This notice contains information for the group of server updates (or dist) occurring November 28, 2011 through November 30, 2011 in all datacenters. Until that time, all of the information included in this document is subject to change.
The following updates affect popular or important services and programs:
The following updates will be made to the Linux VPS/MPS platform.
The following services will be restarted by Verio as part of the update:
The following Linux VPS/MPS updates may require additional attention or action to take advantage of the full benefits of the update. Any possible actions are listed at the end of the individual update information.
The vinstall for MySQL5.5 will be upgraded to version 5.5.16.
To upgrade existing installations of MySQL 5.5.x, connect to your server through SSH and execute the following from the command prompt:
# vinstall mysql5.5
The vinstall for MySQL5.1 will be upgraded to version 5.1.58.
To upgrade existing installations of MySQL 5.1.x, connect to your server through SSH and execute the following from the command prompt:
# vinstall mysql5.1
The vinstall for PHP 5.3 will be upgraded to version 5.3.8.
To upgrade existing installations of PHP 5.3.x, connect to your server through SSH and execute the following from the command prompt:
# vinstall php5.3
The vinstall for phpMyAdmin will be upgraded to version 3.4.5.
To upgrade existing installations of phpMyAdmin, connect to your server through SSH and execute the following from the command prompt:
# vinstall phpmyadmin
The vinstall for Postgresql will be upgraded to version 8.4.8.
To upgrade existing installations of Postgresql8, connect to your server through SSH and execute the following from the command prompt:
# vinstall postgresql
Spamassassin will be upgraded to version 3.3.2.
To upgrade Spamassassin, connect to your server through SSH and execute the following from the command prompt:
# vinstall spamassassin
ClamAV will be upgraded to version 0.97.3. This upgrade fixes problems with the bytecode engine, Safebrowsing detection, hash matcher, and other minor issues.
To upgrade ClamAV, connect to your server through SSH and execute the following from the command prompt:
# vinstall clamav
Innotop will now be available as a vinstall. Innotop replaces mtop for newer versions of MySQL.
To install innotop, connect to your server through SSH and execute the following from the command prompt:
# vinstall innotop
In addition, a script to uninstall innotop will also be included (vuninstall innotop).
The following Linux VPS/MPS updates do not require action by customers to take advantage of the full benefits of the update. Some services may be rebooted as part of the update.
Apache will be upgraded to version 2.0.64 to address the security vulnerability (CVE-2011-3192) discussed here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3192
Sendmail will be upgraded to version 8.14.5.
Dovecot will be upgraded to version 1.2.17.
ProFTPd will be upgraded to version 1.3.3f.
A security setting has been added to allow the SA to force an SSL connection.
mod_perl will be upgraded to version 2.0.5.
The GlobalSign SSL install will be updated to use the DocumentRoot path as the location for the CSR validation for the domain which the SSL certificate is being installed.
vadduser will be updated to correct a bug which would create the Maildir directory is created with root ownership if the server has both Dovecot and CPX installed.
An update will be made that will allow startup scripts specifying a pidfile (-p flag) to now execute properly.
rhn_update and related items will be disabled and removed.
The allow_url_fopen option will be set to "Off" in the default php.ini file. The default setting is changing due to security concerns. Please research other alternatives to this feature due to security issues.
Set the noatime/noadirtime option in fstab for all mounted disks. An evaluation of any customized or third party applications depending on this functionality is suggested.
Note:This notification reflects the best knowledge of code and feature updates for this release. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.
