Plesk Panel 10.1.1 MU#15 for Linux and Windows – security fixes – is available since June 9, 2011 through the Autoinstaller
[-] phpMyAdmin XSS vulnerability http://www.securityfocus.com/bid/47945/info.
[-] SQL injection at subscription’s owner changing in Plesk Panel.
[-] Horde XSS injection.
[-] Multiple XSS vulnerabilities in Plesk Panel.
[-] sw-cp-server can be crashed by client certificate.
Plesk Panel 10.2 EZ templates for SuSE 11.4 – is available since May 26, 2011
major
http://download1.parallels.com/Plesk/PP10/10.2.0/SuSE11.4/vztemplates/pp10-suse-11.4-x86-ez.tar.gz
http://download1.parallels.com/Plesk/PP10/10.2.0/SuSE11.4/vztemplates/pp10-suse-11.4-x86_64-ez.tar.gz
fixed
http://download1.parallels.com/Plesk/PP10/10.2.0/SuSE11.4/vztemplates/pp10.2.0-suse-11.4-x86-ez.tar.gz
http://download1.parallels.com/Plesk/PP10/10.2.0/SuSE11.4/vztemplates/pp10.2.0-suse-11.4-x86_64-ez.tar.gz
Plesk Panel 10.2 MU#2 for Linux and Windows – Product functional fixes – is available since Apr 14, 2011 through the Autoinstaller
[-] The coupon usage count did not increase if the coupon was applied in online stores.
[-] The form for entering SSL certificate details was not displayed in online stores if a customer ordered a domain name first, then clicked to continue shopping, and finally added an SSL certificate to the order.
[-] Customers failed to apply coupons with the percentage discount to add-ons in cart; instead of a store page, Business Manager displayed the “Store temporary unavailable” page.
[-] Fixed taxes were displayed as applied twice in online stores.
[-] The ordering procedure was successfully completed for customers with prohibited e-mail addresses even if the option “Deny subscriptions from ‘free’ e-mail addresses” was selected.
[-] The e-mail that informed a customer to provide additional details for SSL certificate issuing was sent only once.
[-] The header layout in online store was broken under Internet Explorer 7.
[-] The “State” field in the contact information form was required to fill in online stores even for countries that did not have states.
[-] Custom questions were not displayed in online stores.
[-] Customers could skip attaching add-ons even if the “None”option in the add-ons list was unavailable.
[-] The form for entering domain contacts information was not displayed if a customer added a new domain name from the order confirmation page.
[-] All hosting plans were marked as “Not for sale” if the only accepted way to add domain names was the domain transfer.
Plesk Panel 9.5.4 for RedHat Enterprise Linux 6.0 – is available through the Autoinstaller.
http://www.parallels.com/download/plesk9/#redhat
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
[-] Qmail-TLS STARTTLS protocol plaintext command injection vulnerability fixed. More details: http://telussecuritylabs.com/threats/show/FSC20110309-02
Plesk Panel 10.1.1 MU#13 for Windows and Linux – Product functional fixes – is available since Mar 17, 2011 through the Autoinstaller.
[-] Custom log rotation settings were not applied when upgrading Panel from 9.5.3 to 10 (default Plesk 9.5.3 settings were set).
[-] The order of CSS files for Panel top and left frames is changed; now Panel loads layout.css first.
[-] (Only for Ubuntu 8.04 and 10.04) mysqld service failed to stop after changing the administrator’s password by utility ch_admin_passwd.
[-] Panel users failed to recover their password with error PleskPermissionDeniedException.
[-] Unable to rename domains after mail data location was changed by Plesk Reconfigurator utility.
Plesk Panel 10.0.1 MU#5 for Windows – Product functional fixes – is available since Mar 16, 2011 through the Autoinstaller.
The update delivers next bug fixes:
[-] Fixed problem with upgrade from 10.0.1 to 10.1.1
[-] Fixed problem with log files rotation
[-] Fixed problem with calculating statistics for domain if same domain with "www" prefix
Plesk Panel 10.1.1 MU#12 – Product functional fixes – is available since Mar 10, 2011 through the Autoinstaller.
