Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

[OpenLiteSpeed] Security Update v1.7.16
New on LowEndTalk? Please Register and read our Community Rules.

[OpenLiteSpeed] Security Update v1.7.16

EthernetServersEthernetServers Member, Patron Provider

Important repost from another forum:

OpenLiteSpeed have released an update to v1.7.16 today that includes a security update that is relevant to hosting providers, especially if users are able to create accounts under the /home/ directory.

The local security flaw was found by RACK911 Labs and could lead to a root privilege escalation under certain circumstances.

For some reason, OLS have opted to not include a new version number so the original v1.7.16 from May 15th does NOT include the security update; OLS indicated that the fix was pushed out today in RPM and Debian packages.

I guess as long as you update to v1.7.16 after today, you should be good!

Thanked by 1pbx
Sign In or Register to comment.