i-MSCP – neues Maintenance Release 1.3.9

      Keine Kommentare zu i-MSCP – neues Maintenance Release 1.3.9

Das Open-Source Multi-Server-Control-Panel, i-MSCP ist in de rVersion 1.3.9 freigegeben.

i-MSCP 1.3.9 Release Notes

BACKEND

  • Fixed: Prevent replacement of Apache2 variables in vhost files (iMSCP::TemplateParser)
  • Fixed: Wrong substitution for deleted mount points (iMSCP::Mount)

FRONTEND

  • Added: iMSCP_Authentication_AuthEvent class (Represent authentication event passed-in to listeners)
  • Added: `onSharedScriptStart‘ and `onSharedScriptEnd‘ events
  • Added: Static info in custom DNS management interface explaining rules for substitution with $ORIGIN (Custom DNS)
  • Added: Support for DNS NS resource record – only allowed for subzone delegation (Custom DNS)
  • Changed: Authentication service class now expects an authentication result object pulled from authentication event
  • Changed: FTP chooser script (ftp_choose_dir.php) is now a shared script (previously, it was a client script)
  • Fixed: A backend request must be triggered when a customer password is being updated by the administrator (Admin level)
  • Fixed: Authentication data (htuser(s)/htgroup(s)) must remain selected upon errors (Protected area form)
  • Fixed: Could not install a new software instance due to a bad check on installation path (Software installer)
  • Fixed: Default (credentials) authentication handler must not stop propagation of authentication event on failure
  • Fixed: Favicon not loaded in some browsers, specially MSIE
  • Fixed: Installation of a new software instance on forwarded domains must be prohibited (Software installer)
  • Fixed: Installation of a new software instance outside of the document root must be prohibited (Software installer)
  • Fixed: MCRYPT extension is being deprecated in PHP 7.1.x and will be removed in PHP 7.2.x (replaced by openssl)
  • Fixed: Missing check on FTP user owner while editing (Ftp user edit form – Security flaw)
  • Fixed: Missing check on Htuser(s)/Htgroup(s) owner while editing (Protected area form – Security flaw)
  • Fixed: Password hash is not updated on customer password change (Reseller level)
  • Fixed: Reseller cannot edit DocumentRoot of domain aliases (Reseller alias edit form)
  • Fixed: Several layout issues in admin/software_rights.tpl (Software installer)
  • Fixed: Several layout issues in client/software_view.tpl (Software installer)
  • Fixed: Wrong SQL query leading to an exception (Software installer)
  • Removed: decryptBlowfishCbcPassword() function (replaced by \iMSCP\Crypt library)

INSTALLER

  • Fixed: Default timezone badly detected – DateTime::TimeZone object isn’t stringifiable

LISTENERS

  • Added: 40_apache2_security_headers.pl listener file for Apache2 security headers – https://securityheaders.io
  • Fixed: 10_proftpd_tuning.pl listener file is broken

MODULES

  • Renamed: Modules::Htusers package to Modules::Htpasswd package

PLUGINS

  • Fixed: Don’t load unused data from plugin table (iMSCP_Plugin_Manager)
  • Updated: API version to 1.0.7 (due to changes made in Authentication service class)

SCRIPTS

  • Fixed: Hide DEBUG messages from the imscp-dpkg-post-invoke.pl script when running APT
  • Fixed: Missing `–debug‘ command line option in several scripts

SECURITY

  • Changed: Usage of AES-256 (Rijndael) algorithm to encrypt data in place of the Blowfish algorithm (see the errata)

SERVERS

  • Fixed: Several issues with ProxyErrorOverride directive. See https://i-mscp.net/index.php/Thread/15502

UPGRADE

  • Dropped: Upgrade support for i-MSCP versions older than 1.1.0 (See the errata)

YOUTRACK

  • #IP-1639 When editing a hosting plan, some PHP INI values are not always those that were set while creation
  • #IP-1640 When editing reseller properties, customers’s PHP INI values are updated with incorrect values
  • #IP-1665 Allow underscore in CNAME-record
  • #IP-1666 Could not dump domain.tld when two DNS entries have same name
  • #IP-1667 ITK httpd server implementation – Variables not replaced in vhost template
  • #IP-1671 Backup script – literal error in sql query without visible or negative effect
  • #IP-1672 DocumentRoot no longer editable for domains with shared mount point feature enabled
  • #IP-1676 Input mask during installation when confirmation of password is wrong

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.