Ubuntu: 1539-1: Linux kernel (Oneiric backport) vulnerabilities
(Aug 14) Several security issues were fixed in the kernel.
(Aug 14) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Aug 10) Several security issues were fixed in the kernel.
(Jul 16) Several security issues were fixed in the kernel.
(Jul 16) The system could be made to crash under certain conditions.
(Jul 23) The system could be made to crash under certain conditions.
The following bugs have been fixed:
[-] Password strength policy does not work for the admin on the initial setup page (112284)
[-] Migrating of single subscription from Plesk 10/11 to Plesk 11 end with error “Line 48 error: Element ‘template-item’: This element is not expected”.
[-] (Linux only) Mailbox can’t be created on Ubuntu 10.04 (112282)
[-] (Linux only) Reseller’s plans are not migrating to Plesk 11
[-] (Linux only) Web server switching from apache to apache with SNI fails because of wrong apr-devel package
[-] (Linux only) Error “Error: unable to open ‘/etc/httpd/conf/includes/errordocument.conf’: No such file or directory” messages appears after migration from cPanel
[-] (Linux only) Error “Error occurred during /bin/mkdir command.” messages appears at migration of protected directories from Plesk 9.5.4
[-] (Linux only) Maillists are not migrating from cPanel
[-] (Linux only) Anonymous FTP accounts are not migrating from cPanel
[-] (Linux only) Autoinstaller doesn’t treat repositories “cloudlinux-base”, “cloudlinux-updates”, “cloudlinux-x86_64-*”, cloudlinux-i386-*” as third-party repositories on CloudLinux and doesn’t warn user about absence of “base” and “updates” repositories if “cloudlinux-x86_64-*”, cloudlinux-i386-*” repositories are defined.
The following bugs have been fixed:
[-] Password strength policy does not work for the admin on the initial setup page (112284)
[-] Migrating of single subscription from Plesk 10/11 to Plesk 11 end with error “Line 48 error: Element ‘template-item’: This element is not expected”.
[-] (Linux only) Mailbox can’t be created on Ubuntu 10.04 (112282)
[-] (Linux only) Reseller’s plans are not migrating to Plesk 11
[-] (Linux only) Web server switching from apache to apache with SNI fails because of wrong apr-devel package
[-] (Linux only) Error “Error: unable to open ‘/etc/httpd/conf/includes/errordocument.conf’: No such file or directory” messages appears after migration from cPanel
[-] (Linux only) Error “Error occurred during /bin/mkdir command.” messages appears at migration of protected directories from Plesk 9.5.4
[-] (Linux only) Maillists are not migrating from cPanel
[-] (Linux only) Anonymous FTP accounts are not migrating from cPanel
[-] (Linux only) Autoinstaller doesn’t treat repositories “cloudlinux-base”, “cloudlinux-updates”, “cloudlinux-x86_64-*”, cloudlinux-i386-*” as third-party repositories on CloudLinux and doesn’t warn user about absence of “base” and “updates” repositories if “cloudlinux-x86_64-*”, cloudlinux-i386-*” repositories are defined.
The following bugs have been fixed:
[-] (Linux only) User can’t login to Plesk Panel. The following error occurs [unixODBC][MySQL][ODBC 3.51 Driver]Access denied for user ‘apsc’@’localhost’ (using password: YES). Password for APSC database is corrupted in mysql.user table after running script bootstrapper.sh with repair option (112468)
The following bug have been fixed:
[-] (Linux only) File Manager may allow to browse files not belonging to customer
[-] (Linux only) Boolean values of php settings quoted in php.ini of subscription
With the release of Parallels Plesk Panel 10, Parallels is offering FREE Installation, Migration and/or Upgrade assistance to Valid License Owners of Parallels Plesk Panel 10. Customers who are not Plesk License Owners (or only have Trial Licenses) should contact your License Provider.
Basic Requirements for Free Assistance:
– You must be the Owner of a valid and active Parallels Plesk Panel 10 license, and
– You must have made at least one attempt to install, migrate or upgrade (either from an older version of Parallels Plesk Panel or a competing product)
– In case of migration source and destination Operating Systems must be similar in nature. Example "Linux to Linux" or "Windows to Windows".
– If target upgrade server or migration source server is operating with Parallels Plesk Panel, it must be of revision 7.5.4 or higher.
Plesk Service team is pleased to inform you the vulnerability has been completely fixed in most versions of the Plesk. Plesk 10.x are completely covered by Micro-updates. Plesk 8.6 and 9.5 on Linux are also fixed by Micro-updates. For other version Custom Fixes are available.
Please refer to http://kb.parallels.com/en/113321.
Components update:
[+] (Windows only) PHP has been upgraded to version 5.3.10
[+] (Windows only) phpMyAdmin has been upgraded to version 3.4.9
The following bugs have been fixed:
[-] /usr/local/psa/bin/repair -r throwing error "Argument 1 passed to Service_Dns_Zone::__construct() must be an instance of DNSZone, instance of Db_Table_Row given"
[-] Messed up credit card types at edit billing account page
[-] /usr/local/psa/admin/bin/pmm-ras fails with error while loading shared libraries on CloudLinux 6
[-] Cannot create subdomain for domain with existing alias
[-] (Linux only) Fix of permissions on folder defined in session.save_path of php.ini
[-] (Windows only) PHP warning when update php_version through CLI
[-] Mailman’s apache template has no SSLCertificateFile and SSLCACertificateFile which leads to broken apache configuration.
