(Jan 30) Lawrence Pit discovered that Ruby on Rails, a web development framenwork, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML. [More…]
Archive for January 31st, 2013
(Jan 30) Several security issues were fixed in Inkscape.
(Jan 30) squid-cgi could consume excessive system resources, leading to a denialof service attack on it and other hosted services.
(Jan 30) Updated openstack-glance packages that fix one security issue are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having [More…]
(Jan 30) Updated openstack-nova packages that fix two security issues and multiple bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having [More…]
The following new features have been implemented:
[+] Moving of services between Apache and MySQL service nodes (126520)
[+] DNS template management. Administrators can customize the structure of the DNS template (126593)
[+] Spam filter settings management. Administrators can manage the settings of SpamAssassin spam filter (126593)
[+] Application settings management. Administrators can manage the settings of applications (126593)
[+] When tasks, such as creating user accounts, may take much time to complete, administrators are now informed about it and are advised to check with Task Manager (126614)
[+] Administrators can now remove additional license keys through License Manager (106929)
The following bugs have been fixed:
[-] Administrators could not remove customer accounts. The following error occurred: “Internal error: HTTP request to SSO server failed” (126308)
[-] PPA could not automatically upgrade license keys for Plesk for Windows (128324)
[-] Auto-reply messages could not be shown by mail clients due to incorrectly specified MIME type (128144)
[-] Corrupted firewall rules prevented administrators from attaching service nodes to the management node (128333)
[-] PPA did not properly terminate user sessions after users logged out of Panel (128069)
[-] On attempting to connect SmarterMail nodes, administrators encountered the following error: “Unknown hosting object type: ‘subscription_apsmail’:” (127802)
[-] Statistics collection scripts could not properly determine the usage of mailboxes on SmarterMail nodes (128173)
[-] Administrators could not allocate dedicated IP addresses for web hosting inside Parallels Virtuozzo Containers (126452)
[-] A daily maintenance task was started twice a day (128204)
[-] Apache could not pick up custom configurations from the vhost.conf files (128216)
Netcraft began its Web Server Survey in 1995 and has tracked the deployment of a wide range of scripting technologies across the web since 2001. One such technology is PHP, which Netcraft presently finds on well over 200 million websites. The first version of PHP was named Personal Home Page Tools (PHP Tools) when it was […]
The following new functionality has been added:
[+] (Linux only) MySQL Server 5.5 packaged by Parallels has been updated to 5.5.28 on CentOS 5 (128183)
[+] (Windows only) Support for mailnames with apostrophe symbol has been added (28985)
The following bug has been fixed:
[-] (Linux only) Parallels Premium Outgoing Antispam Mail Statistics uses system PHP interpretator instead of /usr/local/psa/bin/sw-engine-pleskrun which can produce PHP errors (122227)
The following Plesk Service Tool has been improved:
[*] Plesk Service Backup Tool. New options and usage scenarios have been added. Details in article http://kb.parallels.com/113252