MAR
16

cPanel TSR-2020-0002 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 2.2 to 5.8.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  92 Hits

Copyright

© Cpanel

92 Hits
MAR
02

cPanel Announces Comprehensive New Security Feature Addition, Making Server Security More Robust

As a leader in the hostingmanagement industry, cPanel continuously serves Web Hosting Providers and System Administrators with multiple integrated options to protect their servers. 

Houston, TX – February 3, 2020 – cPanel, L.L.C., an industry-leading hosting server management solution for the past 20 years, announced it is adding ImunifyAV+ to the suite of server security applications that integrates directly into its flagship product. The product extensions allow systems administrators to protect their installations and defend against cybersecurity threats directly from their cPanel & WHM dashboard.

ImunifyAV+ is now available for cPanel & WHM users, complementing the existing ImunifyAV application, adding extra functionality to allow infected files to be cleaned with a single click. This one-click removal makes blocking and preventing malicious code from spreading across a server environment simple.

Knowing how vital server security is, cPanel began offering CloudLinux’s ImunifyAV at no extra cost and provided their partners and customers the choice to add Imunify360, a robust security suite, to all accounts for a small monthly fee. ImunifyAV is a scanner that identifies malware and viruses, and Imunify360 is a complete security suite offering scanning, cleanup, firewalls, and proactive defenses.

“We’re proud to offer even more security options so our customers can protect their IT infrastructure,” said Kenneth Power, Vice President of Product Development at cPanel. “We now offer multiple solutions to both identify and solve security problems faced by the industry every day, providing peace of mind that servers are safeguarded from destructive virtual attacks.”

Continue reading
  163 Hits

Copyright

© Cpanel

163 Hits
FEB
26

EasyApache 4 Feb 26 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.

2020-02-26

ea-openssl
     • EA-8870: Update ea-openssl from v1.0.2t to v1.0.2u

ea-profiles-cpanel
     • EA-8864: Add php73 to the mpm_itk and worker profiles

ea-tomcat85
     • EA-8875: Update ea-tomcat85 from v8.5.50 to v8.5.51

libcurl
     • EA-8843: Update libcurl from v7.67.0 to v7.68.0

Continue reading
  101 Hits

Copyright

© Cpanel

101 Hits
FEB
18

cPanel & WHM Version 86 to RELEASE!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 86 to the RELEASE tier! cPanel & WHM Version 86 introduces a slew of new tools and improvements to the product. With upgrades to EasyApache 4’s OpenSSL version, the introduction of TLS v1.3, a number of new and improved interfaces, a standalone mail server and more, cPanel & WHM is better than ever.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on SlackDiscord, or Reddit!

Streamlined Directory Privacy interface

In cPanel & WHM Version 86, we are adding the Actions column to cPanel’s Directory Privacy interface allowing system administrators to set the directory privacy permissions for all of the subdirectories within a directory. | Read More

File Manager access when account is at full disk space

cPanel users who have reached their account disk space limit are now able to use cPanel’s File Manager to delete files. | Read More

AutoSSL improvements for DNS Certificate Authority Authorization records

We are improving the AutoSSL feature’s automatic creation of CAA records to now recognize subdomains and wildcard domains, as well as creating all of the CAA records needed to ensure that AutoSSL will issue certificates. | Read More

Continue reading
  73 Hits

Copyright

© Cpanel

73 Hits
FEB
03

cPanel & WHM Version 86 to CURRENT!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 86 to the CURRENT tier! cPanel & WHM Version 86 introduces a slew of new tools and improvements to the product. With upgrades to EasyApache 4’s OpenSSL version, the introduction of TLS v1.3, a number of new and improved interfaces, a standalone mail server and more, cPanel & WHM is better than ever.

Take a look at highlights for this version on our release site, or check out the full release notes. Then, join us on SlackDiscord, or Reddit!

Upgrade EasyApache 4’s OpenSSL version to OpenSSL 1.1.1

In cPanel & WHM Version 86, we are upgrading EasyApache 4’s version of OpenSSL to version 1.1.1, enabling the use of Transport Layer Security (TLS) protocol version 1.3. You can select TLSv1.3 in the SSL/TLS Protocols option in WHM’s Global Configuration interface. | Read More

New DNS Zone Manager interface

System Administrators are now able to manage server’s DNS zones with WHM’s DNS Zone Manager interface, making the process of creating and managing DNS zone records simpler. | Read More

LTS Tier Updates

We are improving cPanel & WHM’s LTS tier to automatically update when new LTS versions are available. The Update Preferences interface is being updated to improve setting a release tier and other update settings. | Read More

Continue reading
  62 Hits

Copyright

© Cpanel

62 Hits
JAN
29

EasyApache 4 Jan 29 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on SlackDiscord, or Reddit to talk about this update and much more.

