m;
 ssl_session_tickets             off;