Recent content by prprtl

The Plesk database ("psa") has some InnoDB tables without primary key. This is bad for performance, and incompatible with multi-master replication. It needs fixing. - psa.BackupsSettings - psa.SBConfig -...

Thank you for triaging this issue. Awaiting your follow-up.

You stated that Plesk 12.5 was out-dated and that I should expect no updates. You also directed me to a hacky script to compile bleeding edge versions of software. I hope you can see why I am disappointed with your replies. As stated very simply, Plesk 12.5 distributes a two year old insecure...

As stated in the original post. The bundled version of Nginx 1.11.1 with Plesk 12.5 contains known serious bugs and vulnerability CVE-2017-7529. You should update the bundled version to a supported version. You suggested that Plesk 12.5 is not supported anymore. That is false. Plesk 12.5 is...

That is an unexpected answer. Plesk 12.5 is still supported. This is a security vulnerability.

Plesk 12.5 is still using an older version. # plesk version Product version: 12.5.30 Update #75 Update date: 2018/04/17 23:42 Build date: 2016/06/08 10:00 OS version: CentOS 7.4.1708 Revision: 344620 Architecture: 64-bit Wrapper version: 1.2 # nginx -V nginx version...

Update for the LTS 1.2 version is now also available with the fixes. See roundcube/roundcubemail

The Nginx version that is bundled with Plesk is the very out-dated 1.11.1 (31 May 2016) and needs updating for fixes for vulnerability CVE-2017-7529 and a long list of bugs. See https://talk.plesk.com/forums/plesk-suggestions-and-feedback.676/create-thread Recommended is updating to the latest...

Yesterday Roundcube 1.3.6 was released with an important security update. Plesk, please update your included Roundcube packages for Plesk 12.5 and Onyx. Currently you are providing an insecure version of Roundcube bundled with Plesk. From roundcube/roundcubemail This is a security update to...

The reason for the error is that the content that the Plesk software places in /etc/php-fpm.d/www.conf is using the wrong prefix # for comments. The # character should be replaced by a semi-colon ; (You can change the contents of this file, but ultimately this is a bug that should be fixed by...

TITLE: Roundcube security updates 1.3.3, 1.2.7 and 1.1.10 released PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE: Plesk all versions PROBLEM DESCRIPTION: Important security updates are released for Roundcube. Plesk should update their packages as well. Exploits are already seen in the wild...

I have the same issue. Running "/usr/local/psa/bin/php_settings -u" on Plesk 12.5 will take several minutes and causes intermittent downtime for PHP websites.

Plesk contains phpMyAdmin and for updates of the integrated phpMyAdmin we have to rely on Plesk. Plesk 12.5 is currently distributed with a buggy version of phpMyAdmin. Please update phpMyAdmin to 4.6.5.2 due to bug in 4.6.5.1. 4.6.5.2 fixes an issue with exporting certain character sequences...

@IgorG: the KB article is about the paid Atomic ruleset, but the issue is regarding the free Atomic Basic ModSecurity ruleset.

Any update on this?