Hestia Control Panel v1.4.13 Release Notes
-
๐ Features
- โฌ๏ธ Introduce UPGRADE_MESSAGE variable to support custom messages in e-mail upgrade notification.
๐ Bugfixes
- ๐ Improve the hostname check to prevent invalid hostnames or the use of an ip address (RFC1178).
- Prevent CSRF from other domains / websites
- ๐ Fix #2096 Hostname SSL got overwritten by mail.hostname.com certificate
- โ Add small wait for /usr/bin/iptables-restore Forum + Fixed v-add-firewall / v-delete-firewall function (#2112) @myrevery
- ๐ Fix bug in v-change-sys-api. When using v-change-sys-api remove and then v-change-sys-api enable + custom release branch the resetting of api failed + no "error" output was producted
- ๐ Improve error reporting PMA Single sign on function function
- ๐ Fixed an issue in v-change-web-domain-name where webserserver where not able to start because old config files where not propperly deleted #2104
- ๐ Fixed potential XSS vulnerability in /list/keys/ @wtwwer Disclosure
- โ Removed /edit/file as it has been replaced by Filegator and part of the old Vesta Filemanager
- ๐ Fixed potential External control / path vulnerability in /add/package @wtwwer Disclosure
- โ Add extra checks to prevent type juggling @vikychoi Disclosure
- ๐ Improved and updated some missing translation strings @myrevery
- ๐ Sync translations with Github