This version contains Unspecified Command Execution Vulnerability fix.
http://secunia.com/advisories/26885/
Changes since Webmin version 1.360
Webmin Users
Added the Password Restrictions page, for configuring password quality and
change time settings.
Re-designed the Edit User page to use the new Webmin UI library, and move
lesser-used fields into collapsible sections.
Webmin users can have a real name, which can be any text you like.
Apache Webserver
Available Apache modules are now fully automatically detected on all
operating systems, which does away with the Re-Configure Known Modules page.
Bacula Backup System
Removed the requirement for the /etc/bacula/bacula command to be installed,
if /etc/init.d/bacula-* scripts exist.
Added a field to the mount/un-mount page for entering an auto-loader slot
number.
BIND DNS Server
Added a button to the main page for adding a record with the same name and
value to multiple domains at once.
Perl Modules
The module is now available when running Webmin inside a Solaris zone, but
only if Perl is not shared with the global zone.
Dovecot IMAP/POP3 Server
Supported newer versions of Dovecot which use mail_location instead of
default_mail_env.
File Manager
Added a Module Config option to specify file extensions to treat as HTML,
rather than always using only .html and .htm.
Postfix Configuration
Added the new SMTP Authentication And Encryption page for setting SASL and
TLS related options.
Linux RAID
Added support for RAID 10 arrays when using MDADM.
Changed the main page to use a table for existing RAID arrays, rather than
icons.
Added a section for configuring RAID problem notification when using MDADM.
Shoreline Firewall
(Updates by Paul Gear <paul@gear.dyndns.org>.)
BUG: Corrected mis-handling of nested zones introduced in 1.350.
Removed debugging cruft added in 1.350.
Added support for end-of-line comments in zones, params, and shorewall.conf.
Added support for display of long zone names under the new zones format.
Added module option to disable display of long zone names in the rules file.
Usermin Configuration
Separated the Configure Module page into tabs, to make it clearer which
options are global and which are default user preferences.
Webmin Configuration
Added a field to the Advanced Options page to control the number of days
that files in /tmp/.webmin are kept before automatic deletion.
Changes since Webmin version 1.350
Apache Webserver
On Debian and Ubuntu systems, replaced the existing pages for selecting
Apache modules with one that that configures the /etc/apache2/mods-enabled
directory, for much simpler and more workable control over modules.
Scheduled Cron Jobs
Added a button on the Edit Job page for cloning an existing job.
Linux Firewall
Added a setup option to configure a firewall for a typical hosting server.
LDAP Users and Groups
UID and GID allocation is now done by querying the LDAP server for specific
IDs, rather than fetching a list of all users to find which ones are used.
This should be faster on large LDAP servers.
Network Configuration
Re-wrote Gentoo networking support code to work with 2006 and later versions.
PostgreSQL Database Server
Fixed a bug that prevented the 'valid until' date from being displayed for
existing users.
Disk Quotas
Added a Module Config option to show both hard and/or soft quota percentages.
SMART Drive Status
Added a Module Config option for extra smartctl command-line args,
like -d 3ware,0
Usermin Configuration
Added an option to the Authentication page to block users with too many
failed logins, as well as hosts.
Created the new Blocked Hosts and Users page to show blocks currently in
force, and allow them to be cleared.
Webmin Configuration
Added an option to the Authentication page to block users with too many
failed logins, as well as hosts.
Created the new Blocked Hosts and Users page to show blocks currently in
force, and allow them to be cleared.
Added an option to the Ports and Addresses page to control if Webmin
attempts to to reverse-resolve the connected-to IP address when issuing
redirects, such as from non-SSL to SSL mode.
Version 1.350 (1 June 2007)
* Fixed an XSS security bug in pam_login.cgi.
* Added plain-text mode and head section preservation to the File Manager HTML editor, and a field to select which user uploaded files are owned as.
* Added Postfix module configuration options for the start, stop and restart commands.
* Use the HTML output mode from the pgsql command in the PostgreSQL module, for more reliable data editing when DBI is not available.
* The Running Processes module now shows real and virtual memory on Solaris.
* Added Redhat Enterprise 5 support, and fixed SuSE 10 and Solaris-specific bugs
pkgsrc chages: use full distfile instead of non version indivisual module files.
Version 1.340 (8 April 2007)
* Change the default Blue Framed theme to match the style of www.webmin.com, and generally look nicer.
* User interface cleanups in various modules (Apache, Backup Config, Webmin Configuration and others), adding tabs to reduce the size of pages and converting code to use ui-lib.pl.
