Server Backup Manager 5.8.1 - Cleaning up after POODLE

Posted by Ben Austin on Oct 29, 2014 8:30:00 AM

R1Soft-product-update-poodle

We are pleased to announce that Server Backup Manager 5.8.1 is now available. This hotfix release addresses two security vulnerabilities in the product, including the recently discovered SSL POODLE exploit

In case you missed it, the Web erupted two weeks ago with the news that a major vulnerability had been found in SSL v3.0. The vulnerability, commonly referred to as POODLE, is a design flaw resulting from the way blocks of data are encrypted under a specific type of algorithm within the SSL protocol. Exploiting this vulnerability could give an attacker access to the data passed within the encrypted Web session, including passwords, cookies, etc.

This release resolves the POODLE vulnerability in Server Backup Manager 5.8.0 and earlier. The fix does convert SSL v3 to TLS, so please make sure to check client libraries for compatibility prior to upgrading.

The other vulnerability that has been fixed with this latest release is an issue that opened up the possibility for client-side cookie manipulation. While this was not a vulnerability that put user data in jeopardy, it's an important issue that our friends at Rack911 initially pointed out to us.

Below you'll find a few of the other issues we were able to fix in 5.8.1. To get all of the in-depth details about this release, take a look at our Server Backup Manager 5.8.1 Release Notes.

Other Key Fixes

Support for Flashcache

This release resolves an issue with 5.8.0, which prevents successful backup on systems utilizing Flashcache and introduces official support for Flashcache.

Change tracking of Parallels Cloud Server Ploop disk loopback devices 

We resolved an issue in Server Backup Manager 5.8.0 and earlier where change tracking could be lost for ploop devices with 64-bit major/minor device numbers.   

Backups failing for OpenVZ cPanel and DirectAdmin instances

Server Backup Manager 5.8.1 now allows override of the VZ paths so that backups will work properly.

Cannot delete user

Resolves an issue with 5.8.0 which prevents deletion of users with reports.

Scheduled Task Reports fail to execute

Resolves an issue with Server Backup Manager which prevents scheduled task reports from executing after upgrade to 5.8.0.

Ext4 file restore 

Resolves an issue with Server Backup Manager 5.8.0 and earlier that could prevent file restores for ext4 file systems in some cases.

 

You can download the latest version of R1Soft Server Backup Manager by logging into download.r1soft.com and selecting the “Downloads” link at the top of the page. While you're at it, feel free to head over to our forum to participate in the community and trade tips and tricks with fellow Server Backup Manager users.

Not currently using R1Soft Server Backup Manager? Well, here's your chance to give it a shot:

Start a trial ▸

 

See also:

Find me on:

Topics: Product Update

Recent Posts

Posts by Topic

see all