Blogroll: CloudLinux

I read blogs, as well as write one. The 'blogroll' on this site reproduces some posts from some of the people I enjoy reading. There are currently 73 posts from the blog 'CloudLinux.'

Disclaimer: Reproducing an article here need not necessarily imply agreement or endorsement!

Subscribe to CloudLinux feed
All blog entries from https://www.cloudlinux.com/
Updated: 3 hours 6 min ago

PHP for EasyApache 4 updated

Tue, 28/03/2017 - 16:13

The new updated PHP for EasyApache 4 are available from our production repository.

Changelog:

NOTE: ea-php51 and ea-php52 have no PHP-FPM support. Please use mod_lsapi instead (http://docs.cloudlinux.com/index.html?mod_lsapi_installation.html).

ea-php53-php-5.3.29-10.cloudlinux.1

ea-php54-php-5.4.45-28.cloudlinux.2

ea-php55-php-5.5.38-11.cloudlinux.2

ea-php56-php-5.6.30-4.cloudlinux.2

ea-php70-php-7.0.17-1.cloudlinux.1

ea-php71-php-7.1.3-1.cloudlinux.2

To update run:

yum clean all yum update ea-php*

To install run:

yum install ea-php*
Categories: Technology

Beta: New CloudLinux 7 kernel released

Tue, 28/03/2017 - 14:05

The new updated CloudLinux 7 kernel (version 3.10.0-427.36.1.lve1.4.42) is available for download from our updates-testing repository.

Changelog since 3.10.0-427.36.1.lve1.4.40:

  • fixed a deadlock with HPC backup solution;
  • CLKRN-92: megaraid driver panic fixes;
  • CLKRN-94: improved a symlink attack protection by checking nested symlinks;
  • CLKRN-95: reduced high-order allocation impact in filesystem mount code;
  • CLKRN-97: fixed race condition in common hashtable implementation;
  • Implemented global_root_enable flag which increases symlink owner protection (disabled by default). Find details in our documentation

To install new kernel please run the following commands:

yum clean all --enablerepo=cloudlinux-updates-testing yum install kernel-3.10.0-427.36.1.lve1.4.42.el7 kmod-lve-1.4-42.el7 --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: ea-apache24 2.4.25-4.cloudlinux.1 released

Tue, 28/03/2017 - 08:28

The new updated apache24 version 2.4.25-4.cloudlinux.1 for EasyApache 4 is available for download from EA4 beta repository.

Changelog:

ea-apache24 version 2.4.25-4.cloudlinux.1

  • Fixed 60189 bug.
  • Fixed MPM event crash on restart (MODLS-395).

For installation:

Read:

http://docs.cloudlinux.com/index.html?cpanel_easyapache_4.html

Run: 

$ yum clean all --enablerepo=cl-ea4-testing $ yum update ea-apache24 --enablerepo=cl-ea4-testing $ service httpd restart

For update:

$ yum clean all --enablerepo=cl-ea4-testing $ yum update ea-apache24 --enablerepo=cl-ea4-testing $ service httpd restart
Categories: Technology

Beta: mod_hostinglimits updated

Tue, 28/03/2017 - 08:24

The new updated httpd24-mod_hostinglimits (CloudLinux 6) and httpd24-apr packages are available for download from our updates-testing repository.

Changelog:

httpd24-mod_hostinglimits 1.0-28

httpd24-apr 1.5.2-3

  • Added extra check of lve_enter result and store it for further analysis. Avoiding lve_leave error in dmesg.

For installation/update:

yum install httpd24-mod_hostinglimits httpd24-apr --enablerepo=cloudlinux-updates-testing
Categories: Technology

Imunify360 2.0 released

Tue, 28/03/2017 - 08:14

We are pleased to announce that the new updated Imunify360 2.0-7 is now available. The latest version embodies further improvements of the product as well as new features. Imunify360 also has become more reliable and stable due to the bug fixes described below.

Should you encounter any problems with product or have any questions, comments or suggestions, please contact our support team at helpdesk.cloudlinux.com: Imunify360 department. We’d be more than happy to help you.

Key improvements

  • [DEF-1144, DEF-1103] - implemented on demand scan;
  • [DEF-1072] - added preview for quarantine and suspicious files;
  • [DEF-1069] - implemented suspicious files table.

Improvements

  • [DEF-985, DEF-1287] - fixed malware scanner ignore list settings;
  • [DEF-930, DEF-954, DEF-1039] - reduced CPU usage, optimized messages processing;
  • [DEF-998] - using ModSecurity COMODO rules instead of OWASP CRS;
  • [DEF-1058] - capturing incidents only with specified severity level;
  • [DEF-1153] - implemented commands for suspicious files;
  • [DEF-1157] - pure-ftpd scans depend on MOVE_TO_QUARANTINE option;
  • [DEF-1169] - tweaked ModSecurity SecRuleEngine responsibly;
  • [DEF-1187] - implemented new communication options for CLN server and imunify360 server;
  • [DEF-1207] - does not install ModSecurity ruleset if LiteSpeed is installed;
  • [DEF-1222, DEF-1223] - added license expiration notification;
  • [DEF-1267] - installing ea-php only for ea4;
  • [DEF-1269] - blocking IP by ModSecurity critical events by default;
  • [DEF-1307] - renamed Alt-PHP to HardenedPHP;
  • [DEF-1229] - improved browser support;
  • [DEF-1076] - enabled setting comment when adding IP to white/black list;
  • [DEF-1069] - implemented suspicious files table;
  • [DEF-1232] - set max value validation for auto whitelist timeout;
  • [DEF-1080] - added group action button for group removing of IPs.

