JUL
01

EasyApache 4 July 1 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

July 1

scl-ruby34-rubygem-rack
     • EA-9120: Update scl-ruby24-rubygem-rack from v2.2.2 to v2.2.3

ea-apr-util
     • EA-9121: ea-apr-util-mysql not linked to ea-openssl11 but system


libcurl
     • EA-9124: Update libcurl from v7.70.0 to v7.71.0
     • CVE-2020-8169: Partial password leak over DNS on HTTP redirect
     • CVE-2020-8177: curl overwrite local file with -J

Continue reading
  141 Hits

Copyright

© Cpanel

141 Hits
JUN
29

cPanel & WHM Version 88 to STABLE!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the STABLE tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Discord, Forums, or Reddit!

Support for MySQL 8

cPanel & WHM Version 88 brings support for MySQL® 8 for CentOS 7, Red Hat® Enterprise Linux, and CloudLinux servers. New cPanel & WHM Version 88 instances can upgrade to MySQL in WHM’s MySQL or MariaDB Upgrade interface (WHM >> Home >> Software >> MySQL/MariaDB Upgrade) | Read More

Webmail now ships with Roundcube version 1.4

We are updating the Roundcube version in Webmail from version 1.3 to version 1.4 in cPanel & WHM Version 88. Roundcube 1.4 features a new responsive theme for mobile devices, as well as compatibility with the Calendar and Contacts Server (CCS) plugin | Read More

MySQL now streams during account transfers in WHM

When an account is transferred via WHM’s Transfer Tool interface (WHM >> Home >> Transfers >> Transfer Tool) or the Copy an Account From Another Server With an Account Password interface (WHM >> Home >> Transfers >> Copy an Account From Another Server With an Account Password), the system streams the MySQL dump if streaming is available | Read More

Continue reading
  109 Hits

Copyright

© Cpanel

109 Hits
JUN
17

EasyApache 4 June 17 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

2020-6-17

ea-apache2-config
ZC-6899: do not log proxied requests to avoid double counting of them in stats.
ea-documentroot
EA-9095: Fixed grammatical error in 404 page.
ea-libzip
EA-9101: Update from upstream to 1.7.0.
ea-nghttp2
EA-9098: Update ea-nghttp2 to 1.41.0, drop 1.40.0 (with fix for CVE-2020-11080).
ea-nodejs10
ea-tomcat85
EA-9110: Update ea-tomcat85 to 8.5.56, drop 8.5.55.
scl-php72
EA-9087: Fix PHP version in DSO description.
scl-php73
EA-9111: Update scl-php73 to 7.3.19, drop 7.3.18.EA-9087: Fix PHP version in DSO description.EA-9111: Update scl-php73 to 7.3.19, drop 7.3.18.
ea-php74
EA-9109: Update ea-php74 to 7.4.7, drop 7.4.6.EA-9087: Fix PHP version in DSO descriptionEA-9109: Update ea-php74 to 7.4.7, drop 7.4.6.

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with nghttp2 version 1.41.0 and NodeJS version 10.21.0. This release addresses vulnerabilities related to CVE-2020-11080, CVE-2020-8174, and CVE-2020-10531. We strongly encourage all nghttp users to upgrade to version 1.41.0 and all NodeJS users to upgrade to version 10.21.0.

AFFECTED VERSIONS
All versions of nghttp2 through 1.40.0
All versions of NodeJS through 10.20.1


SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading
  73 Hits

Copyright

© Cpanel

73 Hits
MAY
27

cPanel & WHM Version 88 to RELEASE!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the RELEASE tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on SlackDiscord, or Reddit!

ImunifyAV

CloudLinux’s advanced suite of website security tools, ImunifyAV, is now available free by default on new installations. An upgrade to ImunifyAV+ can be purchased directly within the Imunify tool (WHM >> Home >> Plugins >> ImunifyAV) in Version 88 | Read More

Streamlined Directory Privacy interface

cPanel & WHM Version 88 brings a more streamlined experience to the Directory Privacy interface (cPanel >> Home >> Files >> Directory Privacy), including allowing cPanel users to set the privacy permissions for all subdirectories within a directory | Read More

MySQL Upgrade Checker

In cPanel & WHM Version 88, we are adding the MySQL® Upgrade Checker that checks if an upgrade from MySQL 5.7 to 8.x will work on the MySQL configuration file and table engine, and is located in MySQL/MariaDB Upgrade interface (WHM >> Home >> SQL Services >> MySQL/MariaDB Upgrade) | Read More

Continue reading
  72 Hits

Copyright

© Cpanel

72 Hits
MAY
22

cPanel & WHM Version 78 Now EOL

With cPanel & WHM Version 88 moving to CURRENT, cPanel & WHM Version 78 has reached End of Life. This version will now only be supported by cPanel when upgrading to a supported version.

