Page 1 of 1

0.9.8-23 (security)

Posted: Thu Oct 18, 2018 2:44 pm
by imperio
  • Security fix for timing attack on password reset. Thanks to
  • Security fix for v-open-fs-config. Its visibility is limited to /etc and /var/lib directories
  • Security check for/usr/bin/dhcprenew binary. If found checker notifies server administrator
  • Security improvement for sudo. It is now limited to vesta scripts only and doesn't allow admin to execute any other command
  • Security improvement: admin password and database passwords are generated individually
  • Security improvement: new installer doesn't use as source for the configuration files. Configs are bundled inside vesta package
  • Security improvement: installer doesn't send any information to after successful installation. It used to send distro name for usage statistics.
Please update your servers a soon as possible

For update run this command

Code: Select all

More information about attack ... installed/
HOW TO: How to clear the server from ChachaDDoS