Announcing:
LiteSpeed Web Server v6.3.1
In this release: built-in mitigation for recent LSCache WordPress vulnerability, bug fixes, and more!
RELEASE LOG:
[Security] Block the "litespeed_role" cookie to shield LSCWP from potential brute force attempts.
[New Feature] Add "no-lscache" environment variable to allow the lscache engine to be disabled at the request level.
[New Feature] Load trusted IPs/subnets from standalone list "$SERVER_ROOT/conf/trusted-ip-list".
[Bug Fix] Address compatibility issues with Ruby 3.3 applications.
[Bug Fix] Make RackRunner.rb compatible with Rails 7.2.
[Bug Fix] Minor bug fixes.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command: `/usr/local/lsws/admin/misc/lsup.sh -f -v 6.3.1`
Cheers!
Wednesday, August 28, 2024