The following feature has been added:
[+] Backup signing. Panel signs backup files when they are downloaded or exported to external FTP repositories. The signature lets administrators distinguish trustworthy backups in the list of backups available for restoration. Learn more at http://kb.parallels.com/118188.
Rasmus Lerdorf – the creator of PHP – is currently trying to get Google to stop blocking the whole php.net website after it was suspected of containing malware. In a tweet earlier this morning, Rasmus posted a screenshot and suggested that the block was caused by a false positive:
It appears Google has found a false positive and marked all of http://t.co/yKzgbWewmH as suspicious. pic.twitter.com/YDlHcUnCK6
— Rasmus Lerdorf (@rasmus) October 24, 2013
Google’s Webmaster Tools flag the inclusion of the script at http://static.php.net/www.php.net/userprefs.js as suspicious, although this file currently appears benign. However, Google’s Safe Browsing diagnostics for php.net do suggest that malware has been present on the site in the last 90 days:
“Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent.”
The block was added to add chunk 127721 in the Google Safe Browsing goog-malware-shavar list. At the time of writing, php.net is still blocked in Firefox and Chrome, both of which make use of Google’s blocklist. Visiting php.net from a Google search results page or the bitly URL shortener causes an interstitial warning page to be displayed.
A seemingly benign, yet obfuscated, JavaScript file called functions.js was removed from the PHP website repository this morning. The developer behind this change speculated that the file “Could be the reason why Google is blocking us today..”
However, a short moment ago, a Hacker News user posted some obfuscated JavaScript that was found appended to a possibly cached version of the userprefs.js script, suggesting that the PHP.net website may have been compromised recently. The obfuscated JavaScript inserts an iframe into the webpage, which loads content from an external site known for distributing malware. Google Chrome blocks the inclusion of any content from known malware domains, although the injected content in this case no longer appears to be accessible.
The following features have been added:
The following issues have been fixed:
[-] Panel did not apply automatic updates to the Migration & Transfer Manager in some cases.
[-] Administrators could not change the ASP.NET version on a subscription by means of the ‘subscription’ command-line utility. (PPPM-974)
[-] Administrators could not create subscriptions by means of the ‘subscription’ command-line utility if the webmail software was not installed on the server. (142956)
[-] The Postfix mail queue contained messages with the value “Not Found” in the “From” field. (PPPM-968)
(Oct 22) Pedro Ribeiro discovered a use-after-free in the handling of ImageText requests in the Xorg Xserver, which could result in denial of service or privilege escalation. [More…]
(Oct 18) A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto. In some situations, a race condition could prevent the reseeding of the [More…]
60 queries. 8.25 mb Memory usage. 1.275 seconds.