Fixes

  • [DEF-1123] - fixed saving incorrect config;
  • [DEF-1128] - fixed empty ModSecurity Hits List;
  • [DEF-1133] - fixed bug when Imunify360 displayed "expiration" incorrectly;
  • [DEF-1136] - fixed broken menu bar layout;
  • [DEF-1138] - maldet --mkpubpaths executed by cron job;
  • [DEF-1152] - fixed Cloudlinux 7 captcha server crashes on start;
  • [DEF-1164, DEF-1212] - fixed SSL certs errors for DNS Only installations;
  • [DEF-1172] - fixed captcha spelling error;
  • [DEF-1195] - fixed error with pure-ftp scan;
  • [DEF-1204] - fixed blocking by country if a user is auto whitelisted;
  • [DEF-1230] - fixed max allowed expiration for auto whitelist IP;
  • [DEF-1280] - mod_security does not block uploads if maldet misconfigured;
  • [DEF-1085] - fixed "event is not defined" error;
  • [DEF-1310] - removed unused fields from settings requests;
  • [DEF-1086] - grammar fixes;
  • [DEF-1215] - fixed Add button confusing behavior in Whitelist section;
  • [DEF-1189] - country search button disabled if incorrect country is entered;
  • [DEF-1190] - fixed an error when country name instead of country code can be sent to the server as key for searching IP;
  • [DEF-1168] - "Actions" column in IP/Countries list does not contain number of selected items;
  • [DEF-1126] - forbidden GET-requests to handlers/sendRequest.cgi.

To instal new Imunify360 version 2.0 please follow the instructions in documentation.

To upgrade Imunify360 run the command:

yum update imunify360-firewall
Categories: Technology

Beta: mod_hostinglimits and ea-apr 1.5.2-6.cloudlinux.1 for EasyApache 4 updated

Fri, 24/03/2017 - 15:13

The new updated mod_hostinglimits (CL5, CL6, CL7), ea-apache24-mod_hostinglimits (CL6 and CL7) and ea-apr-1.5.2-6.cloudlinux.1 are available for download from our updates-testing repository.

Changelog:

mod_hostinglimits 1.0-28

ea-apache24-mod_hostinglimits 1.0-28

ea-apr 1.5.2-6.cloudlinux.1

  • Added extra check of lve_enter result and store it for further analysis. Should avoid lve_leave error in dmesg.

EasyApache 4:

For installation:

1. Read: http://docs.cloudlinux.com/index.html?cpanel_easyapache_4.html

2. Run:

$ yum clean all --enablerepo=cl-ea4-testing $ yum update ea-apache24-mod_hostinglimits ea-apr --enablerepo=cl-ea4-testing $ service httpd restart

To update run:

$ yum clean all --enablerepo=cl-ea4-testing $ yum update ea-apache24-mod_hostinglimits ea-apr --enablerepo=cl-ea4-testing $ service httpd restart

RPM based:

For install/update:

$ yum install mod_hostinglimits --enablerepo=cloudlinux-updates-testing

DirecAdmin:

$ cd /usr/local/directadmin/custombuild $ ./build set cloudlinux_beta yes $ ./build update $ ./build apache $ service httpd restart

Note. For other systems (cPanel+Ea3, Plesk, non-panel) the packages will be provided next week.

Categories: Technology

New LVE Manager production release targeted for April 3rd

Fri, 24/03/2017 - 14:01

LVEMAN UI

Due to a positive feedback from the second beta of LVE Manager on 100+ installs, we are planning to deploy the new version of LVE Manager to production on April 3rd.

If you are running several CloudLinux servers, please try to test beta on one of them before the release to make sure it doesn't affect all your servers.

You can find more about this beta and about new LVE manager in our previous blog-post, as well as at CloudLinux Academy webinar.

To install the upgrade package run: 

$ yum update cagefs lvemanager lve-utils lve-stats --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: PHP for EasyApache 4 updated

Thu, 23/03/2017 - 10:28

The new updated PHP for EasyApache 4 are available from the EA4 testing repository.

Changelog:

NOTE: ea-php51 and ea-php52 have no PHP-FPM support. Please use mod_lsapi instead (http://docs.cloudlinux.com/index.html?mod_lsapi_installation.html).

ea-php51-php-5.1.6-5.cloudlinux (initial release)

