Article ID: 2403, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux

AdditionalInformation

View Knowledge
Knowledge ID 1165
Product : WEBppliance for Linux
Version : 3.5.21
Topic : FAQ

Title
Installation Instructions - WEBppliance Pro for Linux 3.5.21

Summary
Installation Instructions - WEBppliance Pro for Linux 3.5.21

Prevention


Details
Solution:

Ensim today announces the release of WEBppliance Pro for Linux 3.5.21, a maintenance patch that resolves key issues.

Compatibility:

You can upgrade to WEBppliance Pro for Linux version 3.5.21 from version 3.5.20 ONLY.

Patch Summary:

WEBppliance Pro for Linux 3.5.21-10 fixes the following security issues: 

  1. Updates fileutils and coreutils packages that close a potential denial of service vulnerability (28653). Advisory details available at: https://rhn.redhat.com/errata/RHSA-2003-309.html

  2. When upgrading from 3.1 to 3.5.x the logo on the classic skin looks compressed into a smaller space, but looks normal in the mercury skin (28648).   

  3. Spanish translations on the navbar (in the classic skin) are too long for the frame and do not wrap properly (28409).   

  4. Updates glibc packages that resolve vulnerabilities and address several bugs (28763). Advisory details available at https://rhn.redhat.com/errata/RHSA-2003-309.html  

  5. Updated PostgreSQL packages correct a buffer overflow in the to_ascii routines (28776). Advisory details available at https://rhn.redhat.com/errata/RHSA-2003-313.html  

  6. WEBppliance GUI can be remotely restarted by anybody. This is a DoS attack (29408).   

  7. When using mysqlmig.pyc -u option as indicated by WEBppliance Pro upgrade documentation, the user's entries are added 'double encrypted' and thus the passwords are wrong (29004).   

  8. Updated Apache packages that fix a minor security issue (29783). Advisory details available at https://rhn.redhat.com/errata/RHSA-2003-405.html

  9. Logrotate is disabled when a siteadmin changes his password (30013).   

  10. Security bug in phpbb power tool (29056). Advisory details available at http://www.phpbb.com/phpBB/viewtopic.php?t=153818  

  11. Security fix for osCommerce cross site scripting vulnerability (29787). Advisory details available at http://www.oscommerce.com  

  12. Site admin can gain root access through a kind of trojan with webppliance and webalizer service (29744).

Installation:

To install the patch, please follow the instructions below:

1.  Download the file LS-3.5.21-10.tar.gz from http://download.swsoft.com/ensim/download/webppliance/linux/Pro/3.5.21/

2.  Uncompress the file:   
    tar -xvzf LS-3.5.21-10.tar.gz

3.  Change the current directory to the directory where you have uncompressed the file:
    cd LS-3.5.21-10

4.  Run the following command
    # sh ./patch-install-3.5.21-10.sh

The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access). 
    
This install script will restart webppliance services automatically.

For more information about specific security fixes included in this patch, please see the following Related Knowledge:


Attachments


Related Knowledge

Related Links
 
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:45:14 PM95 10/11/2007 6:28:36 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF