Webuzo 2.7.5 Launched

Hi,

The Webuzo Team has released Webuzo 2.7.5.
This version has a small bug fix.

The following is a list of changes :

1) [Bug Fix] EMPS cron was unable to update the emps because of incorrect path to emps.php specified in /etc/cron.d/emps. This is fixed.

The upcoming version will bring some exciting Improvements, features and changes.

Regards,
The Webuzo Team

Webuzo System Application: phpMyAdmin 4.8.4 Launched

Hi,

The Webuzo Team has launched phpMyAdmin 4.8.4 the latest version in the release branch.

Please check the change log below:

The security fixes involve:

  • Local file inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/)
  • XSRF/CSRF vulnerabilities allowing a specially-crafted URL to perform harmful operations (https://www.phpmyadmin.net/security/PMASA-2018-7/) and
  • an XSS vulnerability in the navigation tree (https://www.phpmyadmin.net/security/PMASA-2018-8/)

In addition to the security fixes, this release also includes these bug fixes

  • Issue with changing theme
  • Ensure that database names with a dot (‘.’) are handled properly when Disable is true
  • Fix for message “Error while copying database (pma__column_info)”
  • Move operation causes “SELECT * FROM `undefined`” error
  • When logging with $cfg[‘AuthLog’] to syslog, successful login messages were not logged when $cfg[‘AuthLogSuccess’] was true
  • Multiple errors and regressions with Designer

If you have any questions regarding the upgrade or any issues after upgrade let me know in the comments.

Regards,
The Webuzo Team

Webuzo 2.7.4 Launched

Hi,

The Webuzo Team has released Webuzo 2.7.4.
This version has a small bug fix.

The following is a list of changes :

1) [Bug Fix] When the Admin Settings were saved for non IP based licenses, the license key would be converted to a free license. This is fixed.

The upcoming version will bring some exciting Improvements, features and changes.

Regards,
The Webuzo Team

Webuzo 2.7.3 Launched

Hi,

The Webuzo Team has released Webuzo 2.7.3.
This version introduces major bug fixes.

Bug Fixes:

1) ‘Acme script not found’ while issuing let’s encrypt certificate:- This bug has been fixed.

2) Bug related to cpanel migration has been fixed.

3) Bug related to configuration of SSL for Email has been fixed.

The upcoming version will bring more exciting Improvements, features and changes.

Regards,
The Webuzo Team

Webuzo 2.7.2 Launched

Hi,

The Webuzo Team has released Webuzo 2.7.2.
This version introduces a major new Feature, many improvements & bug fixes.

Features:

1) Added Server Reboot utility for users to reboot their servers from panel itself without need to reboot from commandline.

2) Made a wizard to configure the Webuzo panel and Email server certificate with a Let’s Encrypt Certificate.*

3) Added Email Autoresponder utility for setting auto reply emails for user email accounts.*

4) Migration utility has been added so that users can migrate Webuzo panel from one server to another server.

Improvements:

5) Webuzo Default WebMail Client – SquirrelMail has been replaced with Rainloop.

Bug Fixes:

6) Webuzo Backup filenames were not displayed in Webuzo Backup success emails as well as Webuzo backup error messages were not displayed in Webuzo Backup failure emails, this has been fixed.

App Updates:

7) Updated Exim

* Exim must be updated to the latest version

The upcoming version will bring more exciting Improvements, features and changes.

Regards,
The Webuzo Team

Tomcat 9.0 Launched

Hi,

The Webuzo Team has launched Tomcat 9, the latest version of Tomcat.

Apache Tomcat 9.0.x requires Java 8 or later. Apache Tomcat 8.0.x and 8.5.x required Java 7.

Apache Tomcat 9 now supports the following:

  • Java Servlet 4.0
  • JavaServer Pages 2.4
  • Java Unified Expression Language 3.1
  • Java API for WebSocket 2.0

If you want to learn more about Tomcat 9 features then please visit the official site of tomcat on this link below:
http://tomcat.apache.org

Let us know if you have any queries regarding Tomcat 9 in the comment section.

Regards,
Webuzo Team.

MySQL 8.0 Launched

Hi,

Webuzo Team has launched MySQL 8.0, the latest version of MySQL. It is available for both Ubuntu and CentOS.

