Important Security Issues?

[soap]

Hello,

i want to ask you guys... if its possible to explain what exactly this security holes are? and why we have no updates since that...

http://www.webhostingtalk.com/showthread.php?t=1464414

[gemuruhco]

yeah im looking into this too

[MarkDark]

How tired of all these freaks babble about security !!!
Read the terms use panel SENTORA or ZPANEL

GPL v3

15. Disclaimer of Warranty.

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

[soap]

i want to ask u guys.. are these security issues important if a user have accenss in the server or also from outside? because i m the only one who has access in my server.

thank you

[TGates]

They seem to be having issues with their server today, I can't view the thread you posted or pretty much abything on their forums right now.

[Ron-e]

it's the same forum post as spoken of in this thread -> http://forums.sentora.org/showthread.php?tid=1289

[TGates]

Thanks Rone-e for finding that link.

It is an outdated/no longer used file:

With regards to the above post and the 'issues' with the inline variables - that was originally intended to automatically update the DB schema based on class properties etc. called from ZPPY during system upgrades of ZPanel - Like in an active record style system, this can be removed now as it's never called and the fact that that inline variables are not bound was obviously missed from when Kevin implemented the PDO and prepared statements but is irrelevant anyway given that the code is never executed and the class is now deprecated.

Found in this reply: http://forums.sentora.org/showthread.php...97#pid8497

Therefore, this should no longer be an issue.

[soap]

Thanks Rone-e for finding that link.

It is an outdated/no longer used file:

With regards to the above post and the 'issues' with the inline variables - that was originally intended to automatically update the DB schema based on class properties etc. called from ZPPY during system upgrades of ZPanel - Like in an active record style system, this can be removed now as it's never called and the fact that that inline variables are not bound was obviously missed from when Kevin implemented the PDO and prepared statements but is irrelevant anyway given that the code is never executed and the class is now deprecated.

Found in this reply: http://forums.sentora.org/showthread.php...97#pid8497

Therefore, this should no longer be an issue.

thank u tgates.. when will come a new update out?

this is the best cp-panel ... i hope it will be nice in security also the best... try to go forward

[TGates]

I'm am hoping we can get an update patch ready to go within a couple weeks. There have been a lot of bug fixes and tweaks merged and others are being worked on as we speak.

We still need to sort out the upgrade (ZP-Sentora) scripts and the Sentora update scripts.

An exact time is not yet available

[zustudios]

I'm am hoping we can get an update patch ready to go within a couple weeks. There have been a lot of bug fixes and tweaks merged and others are being worked on as we speak.

We still need to sort out the upgrade (ZP-Sentora) scripts and the Sentora update scripts.

An exact time is not yet available

Is this true or have this issue been fixed?



http://www.dailymotion.com/video/x2xzlqp