  • CVE-2016-10158 php: Wrong calculation in exif_convert_any_to_int function;
  • CVE-2016-10167 gd: DoS vulnerability in gdImageCreateFromGd2Ctx();
  • CVE-2016-10168 gd: Integer overflow in gd_io.c;
  • CVE-2016-4070 php: Integer overflow in php_raw_url_encode;
  • CVE-2016-7125 php: Session Data Injection Vulnerability;
  • CVE-2016-7126 php: select_colors write out-of-bounds;
  • CVE-2016-7127 php: imagegammacorrect allows arbitrary write access;
  • CVE-2016-7129 php: wddx_deserialize allows illegal memory access;
  • CVE-2016-7130 php: wddx_deserialize null dereference;
  • CVE-2016-7131 php: wddx_deserialize null dereference with invalid xml;
  • CVE-2016-7132 php: wddx_deserialize null dereference in php_wddx_pop_element;
  • CVE-2016-9933 php, gd: Stack overflow in gdImageFillToBorder on truecolor images;
  • CVE-2016-9935 php: Invalid read when wddx decodes empty boolean element;
  • CVE-2006-5465 PHP buffer overflow;
  • CVE-2006-7243 php: paths with NULL character were considered valid;
  • CVE-2007-0455 gd buffer overrun;
  • CVE-2007-1864 php libxmlrpc library overflow;
  • CVE-2007-2756 gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG;
  • CVE-2007-2872 php chunk_split integer overflow;
  • CVE-2007-3799 php cross-site cookie insertion;
  • CVE-2007-3996 php multiple integer overflows in gd;
  • CVE-2007-3998 php floating point exception inside wordwrap;
  • CVE-2007-4658 php money_format format string issue;
  • CVE-2007-4670 php malformed cookie handling;
  • CVE-2007-4782 php crash in glob() and fnmatch() functions;
  • CVE-2007-5898 php htmlentities/htmlspecialchars multibyte sequences;
  • CVE-2007-5899 php session ID leakage;
  • CVE-2008-2051 PHP multibyte shell escape flaw;
  • CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension;
  • CVE-2008-3659 php: buffer overflow in memnstr;
  • CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension;
  • CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure;
  • CVE-2008-5557 php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution);
  • CVE-2008-5624 php: missing initialization of BG(page_uid) and BG(page_gid);
  • CVE-2008-5625 php: incorrect php_value order for Apache configuration;
  • CVE-2008-5814 php: XSS via PHP error messages;
  • CVE-2008-7068 php: dba_replace() file corruption vulnerability;
  • CVE-2009-2687 php: exif_read_data crash on corrupted JPEG files;
  • CVE-2009-3291 php: openssl extension: Incorrect verification of SSL certificate with NUL in name;
  • CVE-2009-3292 php: exif extension: Multiple missing sanity checks in EXIF file processing;
  • CVE-2009-3546 gd: insufficient input validation in _gdGetColors();
  • CVE-2009-4017 PHP: resource exhaustion attack via upload requests with lots of files;
  • CVE-2009-4142 php: htmlspecialchars() insufficient checking of input for multi-byte encodings;
  • CVE-2010-0397 php: NULL pointer dereference in XML-RPC extension;
  • CVE-2010-1128 php: LCG entropy weakness;
  • CVE-2010-1129 CVE-2010-1130 php: safe_mode / open_basedir security fixes in 5.2.13/5.3.2;
  • CVE-2010-1861 php: shm_put_var interruption vulnerability (MOPS-2010-009);
  • CVE-2010-1868 php: sqlite: use of uninitialized memory triggered by empty SQL query (MOPS-2010-012, MOPS-2010-013);
  • CVE-2010-1917 php: fnmatch long pattern stack memory exhaustion (MOPS-2010-021);
  • CVE-2010-2191 php: multiple interruption vulnerabilities (MOPS-2010-0[49,50,51,52,53,54,55]);
  • CVE-2010-2531 php: information leak vulnerability in var_export();
  • CVE-2010-3065 php: session serializer session data injection vulnerability (MOPS-2010-060);
  • CVE-2010-3870 php: XSS mitigation bypass via utf8_decode();
  • CVE-2011-0708 php: buffer over-read in Exif extension;
  • CVE-2011-1092 php: integer overflow in shmop_read();
  • CVE-2011-1148 php: use-after-free vulnerability in substr_replace();
  • CVE-2011-1466 php: Crash by converting serial day numbers (SDN) into Julian calendar;
  • CVE-2011-1469 php: DoS when using HTTP proxy with the FTP wrapper;
  • CVE-2011-1938 php: stack-based buffer overflow in socket_connect();
  • CVE-2011-2202 php: file path injection vulnerability in RFC1867 file upload filename;
  • CVE-2011-4566 php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure;
  • CVE-2011-4885 php: hash table collisions CPU usage DoS (oCERT-2011-003);
  • CVE-2012-0830 php: remote code exec flaw introduced in the CVE-2011-4885 hashdos fix;
  • CVE-2012-1172 php: $_FILES array indexes corruption;
  • CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827);
  • CVE-2012-2336 php: incomplete CVE-2012-1823 fix - missing filtering of -T and -h;
  • CVE-2012-2688 php: Integer Signedness issues in _php_stream_scandir;
  • CVE-2012-3365 php: open_basedir bypass via SQLite functionality;
  • CVE-2013-1635 php, php53: Arbitrary locations file write due absent validation of; soap.wsdl_cache_dir configuration directive value;
  • CVE-2013-6420 php: memory corruption in openssl_x509_parse();
  • CVE-2014-2497 gd: NULL pointer dereference in gdImageCreateFromXpm();
  • CVE-2014-3597 php: multiple buffer over-reads in php_parserr;
  • CVE-2014-3669 php: integer overflow in unserialize();
  • CVE-2014-3670 php: heap corruption issue in exif_thumbnail();
  • CVE-2014-8626 php: xmlrpc ISO8601 date format parsing buffer overflow;
  • CVE-2014-9425 php: Double-free in zend_ts_hash_graceful_destroy();
  • CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c;
  • CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow;
  • CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name;
  • CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re;
  • CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4;
  • CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions;
  • CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions;
  • CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing;
  • CVE-2015-4024 php: multipart/form-data request parsing CPU usage DoS;
  • CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+;
  • CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character;
  • CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize();
  • CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize();
  • CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions;
  • CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods;
  • CVE-2015-4602 php: Incomplete Class unserialization type confusion;
  • CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize;
  • CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize;
  • CVE-2015-6835 php: use-after-free vulnerability in session deserializer;
  • CVE-2015-6836 php: SOAP serialize_function_call() type confusion;
  • CVE-2015-6837 CVE-2015-6838 php: NULL pointer dereference in XSLTProcessor class;
  • CVE-2015-8835 php: type confusion issue in Soap Client call() method;
  • CVE-2016-10161 php: Out-of-bounds heap read on unserialize in finish_nested_data();
  • CVE-2016-3074 php: Signedness vulnerability causing heap overflow in libgd;
  • CVE-2016-5094 php: Integer overflow in php_html_entities();
  • CVE-2016-5399 php: Improper error handling in bzread();
  • CVE-2016-5766 gd: Integer Overflow in _gd2GetHeader() resulting in heap overflow;
  • CVE-2016-5772 php: Double Free Corruption in wddx_deserialize;
  • CVE-2016-6288 php: Buffer over-read in php_url_parse_ex;
  • CVE-2016-6289 php: Integer overflow leads to buffer overflow in virtual_file_ex;
  • CVE-2016-6290 php: Use after free in unserialize() with Unexpected Session Deserialization;
  • CVE-2016-6296 php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c;
  • CVE-2016-7128 php: Memory Leakage In exif_process_IFD_in_TIFF;
  • CVE-2016-7418 php: Null pointer dereference in php_wddx_push_element;
  • bug 37368: Incorrect timestamp returned for strtotime();
  • bug 37514: strtotime doesn't assume year correctly;
  • bug 37850: Reference counting bug in SoapClient::__setSoapHeaders();
  • bug 38534: segmentation fault;
  • bug 40109: iptcembed fails on non-jfif jpegs;
  • bug 40467: Partial SOAP request sent when XSD sequence or choice include minOccurs=0;
  • bug 41004: minOccurs="0" and null class member variable;
  • bug 45706: Serializing of ArrayIterator extended Objects;
  • bug 47245: crash following mb_detect_encoding;
  • bug 65481: Shutdown segfault due to serialize;
  • bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization;
  • bug 70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker();
  • bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability;
  • bug 71039: exec functions ignore length but look for NULL termination;
  • bug 71459: Integer overflow in iptcembed();
  • bug 71587: Use-After-Free / Double-Free in WDDX Deserialize;
  • bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • bug 72771: ftps:// wrapper is vulnerable to protocol downgrade attack;
  • bug 72807: integer overflow in curl_escape caused heap corruption;
  • bug 72836: integer overflow in base64_decode caused heap corruption;
  • bug 72837: integer overflow in bzdecompress caused heap corruption;
  • bug 72849: integer overflow in urlencode caused heap corruption;
  • bug 72850: integer overflow in php_uuencode caused heap corruption;
  • bug 73017: memory corruption in wordwrap function;
  • bug 73073: CachingIterator null dereference when convert to string;
  • bug 73082: string length overflow in mb_encode_* function;
  • bug 73150: missing NULL check in dom_document_save_html;
  • bug 73208: integer overflow in imap_8bit caused heap corruption;
  • bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow;
  • bug 73452: Segfault (Regression for #69152);
  • EA-5807: enabled php-tidy on rhel 6 and above;
  • EA-5946: force requirement of ea-libtidy instead of .so from BuildRequires ea-libtidy-devel;
  • Disabled automatic Requires generation for curl subpackage;
  • ALTPHP-306: LSPHP: Return response code and response status line in cgi/fcgi manner;
  • use ea-libcurl 7.53.1 instead of system curl package, see https://features.cpanel.net/topic/update-curl-for-easyapache-4-and-cloudlinux-6-8 for details.

