.Webmin 1.550 released, This release includes a fix for an XSS attack reported by Javier Bassi that can be triggered if un-trusted users are allowed to change the real names of Unix users on your system. It also includes support for Ubuntu’s new Upstart boot system, and several other new small features
Webmin is a web-based system configuration tool for Unix-like systems, although recent versions can also be installed and run on Windows. With it, it is possible to configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify and control open source apps, such as the Apache HTTP Server, PHP or MySQL.
- Fixed an XSS vulnerability in the Users and Groups module that can be triggered if an attacker has the ability to change the real name of a Unix user.
- Added support for the Upstart boot system, seen on Ubuntu 10 and later.
- Added the Test Zone Transfer button to the slave zone page in the BIND module, to check if zone transfers are possible or not.
- Added the Sending Email page to the Webmin Configuration module, which controls how Webmin itself sends messages.
- In the PHP Configuration module, added support for selecting the timezone on the Other Settings page, thanks to Matt Lewandowsky.
- In the DHCP module, added a Module Config option to automatically refresh the lease list every few seconds, and a link to force a manual refresh.
To install and configure Webmin, check our previous posts: