We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

July 1

scl-ruby34-rubygem-rack
     • EA-9120: Update scl-ruby24-rubygem-rack from v2.2.2 to v2.2.3

ea-apr-util
     • EA-9121: ea-apr-util-mysql not linked to ea-openssl11 but system

libcurl
     • EA-9124: Update libcurl from v7.70.0 to v7.71.0
     • CVE-2020-8169: Partial password leak over DNS on HTTP redirect
     • CVE-2020-8177: curl overwrite local file with -J

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the STABLE tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Discord, Forums, or Reddit!

Support for MySQL 8

cPanel & WHM Version 88 brings support for MySQL® 8 for CentOS 7, Red Hat® Enterprise Linux, and CloudLinux servers. New cPanel & WHM Version 88 instances can upgrade to MySQL in WHM’s MySQL or MariaDB Upgrade interface (WHM >> Home >> Software >> MySQL/MariaDB Upgrade) | Read More

Webmail now ships with Roundcube version 1.4

We are updating the Roundcube version in Webmail from version 1.3 to version 1.4 in cPanel & WHM Version 88. Roundcube 1.4 features a new responsive theme for mobile devices, as well as compatibility with the Calendar and Contacts Server (CCS) plugin | Read More

MySQL now streams during account transfers in WHM

When an account is transferred via WHM’s Transfer Tool interface (WHM >> Home >> Transfers >> Transfer Tool) or the Copy an Account From Another Server With an Account Password interface (WHM >> Home >> Transfers >> Copy an Account From Another Server With an Account Password), the system streams the MySQL dump if streaming is available | Read More

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

2020-6-17

ea-apache2-config

ea-documentroot

ea-libzip

ea-nghttp2

ea-nodejs10

ea-tomcat85

scl-php72

scl-php73

ea-php74

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with nghttp2 version 1.41.0 and NodeJS version 10.21.0. This release addresses vulnerabilities related to CVE-2020-11080, CVE-2020-8174, and CVE-2020-10531. We strongly encourage all nghttp users to upgrade to version 1.41.0 and all NodeJS users to upgrade to version 10.21.0.

AFFECTED VERSIONS
All versions of nghttp2 through 1.40.0
All versions of NodeJS through 10.20.1

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the RELEASE tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Slack, Discord, or Reddit!

ImunifyAV

CloudLinux’s advanced suite of website security tools, ImunifyAV, is now available free by default on new installations. An upgrade to ImunifyAV+ can be purchased directly within the Imunify tool (WHM >> Home >> Plugins >> ImunifyAV) in Version 88 | Read More

Streamlined Directory Privacy interface

cPanel & WHM Version 88 brings a more streamlined experience to the Directory Privacy interface (cPanel >> Home >> Files >> Directory Privacy), including allowing cPanel users to set the privacy permissions for all subdirectories within a directory | Read More

MySQL Upgrade Checker

In cPanel & WHM Version 88, we are adding the MySQL® Upgrade Checker that checks if an upgrade from MySQL 5.7 to 8.x will work on the MySQL configuration file and table engine, and is located in MySQL/MariaDB Upgrade interface (WHM >> Home >> SQL Services >> MySQL/MariaDB Upgrade) | Read More

With cPanel & WHM Version 88 moving to CURRENT, cPanel & WHM Version 78 has reached End of Life. This version will now only be supported by cPanel when upgrading to a supported version.

In accordance with our EOL policy, Version 78 will continue to function on servers where it is already installed. The last release of cPanel & WHM Version 78, 78.0.48, will remain on our mirrors indefinitely. However, no further updates, including fixes for known security flaws, will be provided for Version 78. Older releases of cPanel & WHM will be removed from our mirrors.

We recommend that all customers upgrade any existing installations of cPanel & WHM Version 78 to the most recent LTS version of cPanel & WHM Version 86, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of upgrading to a supported version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgable support team can provide recommendations, upgrade assistance, and more.

About cPanel, L.L.C.

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

2020-5-21

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with PHP versions 7.2.31, 7.3.18, and 7.4.6 and Tomcat 8.5.55. This release addresses vulnerabilities related to CVE-2019-11048 and CVE-2020-9484. We strongly encourage all PHP 7.2 users to upgrade to version 7.2.31, all PHP 7.3 users to upgrade to version 7.3.18, all PHP 7.4 users to upgrade to version 7.4.6, and all Tomcat users to upgrade to version 8.5.55.

