Products

EasyApache Sept 6 2017 Maintenance Release

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on September 6, 2017, with PHP versions 7.0.23 and 7.1.9 and RubyGems 2.6.13. This release addresses vulnerabilities related to CVE-2017-12932, CVE-2017-0902, CVE-2017-0899, CVE-2017-0900, and CVE-2017-0901. We strongly encourage all all PHP 7.0 users to upgrade to version 7.0.23, all PHP …

EasyApache Sept 6 2017 Maintenance Release Read More »

EasyApache 18 July 2017 Maintenance Release

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on July 18, 2017, with Apache version 2.4.27. This release addresses vulnerabilities related to CVE-2017-7679, CVE-2017-7668, CVE-2017-7659, CVE-2017-3169, and CVE-2017-3167. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.27. AFFECTED VERSIONS All versions of Apache 2.4 through …

EasyApache 18 July 2017 Maintenance Release Read More »

cPanel TSR-2017-0004 Full Disclosure

cPanel TSR-2017-0004 Full Disclosure SEC-263 Summary Stored XSS during WHM cPAddons install. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 3.9 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N Description It was possible for an attacker to actively inject HTML into the WHM cPAddons screen during a moderated install. Credits This issue was discovered …

cPanel TSR-2017-0004 Full Disclosure Read More »