cPanel & WHM versions 56 & 60 have reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), 56 & 60 will continue …
cPanel & WHM Versions 56 & 60 Now EOL Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch. AFFECTED VERSIONS All versions of Passenger DESCRIPTI…
EasyApache 2017-10-16 Security Release Read More »
WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]
WordPress 4.8.2 Security and Maintenance Release Read More »
cPanel TSR-2017-0005 Full Disclosure SEC-276 Summary SQL injection in eximstats processing. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Description When processing eximstats updates in buffered mode, errors in the SQL operations cause the updates to be reprocessed one statement at a time. The logic …
cPanel TSR-2017-0005 Full Disclosure Read More »
cPanel TSR-2017-0005 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0005 Announcement Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on September 6, 2017, with PHP versions 7.0.23 and 7.1.9 and RubyGems 2.6.13. This release addresses vulnerabilities related to CVE-2017-12932, CVE-2017-0902, CVE-2017-0899, CVE-2017-0900, and CVE-2017-0901. We strongly encourage all all PHP 7.0 users to upgrade to version 7.0.23, all PHP …
EasyApache Sept 6 2017 Maintenance Release Read More »
cPanel & WHM version 56 & 60 will reach End of Life at the end of October, 2017, and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), 56 & 60 will continue functioning on servers where it …
cPanel & WHM Version 56 & 60 End of Life October, 2017 Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on July 18, 2017, with Apache version 2.4.27. This release addresses vulnerabilities related to CVE-2017-7679, CVE-2017-7668, CVE-2017-7659, CVE-2017-3169, and CVE-2017-3167. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.27. AFFECTED VERSIONS All versions of Apache 2.4 through …
EasyApache 18 July 2017 Maintenance Release Read More »
cPanel TSR-2017-0004 Full Disclosure SEC-263 Summary Stored XSS during WHM cPAddons install. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 3.9 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N Description It was possible for an attacker to actively inject HTML into the WHM cPAddons screen during a moderated install. Credits This issue was discovered …
cPanel TSR-2017-0004 Full Disclosure Read More »
cPanel TSR-2017-0004 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0004 Announcement Read More »
