Ike.ninja

The following bugs have been fixed:
[-]  Panel users failed to send e-mail through qmail if the IPv6 support was turned off on the Panel server and turned on on the receiving server. The mail log /usr/local/psa/var/log/maillog contained the error "System_resources_temporarily_unavailable".
[-]  Panel always used the /tmp directory for storing backup temporary files during the backup download regardless of the DUMP_TMP_D value in /etc/psa/psa.conf. Panel users got the error "No space left on device" when downloading their backups if there was not enough space on the disk used by /tmp.
[-]  Panel users saw wrongly encoded messages on the password retrieval page if the Panel language was set to Russian.
[-]  Administarators were unable to simultaneously run multiple restoration processes of the same backup file using the pleskrestore utility.

(Dec 9) Two security issues are found on activepack shipped on Fedora 10. One bug is
that there is a weakness in the strip_tags function in ruby on rails (bug
542786, CVE-2009-4214). Another one is a possibility to circumvent protection
against cross-site request forgery (CSRF) attacks (bug 544329). This new rpm
will fix these issues.

(Dec 9) Update to 3.12.5 This update fixes the following security flaw:
CVE-2009-3555 TLS: MITM attacks via session renegotiation

(Jul 26) Bind could be made to crash if it received specially crafted networktraffic.

(Jul 17) Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. [More…]

(Jul 12) John Leitch has discovered a vulnerability in eXtplorer, a very feature rich web server file manager, which can be exploited by malicious people to conduct cross-site request forgery attacks. [More…]