Security 10816 Published by

ConfigServer has released a new version of their csf Linux firewall



Changes:

Improvement to dovecot account name sanitisation checks in lfd
Modified cronjobs for new installs to be compatible with anacron
Added new option CLUSTER_BLOCK which is enabled by default. This allows you to disable automatic sharing of lfd blocks around a csf cluster, e.g. if you only wish to use the CLUSTER option to share settings and manual blocks and allows
Added new option RT_ACTION. If an RT_* event is triggered, then if RT_ACTION contains the path to a script, it will be run in a child process and be passed a list of items (see csf.conf - for cPanel and DA only)
Fix to DYNDNS Advanced Allow/Deny Filters using pipe separator
Set permissions to 700 on *.sh, *.pl and *.php in /etc/csf/ instead of a blanket 600 of non-csf scripts
  csf 5.34 released