* The Perl Modules module can now fetch RPM or Deb packaged modules from YUM or APT, where available.
* Added easy fields for sending SMS messages in the System and Server Status module (for US carriers that have email to SMS gateways).
* Replace the old HTMLarea widget for HTML editing in the File Manager and Read User Mail modules with Xinha.
* Linux quotas are now set with the setquota command, which shows up nicely in the actions log.
* Optimizations to speed up getting the hostname and Postfix config settings.
* Improved YUM and Redhat Network support in the Software Packages module.
* View the detailed change log.
Version 1.330 (27 February 2007)
* If the underlying OS is upgraded after Webmin is installed, a message is displayed on the main page prompting you to fix it.
* Added a feature in the BIND module for updating an IP address in multiple zones at once.
* The File Manager now automatic detects HTML files and launches the correct editor.
* Improved the LDAP module's support for large databases.
* When there are too many tables or databases to display in the MySQL and PostgreSQL modules, a menu for selecting a specific table is shown instead.
* Added functions to ui-lib.pl for tabs and hidden table sections.
* Added support for comments to the Shorewall module, and improved logging
* The Webmin Actions Log module can now rollback selected files changed by an action, rather than all of them.
* View the detailed change log.
Version 1.320 (21 January 2007)
* Added the PHP Configuration module for managing php.ini.
* Changed the default theme for new installs to the Blue Framed theme.
* Improved handling of large file uploads so that they are no longer read into memory by Webmin webserver. Also added a progress bar window for tracking uploads.
* Added checkboxes for deleting multiple objects at once in several modules.
* Changed all rows of links (like Select all / Invert selection / Add something) to put | characters between them, to improve readability.
* Big improvements in Windows support in various modules and the Webmin core.
* Enhanced the System and Server Status module to allow monitoring of all hosts in a Webmin server group.
* View the detailed change log.
Version 1.310 (28 November 2006)
* Big improvements in Ubuntu support, including the Bootup and Shutdown module, mounting filesystems specified with the UUID syntax, and various default module config changes.
* Re-designed the Simple Blue theme to use frames.
* Added support for IPv6 addresses in modules where the underlying servers allow them.
* Supported HFS and FATX filesystems under Linux.
* MySQL backups can now be compressed with gzip or bzip2.
* Added file locking and logging to the Postfix module, and improved access control features.
* Added checkboxes and buttons for mass deletion in the Cron and DHCP modules.
* Added access control options for the Info window to the File Manager module, and a feature to allow extraction of ZIP files on the server.
* View the detailed change log.
Version 1.300 (15 September 2006)
* Fixed security holes that allow the source of Webmin programs to be viewed, and allow cross-site-scripting attacks.
* XML-RPC clients can now call Webmin API functions.
* On systems with no root password, users with sudo access can login to Webmin as root.
* Improved support for latest Debian and Fedora releases, including the new IPtables config system in Debian 3.1.
* The file manager can now extract tar.bz2 files, store a history of entered paths, and show the total size of a directory.
* The Filesystem Backup module can backup and restore TAR and dump files over FTP.
* MySQL server variables and connections can be viewed and changes.
* Table data can be sorted by clicking on headers in the MySQL and PostgreSQL modules.
* Improved support for PostgreSQL 8, including editing tables with no OID field.
* Sendmail and Postfix aliases and maps can have a comment associated with each entry.
* Squid 2.6 is now supported.
* View the detailed change log.
Version 1.290 (29 June 2006)
* Fixed a security hole that would allow a remote attacker to view any file on the system.
* Added the LDAP Client module, for setting up a Linux system to get users and groups from an LDAP server.
* Added support for sending email when a group is over quota to the Disk Quotas module.
* Several other small fixes for bugs found since 1.280.
* View the detailed change log.
Version 1.280 (16 June 2006)
* Added the Simple Blue theme, a less graphics-heavy design which may eventually become the default. This theme takes advantage of changes in many modules to use highlighting on table rows.
* Updated the Apache module to support version 2.2.0.
* Updated the various operating-specific NFS server modules to support mass deletion of exports, and to internationalize those that were using hard-coded text strings.
* Updated various modules to allow deletion of multiple objects (such as table fields, Samba shares, PostgreSQL grants, Squid ACLs and so on) at once.
* Added configuration options to the Read User Mail module for the date format, pager arrow locations, timezone and separate message window mode.
* Updated the MySQL module to support views in MySQL version 5.
* Enhanced the System and Server Status module to allow the selection of multiple hosts for each monitor, added a monitor type for testing an SQL server, and updated the Network Traffic monitor to support FreeBSD.
