« Changelog History


Webmin v1.150 Release Notes

    • ⚡️ Updated the setup.sh script to use MD5 password encryption by default, on systems where Perl supports it.
    • 🛠 Fixed a security hole in the maketemp.pl script, used to create the /tmp/.webmin directory at install time. If an un-trusted user creates this directory before Webmin is installed, he could create in it a symbolic link pointing to a critical file on the system, which would be overwritten when Webmin writes to the link filename (CVE bug CAN-2004-0559).
    • 🔧 When PAM is used for Unix authentication, expired passwords are now detected and the user is prompted to select a new password (if this feature is enabled on the Webmin Configuration module).
    • 💻 Make all functions in ui-lib.pl themable, allowing themes to have more detailed control over modules that make use of this library.
    • 🖨 Updated all modules to call ui_print_header instead of calling header and printing <hr>, so that themes can avoid the <hr>. Also updated the MSC theme to do this.