Recently I’ve brought my own dedicated Linux server online, which has opened me up to a whole new world of technological problems that I had previously left to others to worry about. One of these problems is security. On November 29th, DYAD Security released an advisory regarding a exploit for the Webmin package. Happily, the Webmin folks were quick to patch it, releasing version 1.250 on November 30th. But what does one do if he has an older version? Upgrade.
Contrary to popular belief, the Linux intelligentsia are actually correct in their statements that it can be easy to set things up. Sometimes. To my surprise, this is one such instance:
Log into your webmin interface as root. By default this will put you into the Webmin category. Follow the link to “Webmin Configuration.”
In the Webmin Configuration page, follow the link to “Webmin Upgrade.”
You can be a Linux badass and upload your own copy of the RPM, or you could be a hardcore pencilneck and rebuild it from source. Personally, I clicked the “Upgrade Webmin” button.
Depending on the speed of your upstream connection, as well as the load on Webmin’s Sourceforge peers, it can take several minutes for the download to complete. The current version, 1.250, is only 9.02 megabytes in size (RPM version), but on the day or so after a bug-fix like this, don’t expect your 100Mbps connection to top off. The update runs itself all the way to completion by itself, and does not require you to restart anything manually.