AI-Bolit security issue
Recently two bugs - DEF-18045 and DEF-17281 were discovered in the AI-Bolit shipped with Imunify products. It could potentially cause arbitrary command execution, so we made sure to fix it promptly.
The affected versions of AI-Bolit are:
- 30.8.8-1
- 30.8.9-1
- 30.10.3-1
- 31.0.3-1
- 31.1.1-1
The version of AI-Bolit 31.1.2-1 that comes with the ImunifyAV/Imunify360 5.11.3 has the bugs fixed. ImunifyAV/Imunify360 updates automatically once a day by default and you may have an unaffected version already installed on your server.
However, If you are running an ImunifyAV/Imunify360 version prior to 5.11.3 - please, make sure to update as soon as possible.
If you have updated to 5.11.3 version or higher - no action is needed.
How to check the version
To check the version you have, please access to Imunify360 agent features from command-line interface (CLI), and use the following command:
imunify360-agent version
As an alternative you can observe upper left corner of the Imunify360 interface:
How to upgrade
To upgrade Imunify360, you can use the update script by running the following commands:
wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh -O imunify-force-update.sh ; bash imunify-force-update.sh
For the regular and safe update to new Imunify360 versions with a gradual rollout:
CentOS/CloudLinux systems:
yum update imunify360-firewall
Ubuntu 16.04, 18.04, and 20.04 systems:
apt-get update
apt-get install --only-upgrade imunify360-firewall
Debian 9 and 10 systems:
apt-get update
apt-get install --only-upgrade imunify360-firewall
ImunifyAV for Plesk
The unaffected version of ImunifyAV for Plesk can be downloaded here. By default, the updates are performed regularly and automatically.
ImunifyAV for ISPManager
ImunifyAV for ISPManager is set with auto updates as well. Once a day the script runs a check for the new version and if the new version is available - it is then installed automatically.