Featured Item

11.40 EOL, 1 Month Notice

cPanel & WHM software version 11.40 will reach End of Life at the end of October 2014.

In accordance with our EOL policy [http://go.cpanel.net/longtermsupport], 11.40 will continue functioning on servers after reaching EOL. However, no further updates, such as security fixes and installations, will be provided for 11.40 once it reaches its EOL date.

We recommend that all customers migrate any existing installations of cPanel & WHM 11.40 to a newer version (either 11.42 or 11.44).

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at http://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

About cPanel, Inc.
Since 1997, cPanel, Inc. has been a leading innovator and developer of control panel software for the web hosting industry. cPanel builds software that allows web host professionals to transform standalone servers into fully automated, point-and-click web hosting platforms. cPanel-licensed software allows server and website owners, along with resellers and developers, to optimize their technical resources and replace tedious shell-oriented tasks with dynamic, intuitive web-based interfaces. For more information, visit http://cpanel.net.

For the PGP-signed message, see 11.40 30 day notice-signed.

Posted in: News, Release Announcements | Tagged: , ,

11.46 Now in CURRENT Tier

10/22/2014
Houston, TX -

cPanel, Inc. is thrilled to release cPanel & WHM software version 11.46, which is now available in the CURRENT tier.

cPanel & WHM 11.46 offers localization and support for 29 languages, Paper Lantern branding, ModSecurity tools, and more.

Localization & Support for 29 Languages

As part of version 11.46, cPanel & WHM makes it possible to fully translate the user interface and increases the number and quality of languages provided. With the ability to localize and choose from 29 updated languages, cPanel & WHM offers unprecedented access on an international scale.

Paper Lantern Branding

cPanel & WHM 11.46 includes several options for customizing and branding the Paper Lantern theme.

ModSecurity Tools

New management tools, available in cPanel & WHM 11.46, simplify use of the ModSecurity application firewall.

Detailed information on all cPanel & WHM 11.46 features can be found at https://documentation.cpanel.net. An overview of the latest features and benefits is also available at http://releases.cpanel.net.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Security Advisories and Product Release Announcements” mailing list here: http://cpanel.net/mailing-lists.

Posted in News, Press Releases, Release Announcements

cPanel Security Team: Bash CVE-2014-6217 and CVE-2014-7169

Bash CVE-2014-6217 and CVE-2014-7169

CVE-2014-6217 is a critical vulnerability in all versions of GNU Bash, the Bourne Again Shell.This vulnerability allows an attacker to execute arbitrary shell commands any time a Bash shell executes with environmental variables supplied by the attacker. On cPanel & WHM systems, there are numerous entry points where this vulnerability could be exploited. This blog post from Red Hat demonstrates how such attacks are possible: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

CVE-2014-7169 is a second vulnerability in all versions of GNU Bash. This second CVE covers attack vectors that were not fixed in the initial updates for CVE-2014-6217. Targeting CVE-2014-7169 is more complicated for an attacker. The authors of GNU Bash are currently working on updates to address CVE-2014-7169. This article from Red Hat has additional details about this flaw: https://access.redhat.com/articles/1200223

Continue reading

Posted in News, Security | Tagged: ,

EasyApache to Install Apache 2.4 in Basic Profile – 60 Day Notice

In approximately 60 days, the Basic profile in EasyApache will build Apache 2.4 by default. This change will not alter existing EasyApache profiles that build Apache 2.2. If you plan to update from an existing Apache 2.2 installation to Apache 2.4, we strongly recommend that you build in a test environment before you migrate Apache versions on a production server.

Continue reading

Posted in News, Software Updates | Tagged: ,

Enkompass EOL Notice

All versions of Enkompass reached EOL on February 2014. Effective immediately, Enkompass will no longer be available for download, licensing, or indirect support. In accordance with our EOL policy [http://go.cpanel.net/eol], Enkompass will continue to function on servers after it reaches EOL. However, we will not provide further updates (for example, security fixes and installations) for Enkompass version 3.0 after it reaches its EOL date.

Continue reading

Posted in News, Release Announcements | Tagged: , ,

cPanel TSR-2014-0007 Full Disclosure

Case 109049

Summary

Arbitrary file overwrite in /scripts/synccpaddonswithsqlhost.

Security Rating

cPanel has assigned a Security Level of Important to this vulnerability.

Description

The synccpaddonswithsqlhost script performed unsafe file operations inside the home directories of unprivileged users while running with root’s permissions. By manipulating symbolic links within the .cpaddons sub-directory, a local attacker could overwrite arbitrary files with known data.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.44.1.18
11.42.1.26
11.40.1.21

Continue reading

Posted in News, Security | Tagged: , ,

cPanel TSR-2014-0007 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

Continue reading

Posted in News, Security | Tagged: , ,

EasyApache 3.26.7 Released

SUMMARY
cPanel, Inc. has released EasyApache 3.26.7 with Apache version 2.2.29. This release addresses vulnerabilities CVE-2014-0118, CVE-2014-0231, CVE-2014-0226 and CVE-2013-5704. We encourage all Apache 2.2 users to upgrade to Apache version 2.2.29.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,

11.40 EOL, 2 Month Notice

cPanel & WHM software version 11.40 will reach End of Life at the end of October 2014.

In accordance with our EOL policy [http://go.cpanel.net/longtermsupport], 11.40 will continue functioning on servers after reaching EOL. However, no further updates, such as security fixes and installations, will be provided for 11.40 once it reaches its EOL date.

Continue reading

Posted in News, Release Announcements | Tagged: , ,

EasyApache 3.26.6 Released

SUMMARY
cPanel, Inc. has released EasyApache 3.26.6 with PHP versions 5.4.32 and 5.5.16. This release addresses vulnerabilities CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120, CVE-2014-3597, CVE-2014-4670 and CVE-2014-4698. We encourage all PHP 5.4 users to upgrade to PHP version 5.4.32 and all PHP 5.5 users to upgrade to PHP version 5.5.16.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,
Page 1 of 3112345...102030...Last »