OCT
05

EasyApache October 5 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-php81ea-php81-metaEA-10958: Update ea-php81 from v8.1.10 to v8.1.11phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629)ea-php80ea-php80-metaEA-10961: Update ea-php80 from v8.0.23 to v8.0.24phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629) ea-php74ea-php74-metaEA-10957: Update ea-php74 from v7.4.30 to v7.4.32phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629)ea-apache2-configEA-10947: Use %{local}p to send correct port to splitlogs when piped logging is enabled

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 8.1.11, 8.0.24, and 7.4.32. This release addresses vulnerabilities related to CVE-2022-31628 and CVE-2022-31629. We strongly encourage all PHP 8.21 users to update to version 8.1.11, all PHP 8.0 users to update to version 8.0.24, and all PHP 7.4 users to update to version 7.4.32.

AFFECTED VERSIONS
All versions of PHP 8.1 through 8.1.10.
All versions of PHP 8.0 through 8.0.23.
All versions of PHP 7.4 through 7.4.30.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading
  0 Hits

Copyright

© Cpanel

0 Hits
OCT
05

cPanel® Version 108 now in EDGE!

We are happy to announce that cPanel Version 108 has now been released to the EDGE tier!  Warning: Due to the dynamic nature of EDGE builds, only use EDGE for testing in a controlled environment. We do not recommend this tier for production servers. This version has only received rudimentary testing. We publish this tier most often (up …

The post cPanel® Version 108 now in EDGE! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  0 Hits

Copyright

© Cpanel

0 Hits
SEP
30

UPDATE EasyApache September 29 Release

cPanel, L.L.C. has released an update for EasyApache 4. Yesterday evening an issue was discovered in our ea-nginx changes that affected hosts with Service SubDomains disabled. ea-nginx EA-10959: Ensure valid nginx configuration when service subdomains are disabled More InformationInformation about all releases this year can be found in the 2022 EasyApache 4 …

The post UPDATE EasyApache September 29 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  13 Hits

Copyright

© Cpanel

13 Hits
SEP
29

EasyApache September 29 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-apache24-mod-passengerEA-10945: ea-passenger-src was updated from v6.0.14 to v6.0.15ea-apache2-configEA-10935: Account for IPv6 addresses when setting up mod_remoteipEA-10912: Setup mod_remoteip to work with all the server IPs ea-nginxEA-10751: Leave X-Forwarded-Host blank for service subdomainsEA-10671: Calculate ‘server_names_hash_bucket_size’ and ‘server_names_hash_max_size’ at config timeEA-10913:  “no resolver defined” error under a specific circumstance ea-nodejs16EA-10948: Update ea-nodejs16 from v16.17.0 to v16.17.1CVE-2022-32212: DNS rebinding in –inspect on macOS (High)CVE-2022-32213: bypass via obs-fold mechanic (Medium)CVE-2022-35255: Weak randomness in WebCrypto keygenCVE-2022-35256: HTTP Request Smuggling – Incorrect Parsing of Header Fields (Medium)ea-passenger-srcEA-10945: Update ea-passenger-src from v6.0.14 to v6.0.15ea-php80ZC-10260: Link deb against libcurl 4 explicitlyea-php81ZC-10260: Link deb against libcurl 4 explicitly ea-ruby27-passengerEA-10946: Update ea-ruby27-passenger from v6.0.14 to v6.0.15

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with NodeJS version 16.17.1. This release addresses vulnerabilities related to CVE-2022-32212, CVE-2022-32213, CVE-2022-35255, and CVE-2022-35256. We strongly encourage all NodeJS users to update to version 16.17.1.

AFFECTED VERSIONS
All versions of NodeJS through 16.17.0.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading
  16 Hits

Copyright

© Cpanel

16 Hits
SEP
21

cPanel® Version 106 now in STABLE!

We are happy to announce that cPanel Version 106 has now been released to the STABLE tier!  To fully explore all the changes in Version 106, as well as see detailed information about all cPanel & cPanel WebHost Manager versions, visit the release notes. More Information Our Release site also provides …

The post cPanel® Version 106 now in STABLE! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  21 Hits

Copyright

© Cpanel

21 Hits
SEP
21

EasyApache September 21 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache September 21 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  21 Hits

Copyright

© Cpanel

21 Hits
SEP
07

EasyApache September 7 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache September 7 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  42 Hits

Copyright

© Cpanel

42 Hits
SEP
01

cPanel® Version 106 now in RELEASE!

We are happy to announce that cPanel Version 106 has now been released to the RELEASE tier!  What’s new in Version 106? So much! Some of the features we’re most excited about include: The ability to customize the Favorites section in WHM by pinning your most-used features. The return of user, …

The post cPanel® Version 106 now in RELEASE! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  58 Hits

Copyright

© Cpanel

58 Hits
AUG
31

EasyApache August 31 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 31 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  56 Hits

Copyright

© Cpanel

56 Hits
AUG
24

EasyApache August 24 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 24 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  66 Hits

Copyright

© Cpanel

66 Hits
AUG
17

EasyApache August 17 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 17 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  70 Hits

Copyright

© Cpanel

70 Hits
AUG
16

cPanel TSR-2022-0003 Full Disclosure

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

SEC-646

Summary

Explicitly set the error log in scripts/cleanphpsessions.php.

Security Rating

Continue reading
  80 Hits

Copyright

© Cpanel

80 Hits
AUG
15

cPanel TSR-2022-0003 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated this update as having a CVSSv3.1 score of 2.3 to 7.8.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  73 Hits

Copyright

© Cpanel

73 Hits
AUG
10

EasyApache August 10 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 10 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  73 Hits

Copyright

© Cpanel

73 Hits
AUG
03

EasyApache August 3 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 3 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  93 Hits

Copyright

© Cpanel

93 Hits
JUL
27

EasyApache July 27 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 27 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  74 Hits

Copyright

© Cpanel

74 Hits
JUL
20

EasyApache July 20 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 20 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  86 Hits

Copyright

© Cpanel

86 Hits
JUL
18

cPanel® Version 106 now in CURRENT!

We are happy to announce that cPanel Version 106 has now been released to the CURRENT tier!  To fully explore all the changes in Version 106, as well as see detailed information about all cPanel & cPanel WebHost Manager versions, visit the release notes. More Information Our Release site also provides an …

The post cPanel® Version 106 now in CURRENT! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  100 Hits

Copyright

© Cpanel

100 Hits
JUL
13

EasyApache July 13 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 13 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  103 Hits

Copyright

© Cpanel

103 Hits
JUL
13

EasyApache July 13 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 13 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  105 Hits

Copyright

© Cpanel

105 Hits
Advertisement