Featured Item

11.48 Now in STABLE Tier

Introducing cPanel & WHM 11.48

cPanel, Inc. has released cPanel & WHM software version 11.48 in the STABLE tier.

You’re In Control
The newest version of cPanel & WHM has arrived and it’s filled with exciting new updates for both hosting providers and website owners. With advances in both mail and security, along with bolder branding opportunities, users will gain even more control of their cPanel experience in this latest version.

Reinforced Security
cPanel & WHM 11.48 includes a stronger, more comprehensive security package that incorporates the latest in OWASP ModSecurity rules. With the addition of updates to our brute force protection system, cPHulk, this version promises to be our safest, most secure release to date.

Bolder Branding
Hosting providers have increased brand visibility now that Paper Lantern has been extended into cPanel Webmail. In addition, the classic X3 layout is available as a Paper Lantern style for users who miss the classic feel of cPanel.

More From Mail
Along with increasing the mailbox quota from 2GB to 4TB on 64-bit systems, cPanel & WHM users can offer their customers the freedom to use unique SSL certifications on their domain and mail servers.

MariaDB 10.0
MariaDB, an enhanced drop-in replacement for MySQL, has been included in cPanel & WHM 11.48, thanks to our friendly cPanel Feature Requests constituents.

Detailed information on all cPanel & WHM 11.48 features can be found at cPanel Documentation. An overview of the latest features and benefits is also available at cPanel Releases.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Security Advisories and Product Release Announcements” mailing list at cPanel Mailing Lists.

Posted in: News, Release Announcements | Tagged: , , ,

EasyApache 3.28.4 Released

SUMMARY
cPanel, Inc. has released EasyApache 3.28.4 with PHP versions 5.4.38 and 5.5.22. This release addresses vulnerabilities related to CVE-2015-0235 and CVE-2015-0273 by fixing bugs in the Core module. We strongly encourage all PHP 5.4 users to upgrade to version 5.4.38 and all PHP 5.5 users to upgrade to version 5.5.22.

AFFECTED VERSIONS
All versions of PHP 5.4 through version 5.4.37
All versions of PHP 5.5 through version 5.5.21.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2015-0235 – HIGH

PHP 5.4.38
Fixed bug in the Core module related to CVE-2015-0235

PHP 5.5.22
Fixed bug in the Core module related to CVE-2015-0235

CVE-2015-0273 – MEDIUM

PHP 5.4.38
Fixed bug in the Core module related to CVE-2015-0273

PHP 5.5.22
Fixed bug in the Core module related to CVE-2015-0273

SOLUTION
cPanel, Inc. has released EasyApache 3.28.4 with an updated version of PHP 5.4.38 and PHP 5.5.22. Unless you have disabled EasyApache updates, EasyApache updates automatically. Run EasyApache to rebuild your profile with the latest version of PHP.

REFERENCES

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0273

http://php.net/ChangeLog-5.php

For the PGP-signed message, see EA 3-28-4 CVE-signed

Posted in News, Software Updates | Tagged: , , , ,

11.42 Now EOL

cPanel & WHM software version 11.42 has now reached End of Life.

Continue reading

Posted in News, Release Announcements | Tagged: , ,

11.48 Now in RELEASE Tier

Introducing cPanel & WHM 11.48

cPanel, Inc. has released cPanel & WHM software version 11.48 in the RELEASE tier.

You’re In Control
The newest version of cPanel & WHM has arrived and it’s filled with exciting new updates for both hosting providers and website owners. With advances in both mail and security, along with bolder branding opportunities, users will gain even more control of their cPanel experience in this latest version.

Continue reading

Posted in News, Release Announcements | Tagged: ,

EasyApache 3.28.3 Released

SUMMARY
cPanel, Inc. has released EasyApache 3.28.3 with Apache version 2.4.12. This release addresses vulnerabilities related to CVE-2014-3583, CVE-2014-3581, CVE-2014-8109, and CVE-2013-5704. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.12.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,

11.48 Now in CURRENT Tier

Introducing cPanel & WHM 11.48

cPanel, Inc. has released cPanel & WHM software version 11.48 in the CURRENT tier.

Continue reading

Posted in News, Release Announcements | Tagged: , ,

EasyApache 3.28.2 Released

SUMMARY
cPanel, Inc. has released EasyApache 3.28.2 with PHP versions 5.4.37 and 5.5.21. This release addresses vulnerabilities related to CVE-2015-0231, CVE-2014-9427, and CVE-2015-0232 by fixing bug in the Core module, Exif extension, and CGI. We strongly encourage all PHP 5.4 users to upgrade to version 5.4.37 and all PHP 5.5 users to upgrade to version 5.5.21.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,

cPanel TSR-2015-0001 Full Disclosure

SEC-1

Summary

Arbitrary code could be executed as other accounts with RUID2/ITK enabled.

Security Rating

cPanel has assigned this vulnerability a CVSSv2 score of 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)

Description

The WHM “Apache mod_userdir Tweak” interface incorrectly allowed the exclusion of specific users from userdir protection when mod_ruid2 or MPM-ITK was in use on the server. With this misconfiguration, the excluded user could execute arbitrary code with the UID and GID of the excluding virtualhost via Apache userdir URLs.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.46.2.2
11.46.1.6
11.44.2.4
11.42.1.30

Continue reading

Posted in News, Security | Tagged: , ,

cPanel TSR-2015-0001 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

Continue reading

Posted in News, Security | Tagged: , ,

11.42 to EOL in 1 Month

cPanel & WHM 11.42 is set to reach End of Life at the end of January 2015.

Continue reading

Posted in News, Release Announcements | Tagged: , ,
Page 1 of 3412345...102030...Last »