Security vulnerability warning

Raphael (atomo64) today posted a security vulnerability in our bug tracker.

We implemented as soon as possible a fix to solve this vulnerability.

As a result you can download the new release candidate RC2b.  For fixing only the critical security bug, there is a patch available.

With the next command you can install the patch:

patch -cl -d /var/www/ispcp < /path/to/ispcp-omega-1.0.0-rc2-security-patch.txt

To manually fix the security bug add the following line above in the file /var/www/ispcp/gui/include/sql.php immediately below the commented text (around line 20):

$include_path = realpath(dirname(__FILE__));

We thank Raphael to reporting this security bug and we hope everyone using ispCP Omega will patch this bug.  To stay informed about security bugs and new releases, subscribe to our announce mailinglist .