New release of webmin, 1.840, is ready. Would love to see it included in MGA6.
Assigning to all packagers as webmin currently doesn't have a registered maintainer.
Assignee: bugsquad => pkg-bugs
Updated in Cauldron by David Walser.
Resolution: (none) => FIXEDAssignee: pkg-bugs => luigiwalserStatus: NEW => RESOLVED
Thanks. I'll update in Mageia 5 as well due to the security fixes. webmin-1.840-1.mga5 has been pushed to updates_testing. I will post an advisory when the upstream changelog has been updated: http://www.webmin.com/changes.html
Resolution: FIXED => (none)Status: RESOLVED => REOPENEDAssignee: luigiwalser => qa-bugsVersion: Cauldron => 5
Webmin changelog has been updated for version 1.840.
Advisory: ======================== Updated webmin package fixes security vulnerabilities: The webmin package has been updated to version 1.840, which fixes cross-site scripting (XSS) issues, and has other bug fixes and enhancements. See the upstream release announcements and change log for details. References: http://www.webmin.com/ http://www.webmin.com/changes.html ======================== Updated packages in core/updates_testing: ======================== webmin-1.840-1.mga5 from webmin-1.840-1.mga5.src.rpm
CC: (none) => luigiwalser
In VirtualBox, M5.1, KDE, 64-bit Package(s) under test: webmin default install of webmin [root@localhost wilcal]# urpmi webmin Package webmin-1.831-1.mga5.noarch is already installed webmin is accessible at: https://localhost:10000/ I can view the Hardware -> Partitions on Local Disks I can view Servers -> Apache/ProFTPD/SSH I can access webmin and do the same from another M5 system on the LAN at: https://192.168.1.138:10000/ Main page is displaying: Webmin version 1.840 is now available, but you are running version 1.831 install webmin from updates_testing stop and restart webmin [root@localhost wilcal]# urpmi webmin Package webmin-1.840-1.mga5.noarch is already installed webmin is accessible at: https://localhost:10000/ I can view the Hardware -> Partitions on Local Disks I can view Servers -> Apache/ProFTPD/SSH I can access webmin and do the same from another M5 system on the LAN at: https://192.168.1.138:10000/ Main page no longer displays new version message. Main page indicates you are using Webmin version 1.840
CC: (none) => wilcal.int
Whiteboard: (none) => MGA5-64-OK
In VirtualBox, M5.1, KDE, 32-bit Package(s) under test: webmin default install of webmin [root@localhost wilcal]# urpmi webmin Package webmin-1.831-1.mga5.noarch is already installed webmin is accessible at: https://localhost:10000/ I can view the Hardware -> Partitions on Local Disks I can view Servers -> Apache/ProFTPD/SSH I can access webmin and do the same from another M5 system on the LAN at: https://192.168.1.137:10000/ Main page is displaying: Webmin version 1.840 is now available, but you are running version 1.831 install webmin from updates_testing stop and restart webmin [root@localhost wilcal]# urpmi webmin Package webmin-1.840-1.mga5.noarch is already installed webmin is accessible at: https://localhost:10000/ I can view the Hardware -> Partitions on Local Disks I can view Servers -> Apache/ProFTPD/SSH I can access webmin and do the same from another M5 system on the LAN at: https://192.168.1.137:10000/ Main page no longer displays new version message. Main page indicates you are using Webmin version 1.840
Whiteboard: MGA5-64-OK => MGA5-32-OK MGA5-64-OK
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
(In reply to William Kenney from comment #6) > Main page is displaying: > Webmin version 1.840 is now available, but you are running version 1.831 Thanks for pointing that out. I am pretty sure I had had that disabled, but the code changes upstream probably allowed it to slip back through at some point. I committed a change that should fix it, but I won't hold this update for it; it'll be included in the next update.
Component: RPM Packages => Security
Whiteboard: MGA5-32-OK MGA5-64-OK => MGA5-32-OK MGA5-64-OK advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0142.html
Resolution: (none) => FIXEDStatus: REOPENED => RESOLVED