EA4

ea-apache2
     • COBRA-10700: Optimize finding a module

ea-apache2-config
     • EA-8629: Prevent caching of defaultwebpage.cgi redirect

ea-cpanel-tools
     • EA-8784: Add PHP 7.1 to EOL recommendations

Continue reading
  93 Hits

Copyright

© Cpanel

93 Hits
JAN
22

EasyApache 4 Jan 22 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! This release is focused entirely on updating ea-openssl requirements to OpenSSL v1.1.1. Take a look at some highlights below, and then join us on Slack, Discord, or Reddit to talk about this update and much more. apr     • …
Original author: Phil Hodges
  75 Hits

Copyright

© Cpanel

75 Hits
JAN
21

cPanel TSR-2020-0001 Full Disclosure

SEC-515

Summary

Self-XSS vulnerability via temporary character set specification.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Continue reading
  94 Hits

Copyright

© Cpanel

94 Hits
JAN
20

cPanel TSR-2020-0001 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 4.7 to 9.1.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  79 Hits

Copyright

© Cpanel

79 Hits
JAN
01

Update to cPanel’s Privacy Policy

cPanel is updating our Privacy Policy in our continued commitment to helping customers and users of our software understand how we use their data and to provide transparency. The Privacy Policy has been updated to facilitate compliance with the CCPA (California Consumer Protection Act), taking effect on January 1st, 2020. Additionally, cPanel has created several links that allow users to determine what information that cPanel has and to request that we take actions related to that data. These actions include adding sections to reflect updates to our use of information and some technical corrections.

This post is a simple summary of the updates to the Privacy Policy, and we highly recommend reviewing the policy in its entirety, located here

Sale of Personal Information

The CCPA requires cPanel to disclose whether cPanel “sells” personal information. cPanel does not commercialize user information in the traditional sense. However, because some personal data is transmitted to third parties to facilitate the use of products and services, we have provided more details about this use. Our Privacy Policy contains a method for you to decide to instruct us not to use your information in this way, regardless of whether it is a “sale” in the traditional sense. We will provide other ways to make this choice in the future. It is essential that you review our privacy policy for the impact that this choice may have before making it.

Authentication

Continue reading
  88 Hits

Copyright

© Cpanel

88 Hits
DEC
23

cPanel Announces Collaboration with Google Cloud to Bring cPanel & WHM to Google Cloud Platform Marketplace

FOR IMMEDIATE RELEASE

System Administrators, Web Hosting Providers can access cPanel & WHM for cloud servers and virtual machines with GCP Marketplace.  

Houston, Texas – December 20, 2019 – cPanel L.L.C., a hosting server management solution, announced its availability on Google Cloud Platform Marketplace (GCP Marketplace), allowing customers to easily launch a Google Cloud instance with a cPanel & WHM® image. Under this new collaboration, hosting providers and direct consumers can install a license immediately after they spin up their Google Compute Engine™ instance and quickly set up and administer accounts. 

cPanel & WHM is a robust web hosting automation software suite. Containing all of the essential tools needed for hosting providers and resellers to manage customer accounts, create and maintain websites, and to secure and optimize their servers, cPanel & WHM is an integral part of supporting operations at some of the world’s most well-known hosting providers, including virtual machines and cloud servers. GCP Marketplace allows customers to easily start up familiar software packages such as cPanel & WHM with Google Compute Engine, with no manual configuration required.

“cPanel is excited to be a part of GCP Marketplace. This platform is popular with our partners and we’re looking forward to supporting them as they turn to hyperscale solutions,” says Todd Mitchell, Chief Operating Officer of WebPros™, cPanel’s parent company.

Continue reading
  100 Hits

Copyright

© Cpanel

100 Hits
DEC
23

EasyApache 4 Dec 23 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on SlackDiscord, or Reddit to talk about this update and much more.

• scl-php72
• scl-phh72-meta
     • EA-8797: Update scl-php72 from v7.2.25 to v7.2.26
     • Bcmath:
          • Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046)
     • Core:
          • Fixed bug #78862 (link() silently truncates after a null byte on Windows). (CVE-2019-11044)
          • Fixed bug #78863 (DirectoryIterator class silently truncates after a null byte). (CVE-2019-11045)
     • EXIF:
          • Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer). (CVE-2019-11050)
          • Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047)