ea-php52-php-5.2.17-9.cloudlinux

  • Improve check for :memory: pseudo-filename in SQlite (CVE-2012-3365);
  • bug 70081: SoapClient info leak / null pointer dereference via multiple type confusions (CVE-2015-8835);
  • Added check that soap.wsdl_cache_dir conforms to open_basedir (CVE-2013-1635);
  • bug 70350: ZipArchive::extractTo allows for directory traversal when creating directories (CVE-2014-9767);
  • Disabled external entities loading (CVE-2013-1643, CVE-2013-1824);
  • bug 72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128);
  • EA-5807: enable php-tidy on rhel 6 and above;
  • EA-5946: force requirement of ea-libtidy instead of .so from BuildRequires ea-libtidy-devel;
  • Disabled automatic Requires generation for curl subpackage;
  • ALTPHP-306: LSPHP: Return response code and response status line in cgi/fcgi manner;
  • use ea-libcurl 7.53.1 instead of system curl package, see https://features.cpanel.net/topic/update-curl-for-easyapache-4-and-cloudlinux-6-8 for details.

ea-php53-php-5.3.29-10.cloudlinux.1

ea-php54-php-5.4.45-28.cloudlinux.2

ea-php55-php-5.5.38-11.cloudlinux.2

ea-php56-php-5.6.30-4.cloudlinux.2

ea-php70-php-7.0.17-1.cloudlinux.1

ea-php71-php-7.1.3-1.cloudlinux.2

To update run:

yum clean all --enablerepo=cl-ea4-testing yum update ea-php* --enablerepo=cl-ea4-testing

To install:

Run:

yum-config-manager --enable cl-ea4-testing

Install one of the profiles (allphp_cl, allphp_cl_lsapi, allphp-opcache_cl, allphp-opcache_cl) via the web interface or via the command line tool.

Run:

yum-config-manager --disable cl-ea4-testing
Categories: Technology

We need your feedback - LVE Manager Beta 2 Released

Wed, 22/03/2017 - 20:03

image00

Be amongst the first to try our second beta of new admin UI for LVE Manager.

The new user interface was released to beta two months ago, and it has been now improved! Our team fixed a number of bugs as well as improved overall performance and responsiveness of the interface.


To find more about new LVE Manager watch our CloudLinux Academy webinar (https://www.cloudlinux.com/cloudlinux-academy ).The new interface unifies control over all parts of CloudLinux OS functionality into one place and makes it easy and convenient for sys admins to manage CloudLinux settings.

We are hoping to release this beta to production soon - and we need your feedback for that. We encourage you to try our new improved LVE Manager. If you want to try this new beta, please install the upgrade package from our upgrades-testing repository:

$ yum update cagefs lvemanager lve-utils lve-stats --enablerepo=cloudlinux-updates-testing

Change log

alt-python27-cllib

- LVES-677 - Make StatsNotifier workable on Plesk

- LVEMAN-1075: Remove files for old lve-stats1; add conflict with lve-stats1

- LVES-678 Make StatsNotifier workable on DirectAdmin

- PTCLLIB-86 - Fix TypeError when trying to get user domains on DA

- LU-364 Few Mysql governor api calls now returns 0 on success

- PTCLLIB-83 Plugin detection results now cached only for third-party plugins Replace dangerous exec() with import_module() for plugin loading

- PTCLLIB-85: Fix ValueError when retrieving user io limit and it is less than 1mb/s

 

lve-utils

- LU-380: Fix traceback when try to set speed limit that bigger than machine's maximum limit witout "%" sign.

