[solved] Is Litespeed vulnerable?

Discussion in 'General' started by bettinz, Jun 7, 2014.

  1. bettinz

    bettinz Member

  2. cornish

    cornish Member

    Hi yes it does say vulnerable, just tested all ours with Litespeed on,

    But ones without are fine.
  3. NiteWave

    NiteWave Administrator

    please force-reinstall 4.2.12 to latest and test again.
    4.2.12 already build with OpenSSL 1.0.1h, and should be ok.
  4. bettinz

    bettinz Member

    Yes, I can confirm now it's not vulnerable. Sorry for the mistake
  5. cornish

    cornish Member

    And me mine are still 4.2.11 not had any notification of an update, how do i update to version 4.2.12
  6. bettinz

    bettinz Member

    4.2.12 is still in "beta" I think, but it seem stable for production for me. Run this:
    /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.12
    and you'll update to 4.2.12 ;)
  7. cornish

    cornish Member

    Do you know when it will be available to update, don't really want to update if its not full release just incase of problems.
  8. bettinz

    bettinz Member

    I don't work for Litespeed and I don't know, I'm sorry :( wait a reply from someone at Litespeed :)
  9. cornish

    cornish Member

    ok thanks
  10. NiteWave

    NiteWave Administrator

    Hi, 4.2.12 is quite stable now. it's pretty safe to upgrade to 4.2.12 now

    and it's easy to switch back to precvious version --- when updage, previous versions still there.
    just one click to switch between versions:
    lsws webadmin -> Actions -> Version Manager
  11. cornish

    cornish Member

    And do i upgrade like the post above said ?
  12. NiteWave

    NiteWave Administrator

    yes. that's the command line method.
    when 4.2.12 is officially released, you can upgrade at lsws web admin "Version Manager" as well.
    command line method is more flexible and GUI mode is easier to use.
  13. cornish

    cornish Member

    Thanks when will it be released ?
  14. NiteWave

    NiteWave Administrator

    maybe tomorrow (Monday at EDT time) if no unexpected bug report (4.2.12 are running on some production servers for a while)
  15. cornish

    cornish Member

    Ok thanks will wait a few days,
  16. 3245

    3245 Member

    Hello,
    Thank you for update, http://www.webhostingtalk.com/showthread.php?p=9139454

    it is possible let us know which files are affected (upgraded) after update exactly??

    it is fine for Administrator's for check if anything is wrong.

    Please tell us directory and file exactly.
    Last edited: Jun 8, 2014
  17. NiteWave

    NiteWave Administrator

    Dear 3245,

    it's the main litespeed binary, e.g., lshttpd.4.2.12
    nulled lshttpd (all has been found before version 4.0.1) has no way update unless the nulled binary(e.g., lshttpd.4.0.1) is replaced.
  18. Michael

    Michael Administrator Staff Member

    For those of you that were waiting, 4.2.12 has been officially released now. The easiest way to upgrade is to use the lsup script:

    /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.12

Share This Page