In accordance with our EOL policy, Version 78 will continue to function on servers where it is already installed. The last release of cPanel & WHM Version 78, 78.0.48, will remain on our mirrors indefinitely. However, no further updates, including fixes for known security flaws, will be provided for Version 78. Older releases of cPanel & WHM will be removed from our mirrors.

We recommend that all customers upgrade any existing installations of cPanel & WHM Version 78 to the most recent LTS version of cPanel & WHM Version 86, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of upgrading to a supported version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgable support team can provide recommendations, upgrade assistance, and more.

About cPanel, L.L.C.

Continue reading
  62 Hits

Copyright

© Cpanel

62 Hits
MAY
21

EasyApache 4 May 21 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

2020-5-21

ea-profiles-cpanelEA-9045: Remove PHP 7.1 from the profiles since it is EOL.scl-php72EA-9067: Update scl-php72 to 7.2.31, drop 7.2.30.scl-php72-metaEA-9067: Update scl-php72 to 7.2.31, drop 7.2.30.scl-php73EA-9071: Revert new .user.ini search behavior.EA-9068: Update scl-php73 to 7.3.18, drop 7.3.17.scl-php73-metaEA-9068: Update scl-php73 to 7.3.18, drop 7.3.17.ea-php74EA-9072: Revert new .user.ini search behavior.EA-9070: Update ea-php74 to 7.4.6, drop 7.4.5.ea-php74-metaEA-9070: Update ea-php74 to 7.4.6, drop 7.4.5.ea-tomcat85EA-9060: Update ea-tomcat85 to 8.5.55, drop 8.5.54.

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with PHP versions 7.2.31, 7.3.18, and 7.4.6 and Tomcat 8.5.55. This release addresses vulnerabilities related to CVE-2019-11048 and CVE-2020-9484. We strongly encourage all PHP 7.2 users to upgrade to version 7.2.31, all PHP 7.3 users to upgrade to version 7.3.18, all PHP 7.4 users to upgrade to version 7.4.6, and all Tomcat users to upgrade to version 8.5.55.

AFFECTED VERSIONS
All versions of PHP 7.2 through 7.2.30
All versions of PHP 7.3 through 7.3.17
All versions of PHP 7.4 through 7.4.5
All versions of Tomcat 8.5 through 8.5.54


SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading
  110 Hits

Copyright

© Cpanel

110 Hits
MAY
19

cPanel TSR-2020-0003 Full Disclosure

SEC-485

Summary

Remote code execution via Exim filter path handling.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

Continue reading
  115 Hits

Copyright

© Cpanel

115 Hits
MAY
18

cPanel TSR-2020-0003 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 3.3 to 9.9.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  96 Hits

Copyright

© Cpanel

96 Hits
MAY
11

cPanel & WHM Version 88 to CURRENT!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the CURRENT tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on SlackDiscord, or Reddit!

Support for MySQL 8

cPanel & WHM Version 88 brings support for MySQL® 8 for CentOS 7, Red Hat® Enterprise Linux, and CloudLinux servers. New cPanel & WHM Version 88 instances can upgrade to MySQL in WHM’s MySQL or MariaDB Upgrade interface (WHM >> Home >> Software >> MySQL/MariaDB Upgrade) | Read More

Webmail now ships with Roundcube version 1.4

We are updating the Roundcube version in Webmail from version 1.3 to version 1.4 in cPanel & WHM Version 88. Roundcube 1.4 features a new responsive theme for mobile devices, as well as compatibility with the Calendar and Contacts Server (CCS) plugin | Read More

MySQL now streams during account transfers in WHM

When an account is transferred via WHM’s Transfer Tool interface (WHM >> Home >> Transfers >> Transfer Tool) or the Copy an Account From Another Server With an Account Password interface (WHM >> Home >> Transfers >> Copy an Account From Another Server With an Account Password), the system streams the MySQL dump if streaming is available | Read More

Continue reading
  98 Hits

Copyright

© Cpanel

98 Hits
MAY
06

EasyApache 4 May 6 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more. ea-apache2 EA-8809: Ensure that MAX_FD_LIMIT is not exceeded. EA-9047: Update POSTRANS openssl rand calls removing not found /proc entries. EA-9042: Do not …
Original author: Tabby Worthington
  63 Hits

Copyright

© Cpanel

63 Hits
APR
29

EasyApache 4 Apr 29 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more. April 29 ea-cpanel-tools     • ZC-6639: make recommendation verbiage match reality better  .  • ZC-4935: Add …
Original author: Phil Hodges
  69 Hits

