New version with CVE fixes?

[Neustradamus]

Dear all,

2023-04-21, I have done a ticket about the problem:

• New release version? #2280

In 2024, serghey-rodin has sold VestaCP to @outroll and @outrolled.

We are in 2025, always CVEs are here, no news version, etc.

It is possible to have the new version with all CVE fixes?

Of course, the OS are:

• Debian
• Ubuntu
• Fedora
• Rocky Linux / Alma Linux

Linked to:

• New release version? #2280
• Future OS Compatibility #2296
• Fulltime maintainer and community bounties - APPLY HERE #2298
• The Future of Vesta: We Are Rebuilding the Core for Vesta 2.0 #2299
• License Change: Keep GPLv3 or Change? (feedback request) #2300
• New version with CVE fixes? #2312
• Progress Update: VestaCP Entity, Funding, Fulltime Dev, and More #2315
• Is VestaCP going to be discontinued? #2321

[Neustradamus]

Dear @outroll team, @outrolled,

Any news?

Security is important!

[outrolled]

@Neustradamus we are still working on it - I am working on a migration script whilst the dev team is building the core product. The main challenge is that no one should still be using Centos 7, php 7.4 etc. The main focus on the migration is to be able to move an existing vesta setup to a new server/vps, otherwise the underlying OS/versions will negate the benefits of releasing an update to the old version of vesta.

[Neustradamus]

Nice, it will be compatible with PHP 8.4 and 8.5 Alpha 1 too?

[Neustradamus]

Dear @outrolled,

Have you progressed?

Because a lot of people migrate to another.

[Neustradamus]

Dear @outrolled,

Have you progressed?

Because a lot of people migrate to another.

[outrolled]

@Neustradamus yes, we are almost there. We are working on the final stages and expect to make the new codebase of "vestacp-lite" public in the next week or two.

[Neustradamus]

@outrolled: Thanks for your answer but why "vestacp-lite"?

[outrolled]

@Neustradamus its mostly to keep the main project separate. Vestacp-lite is a TUI (terminal UI) version of vesta, fully written in Rust, that is focused on not exposing any web interfaces etc. Vesta 2.0 is built on top of it as well, but with the web UI.
Effectively we will have a few versions of VestaCP with different features/benefits.

[Neustradamus]

@outrolled: "lite" is not good in the name...

[outrolled]

@Neustradamus agreed, we will likely rename it before releasing it. Thanks for the feedback!

[robsonek]

I suggest naming the tool vestacp-cli - clear, simple, and consistent. What do you think @outrolled?

[outrolled]

@robsonek Yeah, we are thinking of vestacp-cli or vestacp-tui

[robsonek]

@outrolled The name "vestacp-tui" reminds me of TUI Group (https://en.wikipedia.org/wiki/TUI_Group), one of the world's largest travel and tourism companies.

[outrolled]

@robsonek This is the first time I heard about them (I'm based in Australia). I think technically TUI is better than CLI, as the new version is a Terminal User Interface rather than a CLI (e.g. there are no commands to pass to it). Maybe vestacp-terminal is less confusing?