VestaCP漏洞修补更新
Thanks@安之若素 大佬: http://www.hostloc.com/forum.php ... p;highlight=vestacp
@fkj大佬 http://www.hostloc.com/forum.php ... p;highlight=vestacp
skid wrote Sun Apr 08, 2018 10:26 pm
https://forum.vestacp.com/viewtopic.php?f=10&t=16556&start=260#p68893
The fix has been released just now!
As usually there are 3 ways to update your server:
1. Via web interface
- Login as admin
- Go to updates tab
- Click un update button under vesta package
2. Via package manager
- SSH as root to your server
- yum update / apt-get update && apt-get upgrade
3. Via GitHub
- SSH as root
- Install git / yum install git /apt-get install git
- Then run following commands
Code: Select all
cd $(mktemp -d)
git clone git://github.com/serghey-rodin/vesta.git
/bin/cp -rf vesta/* /usr/local/vesta/
Some information about this indecent. We still don't have working exploit for previous version. But we know for sure that the vector of attack was through a potentially unsecure password check method. Therefore we have completely rewrite password auth function. It's bullet proof now!
Please upgrade your servers as soon as possible. 感谢
007.gif
Thank you! 先升级一波再说 用过,但256M的机不能用,里面带的邮局超方便 有開自動的已經更新到 20 版本... 正在用这个,谢谢
安之若素 发表于 2018-4-9 13:23
国内用这个的人应该不太多,平时也不见mjj讨论这个。
不是不用,是TX云安装不了提示错误 这个国内用户应该不是很多吧http://www.kvm.la/901.html
gcc.sh这玩意还附带有联动,要关机后才好全部清除。
14年15年就发现很多这玩意了。
lol.gif
国内用这个的人应该不太多,平时也不见mjj讨论这个。 完全看不懂
页:
[1]
2