[-] Migration to a target with openSuSE 11.3 failed with "Unable to create dump" error
[-] Fixed XSS vulnerability in Horde.
The following bug has been fixed:
[-] Security fix of directory traversal vulnerability in Horde Framework
The following bugs have been fixed:
[-] Atmail upgrade failed on action ‘Inserting old Atmail database data…’
[-] Automatic key update fails if KAV additional key is installed, but KAV itself is not.
[-] Can not connect service nodes using CLI gate
[-] Cannot change FTP user’s password if “Setup of potentially insecure web scripting options” disabled on subscription
New feature has been added:
[+] (Windows only) Support of PHP 5.3 has been added. More details in article http://kb.parallels.com/en/113179
The following bugs have been fixed:
[-] Cross-site scripting in health monitor
[-] Web presence Builder has session identifier without HttpOnly flag
[-] Synchronization of subscription with Service Plan doesn’t work if Service Plan has disabled webhosting
[-] (Linux only) Licence key update failures aren’t logged
[-] (Linux only) Receiving DrWeb license key doesn’t work
[-] (Windows only) Cannot create MSSQL database if MySQL databases limit is 0
[-] (Windows only) Health Monitor fails to create configuraion files on Turkish Windows
New feature has been added:
[+] (Windows only) Support of PHP 5.3 has been added. More details in article http://kb.parallels.com/en/113179
The following bugs have been fixed:
[-] Cross-site scripting in health monitor
[-] Web presence Builder has session identifier without HttpOnly flag
[-] Synchronization of subscription with Service Plan doesn’t work if Service Plan has disabled webhosting
[-] (Linux only) Licence key update failures aren’t logged
[-] (Linux only) Receiving DrWeb license key doesn’t work
[-] (Windows only) Cannot create MSSQL database if MySQL databases limit is 0
[-] (Windows only) Health Monitor fails to create configuraion files on Turkish Windows
[+] Added possibility to hide advertisement in Plesk Panel. More details in article How to hide promos in Parallels Plesk Panel?
The following bugs have been fixed:
[-] (Windows only) Backups fails on dumping tomcat for sites
[-] (Linux only) Cannot change php safe_mode status via panel if FastCGI mode is used
[-] Domain alias zone is synced with main domain, even if DNS zone sync is disabled
[-] Domain disk space statistics is not displayed if amount exceeds 2Gb on 32-bit systems
[-] (Windows only) Hosting settings cannot be changed if FrontPage is enabled on a domain
[-] Migration from FreeBSD fails because of ‘df’ illegal option
[-] Backup files rotation o FTP repository fails in some cases.
[-] Listing of files in backup FTP repository fails in some cases.
[-] (Windows only) There is able to override system user home path at creating new additional FTP account
[+] Added possibility to hide advertisement in Plesk Panel. More details in article How to hide promos in Parallels Plesk Panel?
The following bugs have been fixed:
[-] (Windows only) Backups fails on dumping tomcat for sites
[-] (Linux only) Cannot change php safe_mode status via panel if FastCGI mode is used
[-] Domain alias zone is synced with main domain, even if DNS zone sync is disabled
[-] Domain disk space statistics is not displayed if amount exceeds 2Gb on 32-bit systems
[-] (Windows only) Hosting settings cannot be changed if FrontPage is enabled on a domain
[-] Migration from FreeBSD fails because of ‘df’ illegal option
[-] Backup files rotation o FTP repository fails in some cases.
[-] Listing of files in backup FTP repository fails in some cases.
[-] (Windows only) There is able to override system user home path at creating new additional FTP account
The following bugs have been fixed:
[-] safe_mode defined in Service Plan PHP settings does not applied during domain creation.
[-] Migration of domains or subdomains with custom DNS A records causes errors.
[-] Plesk Mobile Manager can’t connect to Plesk with Authorization error
[-] Errors in Russian localization of Web presence builder
[-] After switch to subdomains parent DNS zone mode update of DNS zone of domain having as subdomain as domain alias will fail.
[-] Errors "The file you are trying to upload is not a valid backup file" at restoring backup
[-] If Plesk initialized with ‘-admin_info_not_required true’, then it is impossible to update admin’s info from control panel
[-] Migration.result isn’t downloaded at first attempt via HTTPS transport
[-] Wrong owners for files and directories in /etc/sw/keys/ after installation
Following bugs have been fixed:
Changes in DrWeb configuration which define operation with errors during scanning messages
Following bugs have been fixed:
Dr.Web blocks messages with ‘read error’ at email scanning.
Added ability to select the DNS zone mode for the subdomains. Now subdomains can have its own DNS zone or use DNS zone of parent domain.
Following bugs have been fixed:
(Linux only) psa-pc-remote process overloads the CPU
(Linux only) Changes in DrWeb configuration which define operation with errors during scanning messages
Added ability to select the DNS zone mode for the subdomains. Now subdomains can have its own DNS zone or use DNS zone of parent domain.
Following bugs have been fixed:
(Linux only) psa-pc-remote process overloads the CPU
(Linux only) Changes in DrWeb configuration which define operation with errors during scanning messages
60 queries. 8.75 mb Memory usage. 1.451 seconds.