ISPConfig released

Dieses Thema im Forum "Allgemein" wurde erstellt von Till, 29. März 2016.

  1. Till

    Till Administrator

    What’s new in ISPConfig
    This release contains an important security fix for an insufficient validation of the PHP version selector.

    Scope of the issue: an attacker would require a valid ISPConfig login with access to the web module. The issue affects the ISPConfig interface only, on a multiserver system, only the interface server(s) have to be patched.

    Thank you to Timo Boldt for reporting this issue!

    The fix can be applied by updating to ISPConfig or by using the ISPConfig patch tool.

    Use the Patch tool
    Run the command:

    as root user on the shell. Enter the following patch code when requested by the tool:


    Use the normal ISPConfig update procedure with the command.
    See details at the end of this post.

    The “Reconfigure services” option can be answered with “no” on servers that run ISPConfig

    See changelog link below for a list of all changes that are included in this release.

    The software can be downloaded here:


    Known Issues
    Please take a look at the bug tracker:

    BUG Reporting
    Please report bugs to the ISPConfig bug tracking system:

    Supported Linux Distributions
    – Debian Etch (4.0) – Jessie (8.0) and Debian testing
    – Ubuntu 7.10 – 15.10
    – OpenSuSE 11 – 13.2
    – CentOS 5.2 – 8
    – Fedora 9 – 15

    The installation instructions for ISPConfig can be found here:

    or in the text files (named INSTALL_*.txt) which are inside the docs folder of the .tar.gz file.

    To update existing ISPConfig 3 installations, run this command on the shell:

    Select “stable” as the update resource. The script will check if an updated version of ISPConfig 3 is available and then download the tar.gz and start the setup script.

    Detailed instructions for making a backup before update can be found here:

    If the ISPConfig version on your server does not have this script yet, follow the manual update instructions below.

    Manual update instructions
    cd /tmp
    tar xvfz ISPConfig-3-stable.tar.gz
    cd ispconfig3_install/install
    php -q update.php
  2. BlackP

    BlackP New Member

    habe den Patch per ispconfig_patch eingespielt. Wie bekomme ich jetzt aber den ISPConfig Versionshinweis entfernt.

  3. Till

    Till Administrator

    Wenn Du die Versionsnummer anpassen willst, dann musst Du /usr/local/ispconfig/interface/lib/ ändern.

Diese Seite empfehlen