Falha De Segurança No Cagefs (Cloudlinux)

[Alexandre Duran]

Caros noticia fresquinha: http://www.cloudlinux.com/blog/clnews/354.php

 

New versions of CageFS and LVEManager are available. This update fixes content disclosure vulnerability in PHP Selector module of CageFS. Please, update ASAP if you have PHP Selector enabled 

 

Changelog: 

CageFS 

- Configure pam_lve for CageFS (redone, bugfix) 

- Fixed content disclosure security issue. Special thanks to Patrick H. and Steven Ciaburri from Rack911.com for discovering the vulnerability  

 

 

LVE Manager 

- install-lvemanager-plugin.py: always overwrite destination files while updating lvemanager package (ignore timestamp) 

- piniset: added xcache_3 module to description of conflicts 

- added description of possible solution for the issue "Cannot find user ID" in Plesk 

- piniset: reload user's php processes upon change of php options (bugfix) 

- LVEMAN-63. set correct permissions to /usr/share/l.v.e-manager/utils/install-isp-plugin.sh 

 

Atualizem o seu cagefs - CloudLinux com o comando:

yum update cagefs lvemanager

 

[Marco Antonio]

Obrigado por avisar, ja estamos atualizando os nossos servidores