SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on April 18, 2017, with PHP versions 7.0.18 and 7.1.4. This release addresses vulnerabilities related to CVE-2017-7272. We strongly encourage all PHP 7.0 users to upgrade to version 7.0.18 and all PHP 7.1 users to upgrade to version 7.1.4. AFFECTED …
EasyApache 18 April 2017 Maintenance Release Read More »
cPanel TSR-2017-0002 Full Disclosure SEC-208 Summary Addon domain conversion did not require a package for resellers. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.7 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L Description Previously, when you converted an addon domain to a normal account, it was not required that a reseller specify a …
cPanel TSR-2017-0002 Full Disclosure Read More »
With the first TSR release of 2015 we began providing CVSSv2 scores in our full disclosure of resolved security issues in cPanel & WHM. The CVSSv2 scoring system is a free and open standard that attempts to rate the severity of security vulnerabilities (finalized in June 2007). In June 2015 …
Updates to TSR announcement and disclosure information Read More »
WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect […]
WordPress 4.7.3 Security and Maintenance Release Read More »
SUMMARY cPanel, Inc. has released EasyApache 3.34.12 with Apache version 2.2.32. This release addresses vulnerabilities related to CVE-2016-8743 and CVE-2016-5387. We strongly encourage all Apache 2.2 users to upgrade to version 2.2.32. AFFECTED VERSIONS All versions of Apache 2.2 through version 2.2.31 SECURITY RATING The National Vulnerability Database (NIST) has …
EasyApache 21 February 2017 Maintenance Release Read More »
WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. […]
WordPress 4.7.2 Security Release Read More »
cPanel TSR-2017-0001 Full Disclosure SEC-196 Summary Fixed password used for Munin MySQL test account. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) Description The Munin monitoring tool includes a plugin to check the status of the MySQL service. This plugin used a dedicated test MySQL …
TSR-2017-0001 Full Disclosure Read More »
cPanel TSR-2017-0001 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores …
cPanel TSR-2017-0001 Announcement Read More »
WordPress 4.7 has been downloaded over 10 million times since its release on December 6, 2016 and we are pleased to announce the immediate availability of WordPress 4.7.1. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are affected by eight security issues: […]
WordPress 4.7.1 Security and Maintenance Release Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on January 5, 2017, with Apache version 2.4.25. This release addresses vulnerabilities related to CVE-2016-0736, CVE-2016-2161, CVE-2016-5387, CVE-2016-8740, and CVE-2016-8743. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.25. AFFECTED VERSIONS All versions of Apache 2.4 through …
EasyApache 5 January 2017 Maintenance Release Read More »
