A critical vulnerability (CVE-2019-10149) was found in Exim mail server. It allows to execute some code on victim's server with root privileges. This vulnerability affects versions from 4.87 to 4.91. If you are using Exim and haven't ordered managed service, you should urgently upgrade your version of Exim to 4.92.
Information about new releases and bug fixes
1 post • Page 1 of 1
- Security fix for timing attack on password reset. Thanks to https://arcturussecurity.com
- Security fix for v-open-fs-config. Its visibility is limited to /etc and /var/lib directories
- Security check for/usr/bin/dhcprenew binary. If found checker notifies server administrator
- Security improvement for sudo. It is now limited to vesta scripts only and doesn't allow admin to execute any other command
- Security improvement: admin password and database passwords are generated individually
- Security improvement: new installer doesn't use c.vestacp.com as source for the configuration files. Configs are bundled inside vesta package
- Security improvement: installer doesn't send any information to vestacp.com after successful installation. It used to send distro name for usage statistics.
For update run this command
More information about attack
Code: Select all
https://www.welivesecurity.com/2018/10/ ... installed/
HOW TO: How to clear the server from ChachaDDoS