We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on Vesta 2.0 and expect to release it by the end of 2024. Read more about it: https://vestacp.com/docs/vesta-2-development
0.9.8-23 (security)
0.9.8-23 (security)
- Security fix for timing attack on password reset. Thanks to https://arcturussecurity.com
- Security fix for v-open-fs-config. Its visibility is limited to /etc and /var/lib directories
- Security check for/usr/bin/dhcprenew binary. If found checker notifies server administrator
- Security improvement for sudo. It is now limited to vesta scripts only and doesn't allow admin to execute any other command
- Security improvement: admin password and database passwords are generated individually
- Security improvement: new installer doesn't use c.vestacp.com as source for the configuration files. Configs are bundled inside vesta package
- Security improvement: installer doesn't send any information to vestacp.com after successful installation. It used to send distro name for usage statistics.
For update run this command
Code: Select all
v-update-sys-vesta-allhttps://www.welivesecurity.com/2018/10/ ... installed/
HOW TO: How to clear the server from ChachaDDoS