- LU-374: Fix behavior of "cloudlinux-limits" when reset limits to package default. Part II

- LU-336: --save-all-parameters option of lvectl should correctly process speed limits

- LU-374: Fix behavior of "cloudlinux-limits" when reset limits to package default

- LU-376: Fix traceback in 'cloudlinux-selector --json set --selector-status=disabled/enabled' on Plesk

- LU-373: Fix behaviour for keys `--get-user-reseller`, `--userid`, etc in getcontrolpaneluserspackages

- LU-366: Fix /usr/sbin/processpaneluserspackages traceback

- LU-363: Add ability to cl-packages to pass package name as string of codes

- LU-364 Accumulate ret codes during cllimits set Fixed trace when Mysql governor isn't installed

- LU-360: Create key `--get-user-reseller` for getcontrolpaneluserspackages script for DA and Plesk

- LU-343: "cloudlinux-limits set" command should return new limits as json

- LU-367: Fix cloudlinux-limits traceback is user's package contains quotas

- LU-198 Fix: save_xml() was not atomic. Used tmp file + os.rename to make it atomic (implement locking while processing ve.cfg file)

- LU-340: Allow to save speed limits without % (part 2)

- LU-128: rewrite /usr/sbin/processpaneluserspackages from perl to python

- LU-351: Fix error during saving new limits for package with non-ascii characters

- LU-359: Fix cloudlinux-config hangs during MySQL Governer configuration

- LU-356: Hide "Select PHP version" icon in the user interface of cPanel when selector is disabled

- LU-348: LVE Manager -> Packages fails on DA and Plesk

- LU-336: --save-all-parameters option of lvectl should correctly process speed limits

- LU-279: lveps does not work due to cpu frequency in the /proc/cpuinfo = 0

- LVEMAN-1072: Fix behavior of Reset button for inodes limits in Options

 

lve-stats

- LVES-700: Fix "invalid literal for float()" when trying to get LiteSpeed request time in snapshot

- LVES-710: Fix IOError when sending message to sentry under user

- LVES-701: Add clearing old snapshots

- LVES-652: Every time show mysql fields in cloudlinux-statistics if mySqlGov enabled (part 2)

- LVES-676: Return io values in same units of measurement in cloudlinux-top and cloudlinux-statistics

 

UI

- WEB-488: Fix position for Unrestrict button, message and page reloading in Current usage tab.

- WEB-489: Show tooltip in "Current Usage" tab if radio-button "Domain" selected.

- WEB-484: Do not show MySQL statistics on statistics tab if MySQL is not selected for showing.

- WEB-485: SPA plugin becomes broken after update to cPanel EDGE

- WEB-440: Implement placeholder on Options tab for DA and Plesk when no governor in the system.

- Revert "WEB-362: Install Imunify LVE Manager settings button"

-LVEMAN-1051 implement PHP Selector without CageFS (for single account on a server)

-WEB-468 Gerrit trigger

-WEB-464 Insert static data into rpm packages, created by build system

-WEB-465 Show the biggest format of all IO in lvemanager

-WEB-466 Handle logout error in cpanel

-LVEMAN-1067: Missed file "/etc/cron.d/lvemanager-selector" after clean installation lvemanager

-CAG-537 add --apply-global-php-ini option

-WEB-438 Fix view of SPA plugin on cPanel EDGE to allow user's read alerts

-WEB-406 Fix does not display tooltips built-in svg-graphics

-WEB-374 Do not allow admin to edit Mysql limits if governor mode if all \ off

-WEB-304 Add starting loader to cpanel as it is done in direct admin

-WEB-384 Fix for [-] button for user in Users tab in Edit mode

-WEB-370 Fix loader bug in MS Edge

-WEB-443 - In settings on cPanel save button disappeared

-WEB-391 Add possibility to manage unit of CPU value via SPA plugin

-WEB-448 IO in history doesn`t show"

-WEB-441 Fix Loader when pressing Save button in Users tab.

-LVEMAN-1002: Add clquota -YC to cron

-WEB-362 Install Imunify LVE Manager settings button

-LVEMAN-1054: Fix for inodes usage  in cPanel stats bar and in Current Usage in user interface

- WEB-415: Investigate and add protection of CSRF Attack vulnerability for spa lvemanager

- WEB-380:Add convertion for I/O and MySQL I/O in Current Usage

- WEB-399 Temporary disable LVE Faults Email Notifications on DirectAdmin and Plesk

- WEB-389 Must save only changed users limits (speed/inodes/ep/etc)

- WEB-419:Limits in History doesn`t show"

- WEB-373 Fix for governor options in Options tab

- WEB-395 Handle of end of panel session

- WEB-402 Fix bread crumbs in SPA.

- WEB-352: Implement sentry to lvemanager spa

- WEB-386 User editing bugs

- WEB-393 Investigate the reported vulnerability in PHP selector webUI

- WEB-390 radiobutton 'Domain' behavior on Current Usage tab

- WEB-382 Do not show VMEM column if it is empty

- WEB-387 Add loader on options page

- WEB-404 Improve validation in lve-manager/users

- WEB-336 Add two checkboxes in Package

- WEB-376 Use promises

- WEB-377 Fix small problems before Webinar

Categories: Technology

Beta: criu-lve updated

Wed, 22/03/2017 - 16:17

The new updated criu-lve version 2.7-11 for CloudLinux 7 is available for download from our updates-testing repository.

Changelog:

criu-lve 2.7-11

  • Fix for CRIU locking by iptables.

