Atualização de segurança do WHMCS
No último dia 23, recebi um e-mail da WHMCS avisando sobre mais um update de segurança importante que deve ser feito em praticamente todas as versões do seu gerenciador financeiro. É muito importante que vocês façam a atualização para manterem seu WHMCS seguro e sua empresa de hospedagem de site livre de problemas.
Veja abaixo a íntegra do e-mail recebido da WHMCS que contém as instruções de como efetuar o upgrade.
========================================
WHMCS Security Advisory for 4.x, 5.0, 5.1
http://blog.whmcs.com/?t=72051
========================================WHMCS has released new patches for the 4 series, 5.0 and 5.1 minor releases. These updates provide targeted changes to address security concerns with the WHMCS product. If you are not running the WHMCS 5.2, you are highly encouraged to update immediately.
WHMCS has rated these updates as including critical or important security impacts. Information on security ratings is available at http://docs.whmcs.com/Security_Levels
++++++++++++
Releases
++++++++++++
The following full-release version of WHMCS have been published and address all known vulnerabilities: 5.1.6The latest public releases of WHMCS are available inside our members area at https://www.whmcs.com/members/clientarea.php
++++++++++++++++++++++++++++++++++++
Security Issue Information
++++++++++++++++++++++++++++++++++++
The resolved security issue was identified by Dinesh Kumar Mohanty of Ultra Web Solutions Private Limited, India. There is no reason to believe that these vulnerabilities are known to the public. As such, WHMCS will only release limited information regarding the vulnerabilities at this time.Once sufficient time has passed to allow WHMCS customers to update their installed software, WHMCS will release additional information regarding the nature of the security issue. These Targeted Security Releases and Patches address 1 vulnerability in WHMCS version 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 5.0, and 5.1. Additional, supplemental information is scheduled to be released May 28th, 2013.
++++++++++++
Mitigation
++++++++++++——————
WHMCS Version 4.x
——————
Download and apply the appropriate patch files to protect against these vulnerabilities.Patch files for affected versions of the 4.x series are located on the WHMCS site as itemized below.
4.0 series: http://www.whmcs.com/download/258/v403patch
4.1 series: http://www.whmcs.com/download/262/v413patch
4.2 series: http://www.whmcs.com/download/266/v422patch
4.3 series: http://www.whmcs.com/download/270/v432patch
4.4 series: http://www.whmcs.com/download/274/v443patch
4.5 series: http://www.whmcs.com/download/278/v454patchTo apply the patch, simply download the appropriate patch file specific to the WHMCS version you are running, extract the contents, and upload the files from the /whmcs/ folder to your installation.
No install or upgrade process is required.
——————
WHMCS Version 5.x
——————
Download and apply the appropriate full-version or patch of WHMCS to protect against these vulnerabilities.Full-version and patches for the affected version of the 5.x series are located in the WHMCS members area download section, under your license details.
v5.0.5 (patch only)
v5.1.6 (full-version and patch)When updating from v5.0.4 or v5.1.5, the upgrade process is not required. To apply the full-version or patch, simply download the appropriate file specific to the WHMCS version you are running, extract the contents, and upload the files from the /whmcs/ folder to your installation.
============================================================
WHMCS Limited
www.whmcs.com– Support: http://support.whmcs.com/
– Documentation: http://docs.whmcs.com/
– Members Area: http://www.whmcs.com/members/
Qualquer dúvida deixem nos comentários que tentarei ajudar no que for possível!