JUL
25

EasyApache 2018-07-25 Security Release

SUMMARYcPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.37, 7.0.31, 7.1.20, and 7.2.8 and released EasyApache 3.36.7 with PHP version 5.6.37 on July 25, 2018. This release addresses security vulnerabilities with no CVE numbers currently assigned. We strongly encourage PHP users to update their version of PHP.

AFFECTED VERSIONSAll versions of PHP 5.6 through 5.6.36All versions of PHP 7.0 through 7.0.30All versions of PHP 7.1 through 7.1.19All versions of PHP 7.2 through 7.2.7

SECURITY RATING

At this time, no CVE numbers are assigned. We will update this notice when they are available.

SOLUTIONcPanel, Inc. has released updated RPMs for EasyApache 4 on July 25, 2018 with PHP versions 5.6.37, 7.0.31, 7.1.20, and 7.2.8. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

95 Hits
JUL
23

cPanel & WHM Version 74 to CURRENT!

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 74 to the CURRENT tier! Version 74 includes updates for some of our biggest features. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to talk about all the exciting improvements! :thumbsup:

Git Automatic Deployment

Improving on the new Git Version Control feature, we now include the ability to automatically deploy changes merged into any branch of your cPanel-hosted git repositories.

Stop Spammers Instantly

The combination of the Monitor Recipients for Potential Spammers, and the Action Taken when Spammers Found additions to Tweak Settings will monitor outbound mail on a per-account basis, and allow webhosts to prevent negative impact from a compromised account.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

119 Hits
JUL
18

EasyApache 2018-07-18 Security Release

SUMMARY

cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.61.0 and Apache 2.4.34 and released EasyApache 3.36.6 with cURL 7.61.0 and Apache 2.4.34 on July 18, 2018. This release addresses vulnerabilities related to CVE-2018-0500, CVE-2018-8011, and CVE-2018-1333. We strongly encourage all cURL users to update to version 7.61.0 and all Apache 2.4 users to upgrade to version 2.4.34.

AFFECTED VERSIONSAll versions of cURL through cURL 7.60.0All versions of Apache through Apache 2.4.33

SECURITY RATINGThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-0500 – MEDIUMcURL 7.61.0Fixed bug related to CVE-2018-0500

CVE-2018-8011 – MEDIUMApache 2.4.34Fixed bug in mod_md module related to CVE-2018-8011

Continue reading
Rate this blog entry:

Copyright

© Cpanel

118 Hits
JUL
18

cPanel & WHM Version 72 Now in STABLE!

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 72 to the STABLE tier! Version 72 includes a focus on improving backups, security, and application development. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to discuss more! :wave:

File and Directory Restoration

We have improved and updated the File Restoration interface to include directory restoration. We take you through the new interface on cPanelTV.

Backup Metadata Improvements

The metadata system that powers our File and Directory Restoration interface has been rebuilt from the ground up with a focus on speed and scalability.

More Information

Check out the cPanel Release site to see an overview of the latest features and updates cPanel & WHM has to offer! All of the details about all cPanel & WHM Version 72 features can be found in the Release Notes.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Product & Security Notifications” mailing list at cPanel Mailing List.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

102 Hits
JUL
17

cPanel TSR-2018-0004 Full Disclosure

cPanel TSR-2018-0004 Full Disclosure

SEC-367

Summary

Stored-XSS in WHM File Restoration interface.

Security Rating

Continue reading
Rate this blog entry:

Copyright

© Cpanel

101 Hits
JUL
16

cPanel TSR-2018-0004 Announcement

cPanel TSR-2018-0004 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 2.8 to 6.5.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

106 Hits
JUN
29

cPanel & WHM LTS Version 62 Now EOL

cPanel & WHM version 62 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. This was an extension of support, which can be read further about here: http://news.cpanel.com/support-for-cpanel-whm-version-62-extended-to-june-2018/

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 62 will continue functioning on servers where it is already installed. The last release of cPanel & WHM version 62, 62.0.48, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and installations, will be provided for 62. Older releases of cPanel & WHM 62 will be removed from our mirrors.

We recommend that all customers migrate any existing installations of cPanel & WHM version 62 to the most recent version of cPanel & WHM presently. They can upgrade to version 70 if they would like to upgrade to the 2018 LTS version. Our latest version, 72 is detailed on our current release site: https://releases.cpanel.net.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-signed message, see 62EOLnow-signed.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

123 Hits
JUN
25

cPanel & WHM Version 72 Now in RELEASE!

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 72 to the RELEASE tier! Version 72 includes a focus on improving backups, security, and application development. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to discuss more! :wave:

Web-Based Terminal

Whether you’re on the road, or just not at your computer, you will love the power of this new feature. Both root-level WHM users and cPanel users can now manage their server or website using cPanel & WHM’s new web-based terminal.