This requires mod_lsapi update to the latest version: https://www.cloudlinux.com/cloudlinux-os-blog/entry/beta-mod-lsapi-and-criu-lve-updated-1

To install run the command:

yum clean all --enablerepo=cloudlinux-updates-testing yum install criu-lve --enablerepo=cloudlinux-updates-testing

To update run the command:

yum clean all --enablerepo=cloudlinux-updates-testing yum update criu-lve --enablerepo=cloudlinux-updates-testing

Categories: Technology

Alt-PHP updated

Wed, 22/03/2017 - 12:34

The new updated Alt-PHP packages are available from our production repository.

Changelog:

alt-php70-7.0.17-1

  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 74039: is_infinite(-INF) returns false;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 72719: Relative datetime format ignores weekday on sundays only;
  • (date) 73294: DateTime wrong when date string is negative;
  • (date) 73489: wrong timestamp when call setTimeZone multi times with UTC offset;
  • (date) 73858: first/last day of' flag is not being reset;
  • (date) 73942: $date->modify('Friday this week') doesn't return a Friday if $date is a Sunday;
  • (date) 74057: wrong day when using "this week" in strtotime;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74152: if statement says true to a null variable;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (standard) 74148: ReflectionFunction incorrectly reports the number of arguments;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

alt-php71-7.1.3-1

  • (core) 74157: Segfault with nested generators;
  • (core) 74164: PHP hangs when an invalid value is dynamically passed to typehinted by-ref arg;
  • (core) 74093: Maximum execution time of n+2 seconds exceed not written in error_log;
  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 73837: "new DateTime()" sometimes returns 1 second ago value;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (openssl) 74099: Memory leak with openssl_encrypt;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 74041: substr_count with length=0 broken;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

To install run the command:

yum groupinstall alt-php
Categories: Technology

PHP for EasyApache 4 updated

Wed, 22/03/2017 - 12:31

The new updated PHP for EasyApache 4 packages are available from our production repository.

Changelog:

ea-php70-7.0.17-1.cloudlinux

  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 74039: is_infinite(-INF) returns false;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 72719: Relative datetime format ignores weekday on sundays only;
  • (date) 73294: DateTime wrong when date string is negative;
  • (date) 73489: wrong timestamp when call setTimeZone multi times with UTC offset;
  • (date) 73858: first/last day of' flag is not being reset;
  • (date) 73942: $date->modify('Friday this week') doesn't return a Friday if $date is a Sunday;
  • (date) 74057: wrong day when using "this week" in strtotime;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74152: if statement says true to a null variable;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (standard) 74148: ReflectionFunction incorrectly reports the number of arguments;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

ea-php71-7.1.3-1.cloudlinux

  • (core) 74157: Segfault with nested generators;
  • (core) 74164: PHP hangs when an invalid value is dynamically passed to typehinted by-ref arg;
  • (core) 74093: Maximum execution time of n+2 seconds exceed not written in error_log;
  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 73837: "new DateTime()" sometimes returns 1 second ago value;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (openssl) 74099: Memory leak with openssl_encrypt;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 74041: substr_count with length=0 broken;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

ea-php53-5.3.29-10

Added HardenedPHP patches:

  • 72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128);
  • 70350: ZipArchive::extractTo allows for directory traversal when creating directories (CVE-2014-9767);
  • 70081: SoapClient info leak / null pointer dereference via multiple type confusions (CVE-2015-8835);
  • 70121: unserialize() could lead to unexpected methods execution / NULL pointer deref (CVE-2015-8876);
  • 71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut (CVE-2016-4073);
  • 70014: openssl_random_pseudo_bytes() is not cryptographically secure (CVE-2015-8867);
  • ALTPHP-313: added support for сustom php.ini defined via .htaccess to LSPHP;
  • EA-5807: enabled php-tidy on RHEL 6 and above.

ea-php54-5.4.45-28.cloudlinux.1

Added HardenedPHP patches:

  • 72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128);
  • 71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut (CVE-2016-4073);
  • ALTPHP-313: added support for сustom php.ini defined via .htaccess to LSPHP.

ea-php55-5.5.38-11.cloudlinux.1

Added HardenedPHP patches:

  • 72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128);
  • ALTPHP-313: added support for сustom php.ini defined via .htaccess to LSPHP.

ea-php56-5.6.30-4.cloudlinux.1

ea-php70-7.0.16-1.cloudlinux.1

ea-php71-7.1.2-1.cloudlinux.2

  • ALTPHP-313: added support for сustom php.ini defined via .htaccess to LSPHP.

To upgrade run the command:

yum upgrade ea-php*
Categories: Technology

Beta: mod_lsapi and criu-lve updated

Tue, 21/03/2017 - 16:31

The new updated mod_lsapi version 1.1-5 (CL5, CL6, CL7) and criu-lve version 2.7-10 for CloudLinux 7 are available for download from our updates-testing repository.

Changelog:

mod_lsapi 1.1-5

  • MODLS-388: added checking of previous successful lve_enter in dl_clean_all_lve() before lve_exit;
    MODLS-389: fixed an issue when mod_lsapi caused deadlock.

criu-lve 2.7-10

  • One more place for disabling iptables CRIU checking.

Note that CRIU can not correctly freeze lsphp with PrivateTmp enabled. For correct work, PrivateTmp should be false in httpd.service file.

