Howdy all,
There’s been a security bugfix release of the Virtualmin virtual-server module. The bug allowed virtual server owner account holders to see the contents of privileged files.
The bug has not been disclosed publicly and is not remotely exploitable without a user account, but this upgrade is recommended for everyone, immediately.
Thanks to Greg Clarkson for bringing this bug to our attention.