cPanel / WHM

EasyApache 3 October 2017 Maintenance Release

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on October 3, 2017, with Ruby 2.4.2. This release addresses vulnerabilities related to CVE-2017-0898, CVE-2017-10784, CVE-2017-14033, and CVE-2017-14064. We strongly encourage all Ruby users to upgrade to version 2.4.2. AFFECTED VERSIONS All versions of RubyGems through 2.4.1 SECURITY RATING The …

EasyApache 3 October 2017 Maintenance Release Read More »

cPanel TSR-2017-0005 Full Disclosure

cPanel TSR-2017-0005 Full Disclosure SEC-276 Summary SQL injection in eximstats processing. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Description When processing eximstats updates in buffered mode, errors in the SQL operations cause the updates to be reprocessed one statement at a time. The logic …

cPanel TSR-2017-0005 Full Disclosure Read More »

EasyApache Sept 6 2017 Maintenance Release

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on September 6, 2017, with PHP versions 7.0.23 and 7.1.9 and RubyGems 2.6.13. This release addresses vulnerabilities related to CVE-2017-12932, CVE-2017-0902, CVE-2017-0899, CVE-2017-0900, and CVE-2017-0901. We strongly encourage all all PHP 7.0 users to upgrade to version 7.0.23, all PHP …

EasyApache Sept 6 2017 Maintenance Release Read More »