SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on July 18, 2017, with Apache version 2.4.27. This release addresses vulnerabilities related to CVE-2017-7679, CVE-2017-7668, CVE-2017-7659, CVE-2017-3169, and CVE-2017-3167. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.27. AFFECTED VERSIONS All versions of Apache 2.4 through …
EasyApache 18 July 2017 Maintenance Release Read More »
cPanel TSR-2017-0004 Full Disclosure SEC-263 Summary Stored XSS during WHM cPAddons install. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 3.9 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N Description It was possible for an attacker to actively inject HTML into the WHM cPAddons screen during a moderated install. Credits This issue was discovered …
cPanel TSR-2017-0004 Full Disclosure Read More »
cPanel TSR-2017-0004 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0004 Announcement Read More »
cPanel TSR-2017-0004 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0004 Announcement Read More »
cPanel & WHM version 58 will reach End of Life in 1 month, at the end of July, 2017. cPanel & WHM versions 56 and 60 will also reach End of Life at the end of October, 2017. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), when a version of cPanel …
cPanel & WHM Version 58 will reach EOL in 1 Month Read More »
cPanel & WHM version 58 will reach End of Life at the end of July, 2017, and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), 58 will continue functioning on servers where it is already installed. However, …
cPanel & WHM Version 58 will reach End of Life July, 2017 Read More »
cPanel TSR-2017-0003 Full Disclosure SEC-234 Summary Horde MySQL to SQLite conversion can leak database password. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.2 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N Description If the Horde MySQL to SQLite conversion script requires a password reset on the MySQL database, the new password was passed …
cPanel TSR-2017-0003 Full Disclosure Read More »
WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. Improper handling of post meta data values in the XML-RPC […]
WordPress 4.7.5 Security and Maintenance Release Read More »
We are delaying the cPanel TSR-2017-0003 Disclosure for an additional 24 hours. The Disclosure will now be published May 17, 2017.
cPanel TSR-2017-0003 Disclosure Delay Read More »
cPanel TSR-2017-0003 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores …
cPanel TSR-2017-0003 Announcement Read More »
