Announcing:
LiteSpeed Web Server v5.4.12
In this release: Security improvements, bug fixes, and more!
RELEASE LOG:
[Security] Fix a bug that allowed bypassing of built-in blocked URLs.
[Security] Block improperly configured user/group and commands for external apps.
[Feature] Auto white list QUIC.cloud IPs.
[Bug Fix] Address content corruption for ESI includes.
[Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.
[Bug Fix] Add SSL OCSP stapling for redis dynamic vhosts.
[Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.
[Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.
[Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
[Bug Fix] Improve NodeJS application compatibility.
[Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
[Bug Fix] Improve mod_security variables handling.
[Bug Fix] Improve reCAPTCHA verification protection.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
Cheers!
LiteSpeed Web Server v5.4.12
In this release: Security improvements, bug fixes, and more!
RELEASE LOG:
[Security] Fix a bug that allowed bypassing of built-in blocked URLs.
[Security] Block improperly configured user/group and commands for external apps.
[Feature] Auto white list QUIC.cloud IPs.
[Bug Fix] Address content corruption for ESI includes.
[Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.
[Bug Fix] Add SSL OCSP stapling for redis dynamic vhosts.
[Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.
[Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.
[Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
[Bug Fix] Improve NodeJS application compatibility.
[Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
[Bug Fix] Improve mod_security variables handling.
[Bug Fix] Improve reCAPTCHA verification protection.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
/usr/local/lsws/admin/misc/lsup.sh -f -v 5.4.12
Cheers!