Page 1 of 1

Litespeed Security Update released

Posted: Fri Jul 10, 2015 8:17 am
by Edward
An update for LiteSpeed 4 & 5 was just released to address a security vulnerability within OpenSSL (CVE-2015-1793)
and it is recommended that you update as soon as possible.

These update version is not there is litespeed plugin interface in cpanel and have to do manually.

You can update the version in cpanel servers using a single command

# /usr/local/lsws/admin/misc/lsup.sh -f -v 5.0.2

# /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.24

Please get this upgraded asap

Features and changes
=================
LSWS 5.0.2 7-9-2015 Feature improvements and bug fixes

Updated OpenSSL to 1.0.2d to address (CVE-2015-1793).
Improved HTTP/2 implemenation.
Improved mod_security engine to work better with OWASP core rule set.
Improved compatibility with Plesk 12 control panel.
Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.

LSWS 4.2.24 7-9-2015 Feature improvements and bug fixes

Updated OpenSSL to 1.0.1p to address (CVE-2015-1793).
Improved mod_security engine to work better with OWASP core rule set.
Improved compatibility with Plesk 12 control panel.
Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.