Limit Available PHP Versions​

Web hosting providers can now limit the PHP versions that cPanel accounts are allowed to view and use. Doing so helps to increase server security and reduce complexity for cPanel users.​

More Information

Check out the cPanel Release site to see an overview of the latest features and updates cPanel & WHM has to offer! All of the details about all cPanel & WHM Version 72 features can be found in the Release Notes.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Product & Security Notifications” mailing list at cPanel Mailing List.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

141 Hits
JUN
14

Reminder: cPanel & WHM Version 68 now EOL

As of cPanel & WHM Version 70’s release to STABLE on June 6th, cPanel & WHM version 68 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. Additionally, new trial licenses for versions older 70 will no longer be issued.

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 68 will continue functioning on servers where it is already installed. The last release of cPanel & WHM version 68, 68.0.39, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and installations, will be provided for 68. Older releases of cPanel & WHM 68 have been removed from our mirrors.

We recommend that all customers migrate any existing installations of cPanel & WHM Version 68 to the most recent version of cPanel & WHM 72, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-Signed version of this announcement please see: 201806.68EOLnow-signed.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

120 Hits
JUN
13

cPanel & WHM Version 72 Now in CURRENT!

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 72 to the CURRENT tier! The second 2018 release of cPanel & WHM, Version 72 includes a focus on improving backups, security, and application development. Take a look at the full release notes, then join us on Slack, Discord, or Reddit to discuss more! :wave:

Git Version Control

If you have been following along on our feature request site, you already know about our new feature, Git™ Version Control. We’re designing it to make hosting repositories as easy for developers as a “Hello World!” script. See the full depth of features and a feature introduction on our blog.

Improved Automation around Apache and PHP-FPM

With version 72 we adjusted PHP-FPM to use a graceful restart, preventing service interruptions. In Version 70 we added two options in Tweak Settings that help reduce the number of Apache restarts. Delayed Graceful Restarts and Deferred Reload Time will help keep high-capacity servers online.

More Information

Check out the cPanel Release site to see an overview of the latest features and updates cPanel & WHM has to offer! All of the details about all cPanel & WHM Version 72 features can be found in the Release Notes.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

126 Hits
JUN
06

cPanel & WHM Version 70 to STABLE

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 70 to the STABLE tier! As the first 2018 release of cPanel & WHM, Version 70 is the only version that will enter the LTS tier this year. Support for Version 62 remains until the end of June, allowing users of the LTS tier time to upgrade to Version 70. Below are just a few of the updates included in this version.

Geofilter User Logins

Server Administrators can now drastically increase security with cPHulk’s new “Country Management” interface. By blocking or white-listing logins in the new “Country Management” interface, you can define who is allowed to log in to your cPanel accounts, WHM accounts, and much more.

More details are provided in the Version 70 cPHulk documentation.

Suspend Mail per Email Account

You can now suspend or queue the outgoing mail from a single email account on your server. This feature expands on the options we added in version 54 allowing you to suspend individual email accounts. Read more in the Version 70 Release Notes.

Join the Discussion!

Starting today we have added two more ways for you to interact with us! In addition to IRC, for the next 24 hours you can join us in our Slack and Discord channels.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

135 Hits
JUN
05

WHMCS Joins the 2018 cPanel Conference; Hello! From Mission Control.

The 2018 cPanel Conference, in Houston on October 2 & 3, is excited to announce its top-level sponsor!

HOUSTON, June 5, 2018 (Newswire.com) – cPanel is excited to announce that WHMCS, has returned to claim the New Horizons sponsorship of the 2018 cPanel Conference! This year represents the 7th time that WHMCS has sponsored the Annual cPanel Conference. This year the conference will be returning to our home, Houston, Texas.

“The annual cPanel Conference is a great opportunity for us to meet and connect with customers of the most widely used web hosting automation software in the world.” Said Matt Pugh, CEO of WHMCS. “This year we’re excited to be part of the conference again and will be giving some incredible talks, as well as providing customers and partners the chance to meet and talk face to face with members of our team. We look forward to seeing you there.”

It has been six years since cPanel partnered with WHMCS! In that time, the two companies have worked closely to deliver a more seamless user experience for web hosting customers who can now benefit from single sign-on, deep linking, automated cloud service provisioning and more.

Last year the cPanel Conference had nearly 300 attendees from almost 100 different companies, making it one of the biggest cPanel Conferences yet. The exhibiting sponsorship spots are very nearly sold out already!

Continue reading
Rate this blog entry:

Copyright

© Cpanel

172 Hits
MAY
31

cPanel & WHM LTS Version 62 EOL June, 2018

The current LTS (Long Term Support) Version, cPanel & WHM version 62, will reach End of Life at the end of June, 2018. At that time, version 62 will no longer be supported by cPanel except when upgrading to a supported version.

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 62 will continue functioning on servers where it is already installed. However, no further updates, including security fixes and installations, will be provided for 62 once it reaches End of Life.

We recommend that all customers migrate any existing installations of cPanel & WHM Version 62 to the most recent version of cPanel & WHM, Version 70, which you can read about on https://releases.cpanel.net. Version 70 will be the only version to enter the LTS tier this year.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then the cPanel support team is here to help! Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-signed message, see 62EOL1Month-signed.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

135 Hits
MAY
22

EasyApache 2018-05-22 Security Release

SUMMARY

cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.60.0 and released EasyApache 3.36.5 with cURL 7.60.0 on May 22, 2018. This release addresses vulnerabilities related to CVE-2018-1000300 and CVE-2018-1000301. We strongly encourage all cURL users to update to version 7.60.0.