* Fixed a security hole that allows remote viewing of any file on the system when Webmin is run on a Windows server.
* View the detailed change log.
the pkglint warning:
As {INSTALL,DEINSTALL}_TEMPLATE is modified using "+=", its name
should indicate plural.
This does make the variables a bit more suggestive of the fact that they
hold lists of values.
running an individual module's uninstall action
* Add an DEINSTALL_TEMPLATE file that is pulled in by all wbm-* modules
that will run the module's uninstall action at DEINSTALL time.
* Fix the "time" module to ignore "sched_mode" -- verified by Jamie
Cameron on the Webmin mailing list as a bug.
* Fix the "postfix" module to remove its temp files at DEINSTALL time
so that we cleanly pkg_delete.
Bump the PKGREVISION of sysutils/webmin as well as all sysutils/wbm-*
packages that have uninstall.pl scripts.
+ Add a wbm.mk makefile fragment which can be used to create pkgsrc-managed
Webmin modules.
! Fixed a possible remotely exploitable security hole caused by a bug
Webmin's use of the Perl syslog function.
* Multiple Webmin users and groups can be deleted at once.
* The Webmin Servers Index module can automatically scan for new servers
on the local network on a regular schedule.
* The idle automatic logout time can be configured on a per-user basis
in the Webmin Users and Usermin Configuration modules.
* Increased the speed of Webmin configuration reloads done by the
Webmin Users and Webmin Configuration module. This also prevents any
down-time while the config is being re-read.
* Improved the timeout detection in HTTP requests, to reduce the ability
of incorrect or malicious clients to tie up the Webmin webserver
process.
* Enhanced the Unix User Authentication feature to allow different
users and group members to be treated as different Webmin users.
* Improved the way the OS is detected at install time, so that new
versions will be automatically supported.
* Different SSL certificates for virtual IP interfaces can be specified
in the Webmin and Usermin modules, for sites doing SSL virtual hosting.
* Fixed a nasty bug that could cause configuration file permissions
and ownership to be changed when they are modified.
* An option has been added in the Webmin Configuration module to enable
full PAM conversations when logging in. This is necessary for systems
on which PAM asks for more than just a username and password.
* All modules now use a new API for writing to configuration files,
which ensures that the file does not get written to or truncated if
the system is out of disk space.
* Added a button to the Webmin Actions Log module for rolling back
configuration files to before an action was taken.
* Password timeouts are now enabled by default, to prevent brute-force
password guessing attacks.
INSTALL/DEINSTALL script creation within pkgsrc.
If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts. If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:
INSTALL_SRC= ${PKGDIR}/INSTALL
DEINSTALL_SRC= # emtpy
As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts. By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).
In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework. The only public variables relating to the templates are:
INSTALL_SRC INSTALL_TEMPLATE
DEINSTALL_SRC DEINSTALL_TEMPLATE
HEADER_TEMPLATE
The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
include:
* Added the new Bandwidth Monitoring module, for generating simple
reports of network traffic by port, time and host on Linux systems.
* Added the Cluster Copy module, for copying files to multiple servers
either on schedule or manually.
* Added the Backup Configuration Files module, for backing up and
restoring config files known to Webmin.
* Several improvements to the Linux firewall module, including pre-
and post commands, cluster support and the ability to reset the
firewall configuration.
* Support for selecting specific MySQL and PostgreSQL tables to back
up, and improved searching in the MySQL module.
* Automatic email notification for users approaching their disk quotas.
* The timezone can now be set in the System Time module on Linux,
Solaris and FreeBSD.
* Added the new Sarg Squid access reporting module. Thanks to Omar
Armas for sponsoring its development.
* Added support for NFSv4 to the Disk and Network Filesystems module.
* In the MySQL and PostgreSQL modules, all databases can now be backed
up at once, either manually or on a configured schedule.
* Added the ability to delete multiple users at once to the Users and
Groups module.
* Added support for MD5 encryption for Webmin passwords, to avoid the
8-character effective password length limit.
* The BIND module can now create and edit delegation-only zones.
* When PAM is used for Unix authentication, expired passwords are now
detected and the user is prompted to select a new password (if this
feature is enabled on the Webmin Configuration module).
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
Webmin is a web-based interface for system administration for Unix.
Using any browser that supports tables and forms, you can setup user
accounts, Apache, DNS, file sharing and so on. Webmin consists of a
simple web server, and a number of CGI programs which directly update
system files.