The update delivers next bug fixes:
[-] phpMyAdmin works incorrectly on Plesk for Windows with MSSQL selected as a Panel DB provider
[-] At changing password via Horde’s GUI it doesn’t synchronized with plesk’s user
[-] System user(FTP user) name on Plesk for Windows account cannot contains dots
[-] Unable to change password via Horde’s GUI
Plesk Panel 10.1.1 MU#11 – Product functional fixes – is available since Mar 4, 2011 through the Autoinstaller.
The update delivers following bug fixes:
[-] Underscore not accepted in DNS TXT records
[-] Plesk breaks Windows Firewall rules on Windows 2008
Plesk Panel 10.1.1 MU#4 – Product functional fixes – is available since Feb 24, 2011 through the Autoinstaller.
The update delivers following bug fixes:
[-] Application Catalog displayed button Buy Now next to free applications .
[-] It was impossible to confirm EULA through CLI utility init_conf, option -license_agreed.
[-] Application Catalog displayed button Buy Now next to free non-APS applications.
[-] Backups of mobile websites were corrupted.
[-] The Panel failed to display page Settings > Manage Firewall if several firewall profiles were active.
[-] The Panel failed to display the Health Monitor page if the server had 16 CPUs or more.
[-] Firewall rules that target all ports were not recognized.
[-] Services Management page displayed an alarm when the Internet Connection Sharing service was stopped (and disabled).
Plesk Panel 9.5.4 MU#2 – Product functional fixes – is available since Feb 16, 2011 through the Autoinstaller.
The update delivers following bug fixes:
[-] Migration between Plesk servers failed as free disk space on a target server was not calculated correctly.
Plesk Panel 10.1.1 MU#9 – Product functional fixes – is available since Feb 15, 2011 through the Autoinstaller.
The Update delivers following bug fixes:
[*] Performance improvement: Apache more efficiently handles infinite loops.
[-] Atmail displayed the black page and the Javascript error:"Unable to get webmail password".
[-] Migration between Plesk servers failed as free disk space on a target server was not calculated correctly.
Plesk Panel 10.1.1 MU#8 – Localization changes – is available since Feb 11, 2011 through the Autoinstaller.
[*] Usability improvement: Improved locale messages in the Panel GUI.
Plesk Panel 10.1.1 MU#7 – Usability improvement – is available since Feb 8, 2011 through the Autoinstaller.
Parallels Plesk Panel 10.1.1 MU #7
[*] Usability improvement: Button Go to Online Store is removed from Tools & Utilities > ApplicationVault in Server Administration Panel.
[*] Now the Administrator can hide MyPlesk.com (MPC) controls and change URLs to MyPlesk.com services in the Panel regardless to product license limitations. The MPC controls are the following buttons in the Panel: Buy SSL Certificate, View SSL Certificates, View Services, Manage Domain Names, Register Domain Names.
Plesk Panel 10.1.1 MU#6 – Product Integration Fixes – is available since Feb 4, 2011 through the Autoinstaller.
The Update delivers following bug fixes:
[*] Hide featured apps. The Panel users can hide blocks that promote apps (Administrator can do it both in the Server Administration and Control Panels, customers can hide the promos only in Control Panel).
[-] Issue resolved: The promo block warped the layout of the Server Settings page in IE.
Plesk Panel 10.1.1 MU#4 – Product Integration Fixes – is available since now through the Autoinstaller.
The Update delivers following bug fixes:
1. PBAs integration issue with left menu
2. OpenXchange Module issue with left frame and horizontal scrolling
3. APS application issue with db copy
4. Wrong help is used for CBM 10.1.1
5. Checkbox "Use custom button for the service" is not saved during custom item creation
We issued security hotfix Parallels Plesk Panel 10.0.1 MU#2 – Plesk admin password changing.
The Micro-Update delivers bug fix for vulnerability that allows authorized Plesk user to change Plesk ‘admin’ password and then compromise Control Panel.
60 queries. 8.75 mb Memory usage. 0.583 seconds.