Server Software Update Notification: 03-11-2012

This notice contains information for the group of server updates (or dist) occurring March 12, 2012 through March 14, 2012 in all datacenters. Until that time, all of the information included in this document is subject to change.

Important updates in this Notification:

The following updates affect popular or important services and programs:

• MySQL (Linux and v3)
• PHP (Linux and v3)
• phpMyAdmin (Linux and v3)
• cURL (Linux)
• ProFTPD (Linux and v3)
• OpenSSH (Linux and v3)
• OpenSSL (v3)

Linux MPS/VPS

The following updates will be made to the Linux VPS/MPS platform.

Important services to be restarted:

The following services will be restarted by Verio as part of the update:

• None

Possible Action Needed

The following Linux VPS/MPS updates may require additional attention or action to take advantage of the full benefits of the update. Any possible actions are listed at the end of the individual update information.

MySQL-5.5.20

The vinstall for MySQL5.5 will be upgraded to version 5.5.20.

To upgrade existing installations of MySQL5.5, connect to your server through SSH and execute the following from the command prompt:

# vinstall mysql5.5

MySQL-5.1.61

The vinstall for MySQL5.1 will be upgraded to version 5.1.61.

To upgrade existing installations of MySQL5.1, connect to your server through SSH and execute the following from the command prompt:

# vinstall mysql5.1

PHP-5.3.10

The vinstall for PHP5 will be upgraded to version 5.3.10 to address the security vulnerability (CVE-2012-0830) discussed here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0830

To upgrade existing installations of PHP5, connect to your server through SSH and execute the following from the command prompt:

# vinstall php5.3

phpMyAdmin-3.4.9

The vinstall for phpMyAdmin will be upgraded to version 3.4.9.

To upgrade existing installations of phpMyAdmin, connect to your server through SSH and execute the following from the command prompt:

# vinstall phpmyadmin

No Action Needed

The following Linux VPS/MPS updates do not require action by customers to take advantage of the full benefits of the update. Some services may be rebooted as part of the update.

CPX

CPX will be updated to remove the telnet service from the Managed Services list.

OpenSSH-5.9p1

OpenSSH will be upgraded to version 5.9p1.

proftpd-1.3.4a

ProFTPd will be upgraded to version 1.3.4a.

cURL-7.23.1

cURL will be upgraded to version 7.23.1. In addition, libcurl and libcurl-devel will be upgraded to version 7.23.1.

nspr-4.8.8-1

nspr will be upgraded to version 4.8.8-1. In addition, nspr-devel will be upgraded to version 4.8.8-1.

nss-3.12.10-4

nss will be upgraded to version 3.12.10-4. In addition, nss-devel will be upgraded to 3.12.10-4.

FreeBSD MPS/VPS v3

The following updates will be made to the FreeBSD VPS/MPS v3 platform.

Important services to be restarted:

The following services will be restarted by Verio as part of the update:

• None

Possible Action Needed

The following VPS/MPS v3 updates may require additional attention or action to take advantage of the full benefits of the update. Any possible actions are listed at the end of the individual update information.

MySQL-5.5.20

The vinstall for MySQL5.5 will be upgraded to version 5.5.20.

 

To upgrade existing installations of MySQL5.5, connect to your server through SSH and execute the following from the command prompt:

# vinstall mysql5.5

MySQL-5.1.61

The vinstall for MySQL5.1 will be upgraded to version 5.1.61.

To upgrade existing installations of MySQL5.1, connect to your server through SSH and execute the following from the command prompt:

# vinstall mysql5.1

PHP-5.3.10

The vinstall for PHP5 will be upgraded to version 5.3.10 to address the security vulnerability (CVE-2012-0830) discussed here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0830

To upgrade existing installations of PHP5, connect to your server through SSH and execute the following from the command prompt:

# vinstall php5.3

phpMyAdmin-3.4.9

The vinstall for phpMyAdmin will be upgraded to version 3.4.9.

To upgrade existing installations of phpMyAdmin, connect to your server through SSH and execute the following from the command prompt:

# vinstall phpmyadmin

No Action Needed

The following VPS/MPS v3 updates do not require action by customers to take advantage of the full benefits of the update. Some services may be rebooted as part of the update.

telnetd

For security reasons, telnet was previously disabled within the server configuration. Now telnetd will be removed from the server and will no longer be supported. Please consider using a secure remote connection such as SSH.

CPX

CPX will be updated to remove the telnet service from the Managed Services list.

OpenSSL-1.0.0g

OpenSSL will be upgraded to version 1.0.0g.

OpenSSH-5.9p1

OpenSSH will be upgraded to version 5.9p1.

proftpd-1.3.4a

ProFTPd will be upgraded to version 1.3.4a.

sudo-1.8.3_2

Sudo will be upgraded to version 1.8.3_2 to address the security vulnerability (CVE-2012-0809) discussed here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0809

FreeType2-2.4.7

FreeType2 will be upgraded to version 2.4.7 to address the security vulnerability (CVE-2011-3256) discussed here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3256

FreeBSD MPS/VPS v2

The following updates will be made to the FreeBSD VPS/MPS v2 platform.

Important services to be restarted:

The following services will be restarted by Verio as part of the update:

• None

No Action Needed

The following VPS/MPS v2 updates do not require action by customers to take advantage of the full benefits of the update. Some services may be rebooted as part of the update.

telnetd

For security reasons, telnet was previously disabled within the server configuration. Now telnetd will be removed from the server and will no longer be supported. Please consider using a secure remote connection such as SSH.

CPX

CPX will be updated to remove the telnet service option from the Managed Services list.