For example:

# cat httpd.service

 

[Unit]

Description=Apache web server managed by cPanel EasyApache

ConditionPathExists=!/etc/httpddisable

ConditionPathExists=!/etc/apachedisable

ConditionPathExists=!/etc/httpdisable

 

[Service]

Type=forking

ExecStart=/usr/local/cpanel/scripts/restartsrv_httpd --no-verbose

PIDFile=/var/run/apache2/httpd.pid

PrivateTmp=false

 

[Install]

WantedBy=multi-user.target

 

How to install (cPanel EA3, EA4 and RPM based systems only):

Control panels and configuration that currently support mod_lsapi+CRIU:

  1. RPM based panels (Plesk or clean OS) + alt-php56 or alt-php70;

  2. cPanel EasyApache 3 + alt-php56 or alt-php70;

  3. cPanel EasyApache 4 + alt-php56 or alt-php70, ea-php56 or ea-php70;

  4. DirectAdmin + alt-php56 or alt-php70.

Required Alt-PHP or ea-php versions:

[alt-php56-5.6.30-2+]

[alt-php70-7.0.15-2+]

[ea-php56-php-5.6.30-1.cloudlinux.2+]

[ea-php70-php-7.0.15-1.cloudlinux.2+]

To update Alt-PHP with freezing support (non cPanel and DirectAdmin): 

yum groupupdate alt-php --enablerepo=cloudlinux-updates-testing

To install alt-php with freezing support:

yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing

To update ea-php (EasyApache 4) with freezing support:

yum-config-manager --enable cl-ea4-testing  yum update ea-php* --enablerepo=cloudlinux-updates-testing yum-config-manager --disable cl-ea4-testing

For install ea-php (EasyApache 4) with freezing support:

yum-config-manager --enable cl-ea4-testing

Install via web-interface or yum install ea-php* --enablerepo=cloudlinux-updates-testing

yum-config-manager --disable cl-ea4-testing

mod_lsapi installation and update:

cPanel EasyApache 3 & RPM Based:

$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing $ yum update mod_lsapi --enablerepo=cloudlinux-updates-testing $ service httpd restart $ systemctl restart criu

Installation for EasyApache 4:

To update:

$ yum update ea-apache24-mod_lsapi liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing --enablerepo=cl-ea4-testing $ service httpd restart $ systemctl restart criu

To install:

$ yum install ea-apache24-mod_lsapi liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing --enablerepo=cl-ea4-testing $ service httpd restart

Directadmin:

$ yum update liblsapi liblsapi-devel --enablerepo=cloudlinux-updates-testing $ cd /usr/local/directadmin/custombuild $ ./build set cloudlinux_beta yes $ ./build update $ ./build mod_lsapi $ service httpd restart $ systemctl restart criu

After installing mod_lsapi, readhttp://docs.cloudlinux.com/index.html?mod_lsapi_installation.html and enable mod_lsapi on your server.

CRIU activation:

systemctl enable criu systemctl start criu

Add to /etc/apache2/conf.d/lsapi.conf or /usr/local/apache/conf/lsapi.conf or /etc/httpd/conf.d/lsapi.conf the following strings:

lsapi_criu On lsapi_criu_socket_path /var/run/criu/criu_service.socket lsapi_backend_semtimedwait On lsapi_backend_initial_start 30 lsapi_criu_use_shm Off

And restart Apache.

Categories: Technology

Beta: mod_proctitle updated

Tue, 21/03/2017 - 16:27

The new updated mod_proctitle version 0.1-8 is available for download from our updates-testing repository.

Changelog:

mod_proctitle 0.1-8

  • AAP-140: mod_proctitle does not store non-unicode strings;
  • CL version check bug fixed.

mod_proctitle is a module for gathering URL information per request. It is available only for Apache 2.4 now.

To install mod_proctitle  for:

  • cPanel with EasyApache 3 and non cPanel (CloudLinux 7 only for non cPanel);
  • cPanel with EasyApache 4;
  • DirectAdmin.

read https://docs.cloudlinux.com/index.html?mod_proctitle.html

Also find the necessary information on how to use it in our documentation: https://docs.cloudlinux.com/index.html?mod_proctitle_info.html

 

Categories: Technology

Beta: MySQL for MySQL Governor updated

Tue, 21/03/2017 - 09:19

The new updated MySQL 5.7.17-2 version for MySQL Governor is available from our updates-testing repository.

Changelog:

cl-MySQL57

  • updated up to 5.7.17;
  • fixed client_error visibility for mysqli.

Note. Save database before the update.

To update run:

# yum update cl-MySQL-meta-client cl-MySQL-meta cl-MySQL-meta cl-MySQL* --enablerepo=cloudlinux-updates-testing #restart mysql #restart governor-mysql

To install on a new server with MySQL 5.7:

# /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=mysql57 # /usr/share/lve/dbgovernor/mysqlgovernor.py --install-beta

Note. cPanel does not support natively MySQL 5.7:

1. https://features.cpanel.net/topic/add-support-for-mysql-5-7

2. https://forums.cpanel.net/threads/mysql-5-7-support.502071/

You can use MySQL 5.7 with cPanel only on your own risk!

Categories: Technology

Beta: Alt-PHP updated

Fri, 17/03/2017 - 12:44

The new updated Alt-PHP packages are available from our updates-testing repository.

Changelog:

alt-php70-7.0.17-1

  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 74039: is_infinite(-INF) returns false;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 72719: Relative datetime format ignores weekday on sundays only;
  • (date) 73294: DateTime wrong when date string is negative;
  • (date) 73489: wrong timestamp when call setTimeZone multi times with UTC offset;
  • (date) 73858: first/last day of' flag is not being reset;
  • (date) 73942: $date->modify('Friday this week') doesn't return a Friday if $date is a Sunday;
  • (date) 74057: wrong day when using "this week" in strtotime;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74152: if statement says true to a null variable;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (standard) 74148: ReflectionFunction incorrectly reports the number of arguments;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

alt-php71-7.1.3-1

  • (core) 74157: Segfault with nested generators;
  • (core) 74164: PHP hangs when an invalid value is dynamically passed to typehinted by-ref arg;
  • (core) 74093: Maximum execution time of n+2 seconds exceed not written in error_log;
  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 73837: "new DateTime()" sometimes returns 1 second ago value;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (openssl) 74099: Memory leak with openssl_encrypt;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 74041: substr_count with length=0 broken;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

To install run the command:

yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing
Categories: Technology

Beta: PHP for EasyApache 4 updated

Fri, 17/03/2017 - 12:16

The new updated PHP for EasyApache 4 packages are available from EA4 testing repository.

