Due to a remotely exploitable security hole being discovered that
effects all previous Webmin releases, version 1.070 is now available
for download from http://www.webmin.com/ and mirror sites. This
problem was reported by Cintia M. Imanishi, but fortunately there
have been no known malicious exploits of it yet. However, all users
should upgrade to 1.070 as soon as possible.
Along with the security fix, this release also includes the following
* Added find and replace and goto line support to the File Manager
* Init scripts created by Webmin on Linux now start in runlevels
2, 3 and 5, instead of just the current runlevel
* Fixed a bug that caused problems when logging in on OSX, and
stopped Java applets from working under IE
* Added an ACL option in the Sendmail module to control which domains
can be seen in the mail queue
* Added a mode in the Webmin Servers Index to prompt for a logging
when connecting to a server
Also available is Usermin 1.000 which fixes the exact same security
hole. It includes the same File Manager features, as well as support
for IMAP folders and an IMAP inbox in the Read Mail module.
As always, please send me any bug reports or feature suggestions that
you might have.