Comment
Parallels Plesk Panel 9.5.1 (Hosting Suite) is now available for downloads and installation through Autoinstaller.
http://www.parallels.com/products/plesk95/
Change log:
1. [+] Support for new hypervizor virtualization solutions: the Panel operates in environments created with KVM and Parallels Server 4 Bare Metal.
Unix-specific changelog
2. [+] SpamAssassin 3.3.1 support for Fedora 11.
3. [-] Backup task starts even if there is not enough disk space on the server bug is fixed. For details, see the Backup and Restore Utilities Administrator’s Guide available at http://download1.parallels.com/Plesk/PPP9/Doc/en-US/plesk-9.5-backup-cli-guide/index.htm?fileName=64885.htm.
4. [-] Backup scheduled to run weekly did not work bug is fixed.
5. [-] Scheduled backups are not created in FTP repository if the repository server works in FTP passive mode bug is fixed.
6. [-] Removing backup located in FTP repository failed with “FTP network error” bug is fixed.
7. [-] When setting up FTP backup repository, defining username like “” is impossible bug is fixed.
8. [-] The Panel resets permissions on folders inside the httpdocs and httpsdocs directories to “755” during migration bug is fixed.
9. [-] Migration hanging at 50% bug is fixed.
10. [-] User password was changed event handler is added.
11. [+] SpamAssassin 3.3.1 support – now the Panel distribution includes the latest version of the SpamAssassin anti-spam solution.
12. [-] The Panel claims that backing up failed when it actually succeeded, if a language other than English (United States) is installed bug is fixed.
13. [-] The A resource record in DNS zone of a domain with physical hosting always points at the IP address on which the domain is hosted, even if an IP address is explicitly set in DNS zone template bug is fixed.
14. [-] After upgrade to Plesk 9, domain templates with Web statistics set to be available via password-protected directory are not restored bug is fixed.
15. [-] Plesk 9 does not restore backup of domain that originates from Plesk 8 if the domain administrator permissions were modified bug is fixed.
Parallels Plesk Panel 9.2.3/9.3.0 OS update (openssl-0.9.8e-12.el5_4.6) is available through Autoinstaller.
Updated modules have been provided for CentOS/RHEL 4/5 and Fedora 11.
Parallels Plesk Panel 9.5 is now available for downloads on Parallels PartnerNet.
http://www.parallels.com/partnernet/rtmdownloads/panel/
http://www.parallels.com/products/plesk95/
Changelog
1. [+] PCI Compliance: Parallels Plesk Panel can be made compliant with the Payment Card Industry Data Security Standard. This can be achieved by running a special PCI compliance resolver utility and additional tuning of system components, as described in the document Achieving PCI Compliance for Servers Managed by Parallels Plesk Panel 9.5. The document is available at http://www.parallels.com/products/plesk/docs/parallels-plesk-panel-9.5-pci-compliance/index.htm.
2. [+] Compatibility with Microsoft Internet Explorer 8: Parallels Plesk Panel is now compatible with Microsoft Internet Explorer 8.
3. [+] CloudLinux support: Parallels Plesk Panel can now work under CloudLinux operating system.
4. [+] Google Services for Websites support (beta): Parallels Plesk Panel 9.5 can now be easily integrated with Google Services for Websites. To learn more, refer to Parallels Plesk Panel 9.5 Administrator’s Guide at http://download1.parallels.com/Plesk/PPP9/Doc/en-US/plesk-9.5-administrators-guide/64635.htm.
5. [+] More virtualization solutions supported: Parallels Plesk Panel 9.5 can operate in virtual environments created by the following virtualization solutions: Parallels Virtuozzo Containers, Microsoft Hyper-V, Xen, and VMWare. There are special licensing options for Parallels Panel software operating inside virtual environments. For more information about licensing options, contact your vendor or call Parallels sales team. The phone numbers are listed at http://www.parallels.com/contact/.
6. [+] Upgraded components: phpMyAdmin to the version 2.9.11, and Horde Application Framework to the version 3.3.6.
7. [-] SpamAssassin spam filter incorrectly classified most of the messages delivered in the year 2010 as spam – issue resolved.
8. [-] Horde webmail did not open properly in Internet Explorer 8 – issue resolved.
9. [-] Cross-site scripting vulnerability was eliminated.
10. [-] A number of security issues were identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it – these issues were resolved.
11. [-] Migration failed if the /tmp file system was full – issue resolved. Now you can specify any other location for the temporary directory.
Linux/Unix-specific
12. [-] Migration of websites from Plesk Control Panel 7.5.4 to Parallels Plesk Panel 9.2.1 failed if the SpamAssassin spam filter was configured to remove spam e-mail – issue resolved.
13. [-] ProFTPD 1.3.1 was prone to a security vulnerability that allowed attackers to perform cross-site request forgery types of attacks – to resolve this issue, ProFTPD was upgraded to the version 1.3.2e.
14. [-] If temporary directory on the server was full, FTP network error occurred on attempt to move a file from an FTP storage to the server repository – issue resolved.
15. [-] If, in Parallels Plesk Panel, there is a domain with the same name as server’s hostname, then a message sent to postmaster@$HOSTNAME is bounced back – issue resolved.
16. [-] During upgrade, the default client and domain template values were reset – issue resolved.
17. [-] Plesk 8.x key was not updated automatically to 9.x during product upgrade – issue resolved.
18. [-] After upgrade, var/qmail/control/me file contained only the hostname – issue resolved.
19. [-] Scheduled security scanning by Watchdog (System Monitoring) Module could not start – issue resolved.
20. [-] Postfix mail server occasionally failed to deliver some e-mail messages with the “Unprocessed command” errors – issue resolved.
21. [-] After upgrading Parallels Plesk Panel from versions 8.x to 9.x, scheduled backups could stop working – issue resolved.
22. [-] Web statistics were not calculated properly when the piped logs feature was switched on – issue resolved.
23. [-] The Watchdog (System Monitoring) Module showed security warnings (false positives) due to incorrect default configuration – issue resolved.
24. [+] Upgraded components: IceWarp (Merak) Mail Server to the version 10, Bind DNS server to the version 9.4.3-P4, PHP to the version 5.2.13
25. [+] It is now possible to specify an arbitrary temporary folder as a command-line parameter of the backup tool.
26. [*] Operation of Plesksrv.exe component was stabilized.
27. [-] Standard Parallels Plesk Panel configuration allowed to view extra information (read webmail folder) – issue resolved.
28. [-] If temporary directory on the server was full, FTP network error occurred on attempt to move a file from an FTP storage to the server repository – issue resolved.
29. [-] Parallels Plesk Panel hanged on attempt to remove domains with several mailboxes – issue resolved.
30. [-] Parallels Plesk Panel failed to install the DotNetNuke application on websites – issue resolved.
Oracle Security Alert for CVE-2010-0073