i-MSCP – neues Maintenance Release 1.3.9

Das Open-Source Multi-Server-Control-Panel, i-MSCP ist in de rVersion 1.3.9 freigegeben.

i-MSCP 1.3.9 Release Notes

BACKEND

  • Fixed: Prevent replacement of Apache2 variables in vhost files (iMSCP::TemplateParser)
  • Fixed: Wrong substitution for deleted mount points (iMSCP::Mount)

FRONTEND

  • Added: iMSCP_Authentication_AuthEvent class (Represent authentication event passed-in to listeners)
  • Added: `onSharedScriptStart’ and `onSharedScriptEnd’ events
  • Added: Static info in custom DNS management interface explaining rules for substitution with $ORIGIN (Custom DNS)
  • Added: Support for DNS NS resource record – only allowed for subzone delegation (Custom DNS)
  • Changed: Authentication service class now expects an authentication result object pulled from authentication event
  • Changed: FTP chooser script (ftp_choose_dir.php) is now a shared script (previously, it was a client script)
  • Fixed: A backend request must be triggered when a customer password is being updated by the administrator (Admin level)
  • Fixed: Authentication data (htuser(s)/htgroup(s)) must remain selected upon errors (Protected area form)
  • Fixed: Could not install a new software instance due to a bad check on installation path (Software installer)
  • Fixed: Default (credentials) authentication handler must not stop propagation of authentication event on failure
  • Fixed: Favicon not loaded in some browsers, specially MSIE
  • Fixed: Installation of a new software instance on forwarded domains must be prohibited (Software installer)
  • Fixed: Installation of a new software instance outside of the document root must be prohibited (Software installer)
  • Fixed: MCRYPT extension is being deprecated in PHP 7.1.x and will be removed in PHP 7.2.x (replaced by openssl)
  • Fixed: Missing check on FTP user owner while editing (Ftp user edit form – Security flaw)
  • Fixed: Missing check on Htuser(s)/Htgroup(s) owner while editing (Protected area form – Security flaw)
  • Fixed: Password hash is not updated on customer password change (Reseller level)
  • Fixed: Reseller cannot edit DocumentRoot of domain aliases (Reseller alias edit form)
  • Fixed: Several layout issues in admin/software_rights.tpl (Software installer)
  • Fixed: Several layout issues in client/software_view.tpl (Software installer)
  • Fixed: Wrong SQL query leading to an exception (Software installer)
  • Removed: decryptBlowfishCbcPassword() function (replaced by \iMSCP\Crypt library)

INSTALLER

  • Fixed: Default timezone badly detected – DateTime::TimeZone object isn’t stringifiable

LISTENERS

  • Added: 40_apache2_security_headers.pl listener file for Apache2 security headers – https://securityheaders.io
  • Fixed: 10_proftpd_tuning.pl listener file is broken

MODULES

  • Renamed: Modules::Htusers package to Modules::Htpasswd package

PLUGINS

  • Fixed: Don’t load unused data from plugin table (iMSCP_Plugin_Manager)
  • Updated: API version to 1.0.7 (due to changes made in Authentication service class)

SCRIPTS

  • Fixed: Hide DEBUG messages from the imscp-dpkg-post-invoke.pl script when running APT
  • Fixed: Missing `–debug’ command line option in several scripts

SECURITY

  • Changed: Usage of AES-256 (Rijndael) algorithm to encrypt data in place of the Blowfish algorithm (see the errata)

SERVERS

  • Fixed: Several issues with ProxyErrorOverride directive. See https://i-mscp.net/index.php/Thread/15502

UPGRADE

  • Dropped: Upgrade support for i-MSCP versions older than 1.1.0 (See the errata)

YOUTRACK

  • #IP-1639 When editing a hosting plan, some PHP INI values are not always those that were set while creation
  • #IP-1640 When editing reseller properties, customers’s PHP INI values are updated with incorrect values
  • #IP-1665 Allow underscore in CNAME-record
  • #IP-1666 Could not dump domain.tld when two DNS entries have same name
  • #IP-1667 ITK httpd server implementation – Variables not replaced in vhost template
  • #IP-1671 Backup script – literal error in sql query without visible or negative effect
  • #IP-1672 DocumentRoot no longer editable for domains with shared mount point feature enabled
  • #IP-1676 Input mask during installation when confirmation of password is wrong
Loading...

Schreibe einen Kommentar

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.

Adblock Detected!

Taste-of-IT ist nur machbar, wenn auch die Werbung angezeigt wird. Wir versuchen hierbei diese so dezent wie möglich einzubinden, sodass der Besuch nicht beeinträchtigt wird. Unterstütze uns und setze Taste-of-IT.de in die Whitelist deines Browser. Vielen Dank