Webmin 1.500 and Usermin 1.430 released

Howdy all,

I’ve rolled out Webmin 1.500 and Usermin 1.430 to all repositories.

Changes in Webmin since 1.490:

  • Fixed an XSS security hole that could be used to capture session cookies, found by Ryan Giobbi.
  • Added the Software Package Updates module, for installing new packages from YUM or APT.
  • Updated the default system information page to show available packages, and added a page to the Webmin Configuration module to collect this information in the background.
  • Added logging to the Scheduled Commands module.
  • Fixed editing of the fileset exclude list and adding volume labelling support to the Bacula module.
  • Improved Postfix TLS support, fixed the config file parser, and added protection against incorrect map entry deletion.
  • Added a status monitoring for detecting large directories, and a button for refreshing just selected monitors.
  • Added support for the rsyslog IncludeConfig directive in the System Logs module, used by default on Ubuntu 9.

A detailed change log can be found Webmin.com.

Changes in Usermin since 1.420:

  • Autoreply messages starting with or will now be sent using the text/html MIME type.
  • Removed limits on the size of an address book group.
  • Put text/plain alternative body part before text/html, to be compliant with RFC 2046.

Because the Webmin update includes a security fix, everyone should upgrade to the latest version as soon as possible.

As always, if you run into any problems let us know in the ticket tracker.