Hi,
Just got this as we finally have the mail back up. THanks for the
update and the heads up. We've been chasing what I thought was a
DOS here but now I see we've been more likely exploited. Is there
any information out as to getting rid of what ails our machines now?
We have huge (for this little shop) UDP traffic consisting of named
process requests that is just killing the message log with denied
requests.
thanks,
Dan
From: Jamie Cameron <jca...@we...>
To: web...@li...,
web...@li...
Organization:
Subject: [webmin-l] Webmin 1.250 released
Send reply to: web...@li...
<mailto:web...@li...?subject=unsubscribe>
<mailto:web...@li...?subject=subscribe>
Date sent: 01 Dec 2005 10:12:33 +1100
[ Double-click this line for list subscription options ]
Hi everyone,
Webmin version 1.250 is now available for download from
http://www.webmin.com/ and mirror sites. This release includes
the following changes :
- Fixed a denial of service attack and possible remotely exploitable
security hole caused by a bug in Perl.
- Multiple DNS records and Cron jobs can now be deleted at once
in their respective modules.
- Apache define variables are automatically detected on Redhat,
SuSE and Mandrake Linux.
- The Dovecot module now supports the config format used by
version 1.0.
- The File Manager module can search for files by their content,
and preview images.
- Added options to the Sendmail module for controlling the order
in which the mail queue is processes and flushed.
- A bunch of other bugfixes and small changes.
Because of the security hole in older versions of Webmin, I would
strongly
recommend upgrading to 1.250. Because this is a Perl internal
problem
it may not effect all operating systems and Perl releases, but you
can't
be too careful!
Also available is Usermin 1.180, which includes the following
changes :
- Fixed the same security hole as in Webmin.
- The File Manager module can search for files by their content,
and preview images.
- The Mail Forwarding module allows a From: address for
autoreplies
to be entered in 'simple' mode.
As always, please send me any bug reports or feature suggestions
that
you might have.
- Jamie
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through
log files
for problems? Stop! Download the new AJAX search engine that
makes
searching your log files as easy as surfing the web. DOWNLOAD
SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
-
Forwarded by the Webmin mailing list at webadmin-
li...@li...
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-list
|
