Featured Item

Scheduled TSR Cycles

Throughout 2014, the cPanel Security Team has worked with security researchers through cPanel’s Security Bounty program. We try to deliver fixes to issues these security researchers have discovered, along with fixes for issues discovered by cPanel’s internal code audits, in regular two-month cycles. The intent of these scheduled TSRs has been to minimize disruptions and risks associated with fixing vulnerabilities that are not being actively attacked in the wild or represent a low threat to most cPanel & WHM systems.

Starting with TSR-2015-0001, we will formalize this process further. All future scheduled TSR’s will occur on the third Monday of every other month. Minor adjustments to this schedule will be made as necessary to avoid conflicts with cPanel company holidays. Any adjustments to the schedule will be announced at least one week in advance of the scheduled TSR date.

Unscheduled TSRs, for issues that represent critical threats to cPanel & WHM systems and issues that are being actively attacked on a widespread basis, will still occur at any time as needed.

With TSR-2015-0001 we will be making two additional changes that are intended to bring our vulnerability handling process more in sync with industry norms:

– The delay between the release of a TSR to customers and the disclosure of the vulnerabilities fixed in the TSR will be lowered to one day.

– cPanel will provide CVSSv2 scoring information for all vulnerabilities addressed in the TSRs.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Security Advisories and Product Release Announcements” mailing list on our website at https://cpanel.net/mailing-lists/.

Posted in: News, Security | Tagged: , ,
Featured Item

The cPanel & WHM Dashboard Will Be Getting a Little Lighter

We’re always working to create a better experience for our users and sometimes that means removing a great feature to streamline the cPanel dashboard.

Logaholic will no longer be included in future versions of the cPanel & WHM dashboard. In its place, users can opt-in to download their stronger, more robust third-party plugin. Information on installing this plugin, which includes a wide array of new tools, is available on their company blog, using the link below.

We will continue to offer full access and support for Logaholic until cPanel & WHM 11.46 reaches End of Life in October 2015. To continue using Logaholic after this point, all you have to do is install the Logaholic third-party app.

Navigate to the Logaholic blog below to find out how to install this powerful new plugin:
http://www.logaholic.com/logaholic-cpanel-migration

Posted in: News, Software Updates | Tagged: , , , , ,

11.46 Now in STABLE Tier

cPanel, Inc. is thrilled to release cPanel & WHM software version 11.46, which is now available in the STABLE tier.

cPanel & WHM 11.46 offers localization and support for 29 languages, Paper Lantern branding, ModSecurity tools, and more.

Localization & Support for 29 Languages

As part of version 11.46, cPanel & WHM makes it possible to fully translate the user interface and increases the number and quality of languages provided. With the ability to localize and choose from 29 updated languages, cPanel & WHM offers unprecedented access on an international scale.

Paper Lantern Branding

cPanel & WHM 11.46 includes several options for customizing and branding the Paper Lantern theme.

ModSecurity Tools

New management tools, available in cPanel & WHM 11.46, simplify use of the ModSecurity application firewall.

Detailed information on all cPanel & WHM 11.46 features can be found at cPanel Documentation. An overview of the latest features and benefits is also available at cPanel Releases.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Security Advisories and Product Release Announcements” mailing list at cPanel Mailing Lists.

Posted in News, Press Releases, Release Announcements | Tagged: , , ,

11.42 to EOL in 2 Months

cPanel & WHM 11.42 is set to reach End of Life at the end of January 2015.

In accordance with our EOL policy [http://go.cpanel.net/longtermsupport], 11.42 will continue functioning on servers. However, no further updates, such as security fixes and installations, will be provided for 11.42 after it reaches EOL.

We recommend that all customers migrate any existing installations of cPanel & WHM 11.42 to a newer version (either 11.44 or 11.46).

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at http://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

About cPanel, Inc.
Since 1997, cPanel, Inc. has been a leading innovator and developer of control panel software for the web hosting industry. cPanel builds software that allows web host professionals to transform standalone servers into fully automated, point-and-click web hosting platforms. cPanel-licensed software allows server and website owners, along with resellers and developers, to optimize their technical resources and replace tedious shell-oriented tasks with dynamic, intuitive web-based interfaces. For more information, visit http://cpanel.net.

For the PGP-signed message, see 11.42 60 day notice-signed.

Posted in News, Release Announcements | Tagged: , ,

cPanel TSR-2014-0008 Full Disclosure

Case 114917

Summary

Resellers could delete feature lists they did not own.

Security Rating

cPanel has assigned a Security Level of Moderate to this vulnerability.

Description

The check for ownership of a feature list was not functioning properly and allowed a reseller with limited ACLs to delete feature lists that they did not own.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.46.0.15
11.44.1.22
11.42.1.29

Continue reading

Posted in News, Security | Tagged: , ,

Microsoft® FrontPage® Blocking 11.46 Upgrades: Removal Required

For many cPanel & WHM customers, an existing installation of Microsoft® FrontPage® extensions on their Linux server(s) is blocking the ability to upgrade to cPanel & WHM software version 11.46. Microsoft® discontinued support for FrontPage® extensions on Linux servers in 2006.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,

EasyApache 3.26.10 Released

SUMMARY

cPanel, Inc. has released EasyApache 3.26.10 with PHP version 5.5.19 and PHP version 5.4.35. This release addresses vulnerabilities related to CVE-2014-3710 by fixing bugs in the Fileinfo module. We strongly encourage all PHP 5.5 users to upgrade to version 5.5.19 and all PHP v5.4 users to upgrade to version 5.4.35.

Continue reading

Posted in News, Software Updates | Tagged: , , , ,

cPanel TSR-2014-0008 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

Continue reading

Posted in News, Security | Tagged: , ,

11.46 Now in RELEASE Tier

cPanel, Inc. is thrilled to release cPanel & WHM software version 11.46, which is now available in the RELEASE tier.

cPanel & WHM 11.46 offers localization and support for 29 languages, Paper Lantern branding, ModSecurity tools, and more.

Continue reading

Posted in News, Press Releases, Release Announcements | Tagged: , ,

11.40 Now EOL, 11.42 to EOL in 3 Months

cPanel & WHM software version 11.40 has now reached End of Life.

In accordance with our EOL policy [http://go.cpanel.net/longtermsupport], 11.40 will continue functioning on servers. The last release of cPanel & WHM 11.40, 11.40.1.22, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and installations, will be provided for 11.40. Older releases of cPanel & WHM 11.40 will be removed from our mirrors.

Continue reading

Posted in News, Release Announcements | Tagged: , , ,
Page 1 of 3212345...102030...Last »