Copyright

© Cpanel

69 Hits
APR
22

EasyApache 4 Apr 22 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 22

EasyApache 4

ea-apache2
     • EA-9010: Patch apache 2.4.43 to fix ssl stapling memory leak

ea-apache24-mod_lsapi
     • EA-8300: remove Provides from SPEC file to allow reinstalls

ea-cpanel-tools
     • EA-8960: Update end-of-life PHP phrase

Continue reading
  99 Hits

Copyright

© Cpanel

99 Hits
APR
15

EasyApache 4 Apr 15 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 15

EasyApache 4

ea-apache24-mod_lsapi
     • ZC-6114: Add ea-php74 to hardcoded list that rpm/switch_lsapi builds /etc/container/php.handler out of

ea-cpanel-tools
     • EA-8930: Update max_execution_time default to 30

ea-libicu
     • EA-8925: Add ea-libicu packages for PHP 7.4

Continue reading
  144 Hits

Copyright

© Cpanel

144 Hits
APR
08

EasyApache 4 Apr 8 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 8

EA4

ea-apache2
     • EA-8958: Update ea-apache2 from v2.4.41 to v2.4.43

scl-php56
     • EA-8963: Update scl-php56 libcurl version requirement to match the other PHPs

ea-cpanel-tools
     • ZC-5894: Move PHP.ini directive data to RPM

Continue reading
  99 Hits

Copyright

© Cpanel

99 Hits
APR
01

EasyApache 4 Apr 1 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

Apr 1st

EA 4

scl-ruby24-passenger
     • EA-8928: Updated the required version for ea-libcurl
     • EA-8898: Update scl-ruby24-passenger from v5.3.7 to v6.0.4

scl-php54
scl-php55
scl-php56
scl-php70
scl-php71
scl-php72
scl-php73
     • EA-8928: Updated the required version for ea-libcurl

mod_security2
     • EA-8928: Updated the required version for ea-libcurl

Continue reading
  103 Hits

Copyright

© Cpanel

103 Hits
MAR
25

EasyApache 4 Mar 25 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

March 25th

ea-apache2

EA-8786: Patch apxs to use the correct value for top_builddirEA-8927: Patch apache 2.4.x httpd for OCSP stapling bugEA-8876: Made ea-apache24 require ea-apache24-mod_headers

ea-apache2-config

ZC-3620: Factor in non-global includes from the include editor

scl-ioncube10

EA-8865: Add php-cli as a dependency

scl-php72
scl-php72-meta

Continue reading
  106 Hits

Copyright

© Cpanel

106 Hits
MAR
25

cPanel & WHM Version 84 Now EOL

March 25, 2020


With last week’s move to STABLE for Version 86, cPanel & WHM Version 84 has reached End of Life. This version will now only be supported by cPanel when upgrading to a supported version.

In accordance with our EOL policy, Version 84 will continue to function on servers where it is already installed. The last release of cPanel & WHM Version 84, 84.0.22, will remain on our mirrors indefinitely. However, no further updates, including fixes for known security flaws, will be provided for Version 84. Older releases of cPanel & WHM will be removed from our mirrors.

We recommend that all customers upgrade any existing installations of cPanel & WHM Version 84 to the most recent version of cPanel & WHM Version 86, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of upgrading to a supported version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgable support team can provide recommendations, upgrade assistance, and more.

Continue reading
  65 Hits

Copyright

© Cpanel

65 Hits
MAR
18

EasyApache 4 Mar 18 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more. 3/18/20 EA4:• ea-nodejs10     • EA-8895: Update ea-nodejs10 from v10.18.1 to v10.19.0 • …
Original author: Phil Hodges
  89 Hits

Copyright

© Cpanel

89 Hits
MAR
18

cPanel & WHM Version 86 to STABLE!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 86 to the STABLE tier! cPanel & WHM Version 86 introduces a slew of new tools and improvements to the product. With upgrades to EasyApache 4’s OpenSSL version, the introduction of TLS v1.3, a number of new and improved interfaces, a standalone mail server and more, cPanel & WHM is better than ever.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Discord or Reddit!

Upgrade EasyApache 4’s OpenSSL version to OpenSSL 1.1.1

In cPanel & WHM Version 86, we are upgrading EasyApache 4’s version of OpenSSL to version 1.1.1, enabling the use of Transport Layer Security (TLS) protocol version 1.3. You can select TLSv1.3 in the SSL/TLS Protocols option in WHM’s Global Configuration interface. | Read More

New DNS Zone Manager interface

System Administrators are now able to manage server’s DNS zones with WHM’s DNS Zone Manager interface, making the process of creating and managing DNS zone records simpler. | Read More

LTS Tier Updates

We are improving cPanel & WHM’s LTS tier to automatically update when new LTS versions are available. The Update Preferences interface is being updated to improve setting a release tier and other update settings. | Read More

Continue reading
  99 Hits

Copyright

© Cpanel

99 Hits
MAR
17

cPanel TSR-2020-0002 Full Disclosure

SEC-505 Summary Bandwidth suspensions can be triggered remotely via mail log strings. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L Description The regular expression patterns used to match bandwidth log lines in the mail log were not properly anchored. This allowed remote attackers to generate …
Original author: Phil Hodges
  64 Hits

Copyright

© Cpanel

64 Hits
Advertisement