A lot of important new features have been added in this version. You will find everything you need to know about these amazing new features on this link https://dev.mysql.com/doc/refman/8.0/en/mysql-nutshell.html

Please note these following points:

– Currently, We are not providing upgrades to MySQL 8.0 from any version of MySQL, Percona or MariaDB.
– Only Fresh installation’s of MySQL 8.0 are allowed, so If you have an existing Database then you may not be able to install MySQL 8.0
– Since we are installing MySQL 8.0 from the Vendor’s repo itself, MySQL will update itself whenever the OS updates.

Let us know if you have any queries regarding MySQL 8.0 in the comment section.

Regards,
Webuzo Team.

Webuzo 2.7.1 Launched

Hi,

The Webuzo Team has released Webuzo 2.7.1.
This version introduces a major new Feature many improvements & bug fixes.

Features:

1) Apache Subversion Management(SCM) integrated into Webuzo. Refer this guide to bring your code under Source Control Management.

2) New Architecture for Application Managers to provide fast updates, bug fixes and security patches outside Webuzo releases.

Improvements:

3) Let’s Encrypt Certificate’s will now be updated 30 days before the renewal date.

4) Updated the Let’s Encrypt utility(ACME.SH) which is used to issue and renew certificate.

5) Application Config editor’s can now be resized freely instead of a fixed size.

6) Optimized Pure-FTPd quota check to reduce server load.

7) While downloading backup files Browser’s will now display the total file size and the time to download.

8) Added a CLI utility to make Webuzo aware of the backups files uploaded in the /var/webuzo/backup directory. Refer this guide for more information

9) Exim and Dovecot now support SSL/TLS connections. *

Bug Fixes:

10) Fixed many bugs related to Apache Tomcat Management and configuration.

11) If PHP is running as a service, then editing it’s config file will trigger a restart.

12) Webuzo and numerous other Application service files have been updated so that the service will start up even after a hard reboot. It’s recommended to update all the Applications to the latest version.

13) When multiple Web Servers were installed, restarting the server would cause the non-default Web Server to start up on some servers, this is now fixed.

14) Let’s Encrypt certificate used for the panel was not reloaded after the renewal process, required a manual restart of the Webuzo service, this is now done automatically.

App Updates:

15) Node.js updated to the latest LTS release. Refer this guide to configure Node.js in Webuzo #

16) MariaDB 10.3 the latest version in the 10.x series, launched .

17) Updated Pure-FTPd to the latest LTS release.

18) MySQL 8.0 launched, the latest version by the MySQL Community in the 8.X series.

19) Updated Tomcat 7 & 8 to the latest version.

* Both APP’s must be updated to the latest version
# This is a generic configuration, steps for your application might vary.

The upcoming version will bring more exciting Improvements, features and changes.

Regards,
The Webuzo Team

OpenSSL Vulnerability [CVE-2018-0732 & CVE-2018-0737]

Hi,

We have updated OpenSSL to the latest LTS version: 1.0.2 p

The above update includes fix for the following Vulnerabilities:

CVE-2018-0732:
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).

Find more info at: https://nvd.nist.gov/vuln/detail/CVE-2018-0732

CVE-2018-0737:
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

Find more info at: https://nvd.nist.gov/vuln/detail/CVE-2018-0737

We recommend all users to update OpenSSL, Webserver and related Libraries to protect your server against the above attacks.

Let me know if you have any questions in the comment section.

Regards,
The Webuzo Team

MariaDB 10.3 launched

Hi,

The Webuzo Team has launched MariaDB 10.3 the latest version in the 10.x series.

Maria DB is an open-source alternative to MySQL by the original developer of MySQL.

Get more info on the Maria DB project at the following link: MariaDB Org

You can check if Maria DB fits your needs or not by checking the Release Notes & Change Logs

Upgrades from the following versions of MySQL and MariaDB is allowed:

MySQL – 5.5 – 5.6
Maria DB – 5.5, 10.0 – 10.2

And of course, you can install Maria DB 10.3 as a fresh installation.

Note: After Upgrading or Installing Maria DB 10.3 you cannot downgrade to any version of MySQL or MariaDB

Let me know if you have any questions in the comment section.

Regards,
The Webuzo Team