bugfix release for CVE-2019-19118
Comment
Django accounts could be hijacked through password reset requests.
We are planning to automatically update some servers from MySQL 5.5 to MySQL 5.7. This will affect servers that do not have databases and are running cPanel & WHM Version 78.
It was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.
Security fix for CVE-2019-5544
50 queries. 8.75 mb Memory usage. 0.268 seconds.