Server Software and Configuration Services
New csf v2.68 – Major Security Fix
Changes:
- Security Fix – If you have LF_DIRWATCH_DISABLE on then this can lead to arbitray code being executed in the context of the user running lfd, i.e. root. This option has been disabled in the code until further notice. You will have to manually remove any reported files.
- Tightened csf file ownerships on installation
*ALL INSTALLATIONS SHOULD BE UPGRADED ASAP TO AVOID POTENTIAL EXPLOITATION*You can upgrade csf either through WHM or from the root shell using:
csf -u