Server Software Update Notification: 11-13-2012
-
Tuesday, 13th November, 2012
-
19:16pm
Important: This document contains information for the group of server updates (or dist) occurring in all datacenters. Until that time, all of the information included in this document is subject to change.
• Frankfurt, Germany on 11/12/12
• San Jose, CA on 11/12/12
• Sterling, VA on 11/13/12
• Tokyo, JP on TBD on 11/28/12
Important updates in this Notification:
The following updates affect popular or important services and programs:
• MySQL5.5 (Linux, v3)
• PHP5.3 (Linux, v3)
• Postgresql (v3)
• ClamAV (Linux, v3)
• Apache (Linux)
---------------------------------
Linux MPS/VPS
---------------------------------
The following updates will be made to the Linux VPS/MPS platform.
Important services to be restarted:
The following services will be restarted by Verio as part of the update:
• httpd (Apache)
• named (Bind)
• clamd (ClamAV)
• vsapd (CPX)
Possible Action Needed
The following Linux VPS/MPS updates may require additional attention or action to take advantage of the full benefits of the update. Any possible actions are listed at the end of the individual update information.
MySQL-5.5.25a
The vinstall for MySQL5.5 will be upgraded to version 5.5.25a.
To upgrade existing installations of MySQL5.5, connect to your server through SSH and execute the following from the command prompt:
# vinstall mysql5.5
MySQL-5.1.63
The vinstall for MySQL5.1 will be upgraded to version 5.1.63.
To upgrade existing installations of MySQL5.1, connect to your server through SSH and execute the following from the command prompt:
# vinstall mysql5.1
PHP-5.3.15
The vinstall for PHP5.3 will be upgraded to version 5.3.15 to address the security vulnerability (CVE-2012-2688) discussed here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2688
To upgrade existing installations of PHP5.3, connect to your server through SSH and execute the following from the command prompt:
# vinstall php5.3
No Action Needed
The following Linux VPS/MPS updates do not require action by customers to take advantage of the full benefits of the update. Some services may be restarted as part of the update.
Apache
The current version of Apache will be updated to address several security vulnerabilities (CVE-2011-3192, CVE-2012-0031, and CVE-2012-0053) discussed here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011- 3192
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0031
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0053
ClamAV-0.97.5
ClamAV will be upgraded to version 0.97.5.
Bind-9.7.6-2.P1
Bind will be upgraded to version 9.7.6-2.P1.
CPX
CPX will be updated to address the following items:
• Remove quota temporarily when deleting messages to the Trash folder.
• Allow the Mail Admin to only have mail privileges.
• Allow the Server Admin to edit Shell even for self.
• Do not disable Server Admin when disabling a domain name.
• Remove any archived logs when deleting former Domain Admin.
OneClick SSL update
An issue was occurring where new OneClick SSL certificates would fail if the domain name was listed under the ServerAlias directive. This update will correct the issue.
libxml2-2.6.31
libxml2 will be upgraded to version libxml2-2.6.31.
libxslt-1.1.24
libxslt will be upgraded to version 1.1.24.
------------------------------------
FreeBSD MPS/VPS v3
------------------------------------
The following updates will be made to the FreeBSD VPS/MPS v3 platform.
Important services to be restarted:
The following services will be restarted by Verio as part of the update:
• clamd (ClamAV)
• vsapd (CPX)
Possible Action Needed
The following VPS/MPS v3 updates may require additional attention or action to take advantage of the full benefits of the update. Any possible actions are listed at the end of the individual update information.
MySQL-5.5.25a
The vinstall for MySQL5.5 will be upgraded to version 5.5.25a.
To upgrade existing installations of MySQL5.5, connect to your server through SSH and execute the following from the command prompt:
# vinstall mysql5.5
PHP-5.3.15
The vinstall for PHP5.3 will be upgraded to version 5.3.15 to address the security vulnerability (CVE-2012-2688) discussed here:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2688
To upgrade existing installations of PHP5.3, connect to your server through SSH and execute the following from the command prompt:
# vinstall php5.3
Postgresql-8.4.12
The vinstall for Postgresql8 will be upgraded to version 8.4.12.
To upgrade existing installations of Postgresql, connect to your server through SSH and execute the following from the command prompt:
# vinstall postgresql8
No Action Needed
The following VPS/MPS v3 updates do not require action by customers to take advantage of the full benefits of the update. Some services may be restarted as part of the update.
ClamAV-0.97.5
ClamAV will be upgraded to version 0.97.5.
CPX
CPX will be updated to address the following items:
• Remove quota temporarily when deleting messages to the Trash folder.
• Allow the Mail Admin to only have mail privileges.
• Allow the Server Admin to edit Shell even for self.
• Do not disable Server Admin when disabling a domain name.
• Remove any archived logs when deleting former Domain Admin.
OneClick SSL update
An issue was occurring where new OneClick SSL certificates would fail if the domain name was listed under the ServerAlias directive. This update will correct the issue.
Urchin5 Licensing update
A problem was occurring with the Urchin5 licensing upon installation. The install will be updated to correct this issue.
vuninstall php5.2
The uninstall script for PHP5.2 will be renamed to php5.2. The new command to uninstall PHP5.2 is as follows:
# vuninstall php5.2
phpize
phpize will be updated to use the correct version of AUTOCONF.
Note: This notification reflects the best knowledge of code and feature updates for this release. Changes can be made to the information herein; these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time.