• scl-php73
• scl-php73-meta
     • EA-8798: Update scl-php73 from v7.3.12 to v7.3.13     
     • Bcmath:
          • Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046)     
     • Core:
          • Fixed bug #78862 (link() silently truncates after a null byte on Windows). (CVE-2019-11044)
          • Fixed bug #78863 (DirectoryIterator class silently truncates after a null byte). (CVE-2019-11045)
          • Fixed bug #78943 (mail() may release string with refcount==1 twice). (CVE-2019-11049)
     • EXIF:
          • Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer). (CVE-2019-11050)
          • Fixed bug #78910 (Heap-buffer-overflow READ in exif) (CVE-2019-11047)

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with PHP versions 7.2.26 and 7.3.13. This release addresses vulnerabilities related to CVE-2019-11046, CVE-2019-11044, CVE-2019-11045, CVE-2019-11049, CVE-2019-11050, and CVE-2019-11047. We strongly encourage all PHP 7.2 users to upgrade to version 7.2.26 and all PHP 7.3 users to upgrade to version 7.3.13.

Continue reading
  109 Hits

Copyright

© Cpanel

109 Hits
DEC
18

EasyApache 4 Dec 18 Release

2019-12-18 We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Slack, Discord, or Reddit to talk about this update and much more. ea-apache2 COBRA-10665: Optimizing finding directives when parsing the configuration. ea-profiles-cpanel ZC-5770: Add iconv and mbstring to the cPanel …
Original author: Tabby Worthington
  102 Hits

Copyright

© Cpanel

102 Hits
DEC
18

cPanel & WHM Version 82 Now EOL

cPanel & WHM Version 82 Now EOL

December 18, 2019

With last week’s move to STABLE for Version 84, cPanel & WHM Version 82 has reached End of Life. This version will now only be supported by cPanel when upgrading to a supported version.

In accordance with our EOL policy, Version 82 will continue to function on servers where it is already installed. The last release of cPanel & WHM Version 84, 84.0.17, will remain on our mirrors indefinitely. However, no further updates, including fixes for known security flaws, will be provided for Version 82. Older releases of cPanel & WHM will be removed from our mirrors.

We recommend that all customers upgrade any existing installations of cPanel & WHM Version 82 to the most recent version of cPanel & WHM Version 84, which you can read about on https://releases.cpanel.net.

If your server setup complicates the process of upgrading to a supported version of cPanel & WHM (an upgrade blocker list is available at https://go.cpanel.net/blockers), then cPanel is here to help. Simply open a support ticket at https://tickets.cpanel.net/submit so that our knowledgable support team can provide recommendations, upgrade assistance, and more.

Continue reading
  106 Hits

Copyright

© Cpanel

106 Hits
DEC
11

cPanel & WHM Version 84 Now in STABLE!

We are happy to announce that cPanel, L.L.C. has released cPanel & WHM Version 84 to the STABLE tier! As a reminder, this move also means that support for cPanel & WHM Version 82 has ended. Version 84 brings another round of speed and usability improvements for the product. Now including PowerDNS for DNS …
Original author: Phil Hodges
  107 Hits

Copyright

© Cpanel

107 Hits
NOV
26

EasyApache 4 Nov 26 Release

2019-11-26 We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Slack, Discord, or Reddit to talk about this update and much more. scl-php54scl-php55scl-php56scl-php70scl-php71     • EA-8762: Update litespeed from upstream to 7.6 scl-php72scl-php72-meta     • EA-8760: …
Original author: Phil Hodges
  477 Hits

Copyright

© Cpanel

477 Hits
NOV
20

EasyApache 4 Nov 20 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Slack, Discord, or Reddit to talk about this update and much more. 2019-11-20 ea-openssl11     ZC-5606: Create ea-openssl11 package for openssl v1.1.1 ea-libcurl     EA-8739: Update libcurl …
Original author: Phil Hodges
  503 Hits

Copyright

© Cpanel

503 Hits
NOV
19

cPanel TSR-2019-0006 Full Disclosure

SEC-499

Summary

Authentication bypass due to variations in webmail username handling.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Continue reading
  465 Hits

Copyright

© Cpanel

465 Hits
NOV
18

cPanel TSR-2019-0006 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated these updates as having CVSSv3 scores ranging from 2.5 to 8.8.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  517 Hits

Copyright

© Cpanel

517 Hits
OCT
30

EasyApache 4 Oct 30 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on SlackDiscord, or Reddit to talk about this update and much more.

2019-10-30

ea-cpanel-tools
     ZC-5740: Add yum var to ea4_repo_uri_os.

ea-nodejs10
     EA-8715: Update ea-nodejs10 to 10.17.0, drop  10.16.3.

php-cli
     EA-7961: Remove deprecated -ea_php flag

scl-php71
scl-php71-meta
     EA-8722: Update scl-php71 to 7.1.33, drop 7.1.32.

Continue reading
  529 Hits

Copyright

© Cpanel

529 Hits
Advertisement