cPanel TSR-2017-0006 Announcement

Posted by & filed under cPanel, Security.

cPanel TSR-2017-0006 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 2.0 to 8.8…. Read more »

EasyApache 2017-11-07 Security Release

Posted by & filed under cPanel, Security.

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on November 7, 2017, with OpenSSL 1.0.2m. This release addresses vulnerabilities related to CVE-2017-3736 and CVE-2017-3735. We strongly encourage all OpenSSL users to upgrade to version 1.0.2m.   AFFECTED VERSIONS All versions of OpenSSL through 1.0.2l   SECURITY RATING The National Vulnerability Database (NIST) has… Read more »

EasyApache 2017-10-31 Security Release

Posted by & filed under cPanel, Security.

SUMMARY cPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.32, 7.0.25 and 7.1.11, and released EasyApache 3.34.19 with PHP version 5.6.32 on October 31, 2017. This release addresses vulnerabilities related to CVE-2016-1283. We strongly encourage all PHP 5.6 users to upgrade to versions 5.6.32, all PHP 7.0 users to upgrade to version… Read more »

EasyApache 2017-10-16 Security Release

Posted by & filed under cPanel, Security.

SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch.   AFFECTED VERSIONS All versions of Passenger   DESCRIPTION This update patches a vulnerability where a user can list the contents of… Read more »

Account DNS Check version 13 released

Posted by & filed under Announcements, cPanel.

We are pleased to announce version 13 of our Account DNS Check WHM plugin has been released! This release updates this plugin to use cPanels new API tokens for API calls since cPanel has deprecated the old accesshash authentication method. We also updated the UI in accordance to WHM’s new frame-less interface. This means the… Read more »

cPanel TSR-2017-0005 Announcement

Posted by & filed under cPanel, Security.

  cPanel TSR-2017-0005 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 2.2 to… Read more »

cPanel TSR-2017-0003 Announcement

Posted by & filed under cPanel, Security.

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 2.2 to 8.8. Information on cPanel’s… Read more »

cPanel TSR-2017-0002 Full Disclosure

Posted by & filed under cPanel, Security.

SEC-208 Summary Addon domain conversion did not require a package for resellers. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.7 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L Description Previously, when you converted an addon domain to a normal account, it was not required that a reseller specify a package for the account creation. This allowed the reseller… Read more »

cPanel TSR-2017-0002 Announcement

Posted by & filed under cPanel, Security.

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 2.4 to 8.8. Information on cPanel’s… Read more »

EasyApache 21 February 2017 Maintenance Release

Posted by & filed under cPanel, Security.

SUMMARY cPanel, Inc. has released EasyApache 3.34.12 with Apache version 2.2.32. This release addresses vulnerabilities related to CVE-2016-8743 and CVE-2016-5387. We strongly encourage all Apache 2.2 users to upgrade to version 2.2.32.   AFFECTED VERSIONS All versions of Apache 2.2 through version 2.2.31   SECURITY RATING The National Vulnerability Database (NIST) has given the following… Read more »