AFFECTED VERSIONSAll versions of cURL through cURL 7.59.0

SECURITY RATINGThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-1000300 – MEDIUMcURL 7.60.0Fixed bug related to CVE-2018-1000300

Continue reading
Rate this blog entry:

Copyright

© Cpanel

106 Hits
MAY
22

cPanel TSR-2018-0003 Full Disclosure

cPanel TSR-2018-0003 Full Disclosure

SEC-393

Summary

API tokens retain ACLs that are removed from accounts.

Security Rating

Continue reading
Rate this blog entry:

Copyright

© Cpanel

132 Hits
MAY
21

cPanel TSR-2018-0003 Announcement

cPanel TSR-2018-0003 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 2.2 to 6.5.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

132 Hits
MAY
08

cPanel & WHM Version 70 in RELEASE!

We are happy to announce that cPanel, Inc. has released cPanel & WHM Version 70 to the RELEASE tier! Below are just a few of the updates included in this version.

Geofilter User Logins

Server Administrators can now drastically increase security with cPHulk’s new “Country Management” interface. By blocking or white-listing logins in the new “Country Management” interface, you can define who is allowed to log in to your cPanel accounts, WHM accounts, and much more.

More details are provided in the Version 70 cPHulk documentation.

Suspend Mail per Email Account

You can now suspend or queue the outgoing mail from a single email account on your server. This feature expands on the options we added in version 54 allowing you to suspend individual email accounts. Read more in the Version 70 Release Notes.

Join the Discussion!

Starting today we have added two more ways for you to interact with us! In addition to IRC, for the next 24 hours you can join us in our Slack and Discord channels.

Continue reading
Rate this blog entry:

Copyright

© Cpanel

118 Hits
MAY
01

EasyApache 2018-05-01 Security Release

SUMMARYcPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5 and released EasyApache 3.36.4 with PHP 5.6.36 on May 1, 2018. This release addresses vulnerabilities related to CVE-2018-10549, CVE-2018-10548, CVE-2018-10547, and CVE-2018-10546. We strongly encourage all PHP 5.6 users to update to version 5.6.36, PHP 7.0 users to update to version 7.0.30, PHP 7.1 users to update to version 7.1.17, and PHP 7.2 users to update to version 7.2.5.

AFFECTED VERSIONSAll versions of PHP 5.6 through 5.6.35All versions of PHP 7.0 through 7.0.29All versions of PHP 7.1 through 7.1.16All versions of PHP 7.2 through 7.2.4

SECURITY RATINGThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-10549 – MEDIUMPHP 5.6.36Fixed bug in EXIF extensions related to CVE-2018-10549

PHP 7.0.30Fixed bug in EXIF extensions related to CVE-2018-10549

Continue reading
Rate this blog entry:

Copyright

© Cpanel

141 Hits
APR
30

Version 62 EOL 2 months

cPanel & WHM version 62 will reach End of Life at the end of June, 2018, and will no longer be supported by cPanel except when upgrading to a supported version.

In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 62 will continue functioning on servers where it is already installed. However, no further updates, such as security fixes and installations, will be provided for 62 once it reaches End of Life.

We recommend that all customers migrate any existing installations of cPanel & WHM version 62 to the most recent version of cPanel & WHM 70, which you can read about on https://releases.cpanel.com.

If your server setup complicates the process of migrating to a newer version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgeable support team can provide recommendations, migration assistance, and more.

For the PGP-signed message, see 62EOL2Months-signed.

Original linkOriginal author: benny Vasquez
Rate this blog entry:

Copyright

© Cpanel

182 Hits
APR
03

EasyApache 2018-04-03 Maintenance Release

cPanel, Inc. has updated RPMs for EasyApache 4 with Apache version 2.4.33 and PHP versions 5.6.35, 7.0.29, 7.1.16, and 7.2.4 and released EasyApache 3.36.3 with Apache version 2.4.33 and PHP 5.6.35 on April 3, 2018. This release addresses vulnerabilities related to CVE-2017-15710, CVE-2018-1283, CVE-2018-1303, CVE-2018-1301, CVE-2017-15715, CVE-2018-1312, and CVE-2018-1302. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.33 and all PHP 5.6 users to update to version 5.6.35, PHP 7.0 users to update to version 7.0.29, PHP 7.1 users to update to version 7.1.16, and PHP 7.2 users to update to version 7.2.4.

AFFECTED VERSIONSAll versions of Apache 2.4 through 2.4.29All versions of PHP 5.6 through 5.6.34All versions of PHP 7.0 through 7.0.28All versions of PHP 7.1 through 7.1.15All versions of PHP 7.2 through 7.2.3

SECURITY RATINGThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2018-1301 – MEDIUMApache 2.4.33Fixed bug in core related to CVE-2018-1301

CVE-2018-1302 – MEDIUMApache 2.4.33Fixed bug in mod_http2 related to CVE-2018-1302

Continue reading
Rate this blog entry:

Copyright

© Cpanel

168 Hits
Advertisement