AFFECTED VERSIONS
All versions of PHP 7.2 through 7.2.30
All versions of PHP 7.3 through 7.3.17
All versions of PHP 7.4 through 7.4.5
All versions of Tomcat 8.5 through 8.5.54

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

SEC-485

Summary

Remote code execution via Exim filter path handling.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 3.3 to 9.9.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 88 to the CURRENT tier! This newest version brings many quality of life improvements for MySQL, including the added support of MySQL 8. Version 88 also brings Rouncube version 1.4 (with a new responsive theme for mobile devices and CCS compatibility), the addition of ImunifyAV, the leading malware scanning solution, and the ability to upgrade to ImunifyAV+, as well as streamlining of a number of in product interfaces.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Slack, Discord, or Reddit!

Support for MySQL 8

cPanel & WHM Version 88 brings support for MySQL® 8 for CentOS 7, Red Hat® Enterprise Linux, and CloudLinux servers. New cPanel & WHM Version 88 instances can upgrade to MySQL in WHM’s MySQL or MariaDB Upgrade interface (WHM >> Home >> Software >> MySQL/MariaDB Upgrade) | Read More

Webmail now ships with Roundcube version 1.4

We are updating the Roundcube version in Webmail from version 1.3 to version 1.4 in cPanel & WHM Version 88. Roundcube 1.4 features a new responsive theme for mobile devices, as well as compatibility with the Calendar and Contacts Server (CCS) plugin | Read More

MySQL now streams during account transfers in WHM

When an account is transferred via WHM’s Transfer Tool interface (WHM >> Home >> Transfers >> Transfer Tool) or the Copy an Account From Another Server With an Account Password interface (WHM >> Home >> Transfers >> Copy an Account From Another Server With an Account Password), the system streams the MySQL dump if streaming is available | Read More

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 22

EasyApache 4

ea-apache2
     • EA-9010: Patch apache 2.4.43 to fix ssl stapling memory leak

ea-apache24-mod_lsapi
     • EA-8300: remove Provides from SPEC file to allow reinstalls

ea-cpanel-tools
     • EA-8960: Update end-of-life PHP phrase

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 15

EasyApache 4

ea-apache24-mod_lsapi
     • ZC-6114: Add ea-php74 to hardcoded list that rpm/switch_lsapi builds /etc/container/php.handler out of

ea-cpanel-tools
     • EA-8930: Update max_execution_time default to 30

ea-libicu
     • EA-8925: Add ea-libicu packages for PHP 7.4

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

April 8

EA4

ea-apache2
     • EA-8958: Update ea-apache2 from v2.4.41 to v2.4.43

scl-php56
     • EA-8963: Update scl-php56 libcurl version requirement to match the other PHPs

ea-cpanel-tools
     • ZC-5894: Move PHP.ini directive data to RPM

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

Apr 1st

EA 4

scl-ruby24-passenger
     • EA-8928: Updated the required version for ea-libcurl
     • EA-8898: Update scl-ruby24-passenger from v5.3.7 to v6.0.4

scl-php54
scl-php55
scl-php56
scl-php70
scl-php71
scl-php72
scl-php73
     • EA-8928: Updated the required version for ea-libcurl

mod_security2
     • EA-8928: Updated the required version for ea-libcurl

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

March 25th

ea-apache2

ea-apache2-config

scl-ioncube10

scl-php72
scl-php72-meta

March 25, 2020

With last week’s move to STABLE for Version 86, cPanel & WHM Version 84 has reached End of Life. This version will now only be supported by cPanel when upgrading to a supported version.

In accordance with our EOL policy, Version 84 will continue to function on servers where it is already installed. The last release of cPanel & WHM Version 84, 84.0.22, will remain on our mirrors indefinitely. However, no further updates, including fixes for known security flaws, will be provided for Version 84. Older releases of cPanel & WHM will be removed from our mirrors.

We recommend that all customers upgrade any existing installations of cPanel & WHM Version 84 to the most recent version of cPanel & WHM Version 86, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of upgrading to a supported version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgable support team can provide recommendations, upgrade assistance, and more.

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 86 to the STABLE tier! cPanel & WHM Version 86 introduces a slew of new tools and improvements to the product. With upgrades to EasyApache 4’s OpenSSL version, the introduction of TLS v1.3, a number of new and improved interfaces, a standalone mail server and more, cPanel & WHM is better than ever.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on Discord or Reddit!

Upgrade EasyApache 4’s OpenSSL version to OpenSSL 1.1.1

In cPanel & WHM Version 86, we are upgrading EasyApache 4’s version of OpenSSL to version 1.1.1, enabling the use of Transport Layer Security (TLS) protocol version 1.3. You can select TLSv1.3 in the SSL/TLS Protocols option in WHM’s Global Configuration interface. | Read More

New DNS Zone Manager interface

System Administrators are now able to manage server’s DNS zones with WHM’s DNS Zone Manager interface, making the process of creating and managing DNS zone records simpler. | Read More

LTS Tier Updates

We are improving cPanel & WHM’s LTS tier to automatically update when new LTS versions are available. The Update Preferences interface is being updated to improve setting a release tier and other update settings. | Read More