Changelog:

ea-php70-7.0.17-1.cloudlinux

  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 74039: is_infinite(-INF) returns false;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 72719: Relative datetime format ignores weekday on sundays only;
  • (date) 73294: DateTime wrong when date string is negative;
  • (date) 73489: wrong timestamp when call setTimeZone multi times with UTC offset;
  • (date) 73858: first/last day of' flag is not being reset;
  • (date) 73942: $date->modify('Friday this week') doesn't return a Friday if $date is a Sunday;
  • (date) 74057: wrong day when using "this week" in strtotime;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74152: if statement says true to a null variable;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (standard) 74148: ReflectionFunction incorrectly reports the number of arguments;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

ea-php71-7.1.3-1.cloudlinux

  • (core) 74157: Segfault with nested generators;
  • (core) 74164: PHP hangs when an invalid value is dynamically passed to typehinted by-ref arg;
  • (core) 74093: Maximum execution time of n+2 seconds exceed not written in error_log;
  • (core) 73989: PHP 7.1 Segfaults within Symfony test suite;
  • (core) 74084: Out of bound read - zend_mm_alloc_small;
  • (core) 73807: Performance problem with processing large post request;
  • (core) 73998: array_key_exists fails on arrays created by get_object_vars;
  • (core) 73954: NAN check fails on Alpine Linux with musl;
  • (core) 73677: Generating phar.phar core dump with gcc ASAN enabled build;
  • (apache) 61471: Incomplete POST does not timeout but is passed to PHP;
  • (date) 73837: "new DateTime()" sometimes returns 1 second ago value;
  • (fpm) 69860: php-fpm process accounting is broken with keepalive;
  • (hash) 73127: gost-crypto hash incorrect if input data contains long 0xFF sequence;
  • (gd) 74031: ReflectionFunction for imagepng is missing last two parameters;
  • (mysqlnd) 74021: fetch_array broken data. Data more then MEDIUMBLOB;
  • (opcache) 74019: Segfault with list;
  • (openssl) 74022: PHP Fast CGI crashes when reading from a pfx file;
  • (openssl) 74099: Memory leak with openssl_encrypt;
  • (standard) 74005: mail.add_x_header causes RFC-breaking lone line feed;
  • (standard) 74041: substr_count with length=0 broken;
  • (standard) 73118: is_callable callable name reports misleading value for anonymous classes;
  • (standard) 74105: PHP on Linux should use /dev/urandom when getrandom is not available;
  • (streams) 73496: Invalid memory access in zend_inline_hash_func;
  • (streams) 74090: stream_get_contents maxlength>-1 returns empty string.

To upgrade run the command:

yum upgrade ea-php* --enablerepo=cl-ea4-testing
Categories: Technology

mod_lsapi updated

Fri, 17/03/2017 - 12:01

The new updated mod_lsapi packages for CloudLinux 5, 6, and 7 as well as for Apache 2.4 (CloudLinux 6) and EasyApache 4 (CloudLinux 6 and 7) are available for download from our production repository.

Changelog:

mod_lsapi 1.0-27

ea-apache24-mod_lsapi 1.0-27

httpd24-mod_lsapi 1.0-27

  • fixed locking global semaphore on lsphp start (which can be the cause of Apache hang);
  • replaced extra lve_exit symbol with lve_destroy.

cPanel (EasyApache 3) & RPM Based:

To update run:

$ yum update liblsapi liblsapi-devel $ yum update mod_lsapi $ service httpd restart

To install follow the instructions:

http://docs.cloudlinux.com/index.html?mod_lsapi_installation.html

DirectAdmin:

To update run:

$ yum update liblsapi liblsapi-devel $ cd /usr/local/directadmin/custombuild $ ./build update $ ./build mod_lsapi

To install follow the instructions:

http://docs.cloudlinux.com/index.html?installation_mod_lsapi.html

EasyApache 4 (CloudLinux 6 and 7):

To update:

$ yum update liblsapi liblsapi-devel $ yum update ea-apache24-mod_lsapi $ service httpd restart

To install:

yum install liblsapi liblsapi-devel

read http://docs.cloudlinux.com/index.html?cpanel_easyapache_4.html

http24 for CloudLinux 6:

For installation/update run:

$ yum install liblsapi liblsapi-devel $ yum install httpd24-mod_lsapi
Categories: Technology

Imunify360 hotfix

Wed, 15/03/2017 - 13:49

A few significant fixes were made after Imunify360 1.1.4 was released. The new updated version is now available for download. Please find more details below.

Changelog:

Imunify360 1.1.4-7

  • DEF-1152: fixed problem when captcha server was unable to start on some CL7 instances;
  • DEF-981: preventing errors when CSF is uninstalled;
  • fixed bug with country delete in black- and white lists.

To instal new Imunify360 version 1.1.4-7 please follow the instructions in the documentation.

To upgrade Imunify360 run the command:

yum update imunify360-firewall

More information on Imunify360 can be found here.

Categories: Technology

mod_hostinglimits updated

Tue, 14/03/2017 - 14:22

The new updated mod_hostinglimits packages (for CL5, CL6, CL7) are available for download from our production repository.

Changelog:

mod_hostinglimits 1.0-27

  • added ability to change 508 (Resource limit reached) error to 429 (Too many requests).

We are planning to move gradually from 508 error to 429 because we got some conflicts with 508 Loop Detected (WebDAV; RFC 5842). If you faced this trouble just use:

LVEUse429 on

In this case, error 429 will be shown on EP limit reaching instead of 508.

508 error is still used by default, but LVEUse429 makes 429 error as code by default.

RPM based:

To install run:

yum install mod_hostinglimits

To update run:

yum update mod_hostinglimits
Categories: Technology

Pages