SEP
30

UPDATE EasyApache September 29 Release

cPanel, L.L.C. has released an update for EasyApache 4. Yesterday evening an issue was discovered in our ea-nginx changes that affected hosts with Service SubDomains disabled. ea-nginx EA-10959: Ensure valid nginx configuration when service subdomains are disabled More InformationInformation about all releases this year can be found in the 2022 EasyApache 4 …

The post UPDATE EasyApache September 29 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  12 Hits

Copyright

© Cpanel

12 Hits
SEP
29

EasyApache September 29 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-apache24-mod-passengerEA-10945: ea-passenger-src was updated from v6.0.14 to v6.0.15ea-apache2-configEA-10935: Account for IPv6 addresses when setting up mod_remoteipEA-10912: Setup mod_remoteip to work with all the server IPs ea-nginxEA-10751: Leave X-Forwarded-Host blank for service subdomainsEA-10671: Calculate ‘server_names_hash_bucket_size’ and ‘server_names_hash_max_size’ at config timeEA-10913:  “no resolver defined” error under a specific circumstance ea-nodejs16EA-10948: Update ea-nodejs16 from v16.17.0 to v16.17.1CVE-2022-32212: DNS rebinding in –inspect on macOS (High)CVE-2022-32213: bypass via obs-fold mechanic (Medium)CVE-2022-35255: Weak randomness in WebCrypto keygenCVE-2022-35256: HTTP Request Smuggling – Incorrect Parsing of Header Fields (Medium)ea-passenger-srcEA-10945: Update ea-passenger-src from v6.0.14 to v6.0.15ea-php80ZC-10260: Link deb against libcurl 4 explicitlyea-php81ZC-10260: Link deb against libcurl 4 explicitly ea-ruby27-passengerEA-10946: Update ea-ruby27-passenger from v6.0.14 to v6.0.15

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with NodeJS version 16.17.1. This release addresses vulnerabilities related to CVE-2022-32212, CVE-2022-32213, CVE-2022-35255, and CVE-2022-35256. We strongly encourage all NodeJS users to update to version 16.17.1.

AFFECTED VERSIONS
All versions of NodeJS through 16.17.0.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

Continue reading
  15 Hits

Copyright

© Cpanel

15 Hits
SEP
21

cPanel® Version 106 now in STABLE!

We are happy to announce that cPanel Version 106 has now been released to the STABLE tier!  To fully explore all the changes in Version 106, as well as see detailed information about all cPanel & cPanel WebHost Manager versions, visit the release notes. More Information Our Release site also provides …

The post cPanel® Version 106 now in STABLE! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  21 Hits

Copyright

© Cpanel

21 Hits
SEP
21

EasyApache September 21 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache September 21 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  21 Hits

Copyright

© Cpanel

21 Hits
SEP
07

EasyApache September 7 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache September 7 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  41 Hits

Copyright

© Cpanel

41 Hits
SEP
01

cPanel® Version 106 now in RELEASE!

We are happy to announce that cPanel Version 106 has now been released to the RELEASE tier!  What’s new in Version 106? So much! Some of the features we’re most excited about include: The ability to customize the Favorites section in WHM by pinning your most-used features. The return of user, …

The post cPanel® Version 106 now in RELEASE! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  58 Hits

Copyright

© Cpanel

58 Hits
AUG
31

EasyApache August 31 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 31 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  56 Hits

Copyright

© Cpanel

56 Hits
AUG
24

EasyApache August 24 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 24 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  65 Hits

Copyright

© Cpanel

65 Hits
AUG
17

EasyApache August 17 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 17 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  68 Hits

Copyright

© Cpanel

68 Hits
AUG
16

cPanel TSR-2022-0003 Full Disclosure

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

SEC-646

Summary

Explicitly set the error log in scripts/cleanphpsessions.php.

Security Rating

Continue reading
  80 Hits

Copyright

© Cpanel

80 Hits
AUG
15

cPanel TSR-2022-0003 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated this update as having a CVSSv3.1 score of 2.3 to 7.8.

Information on cPanel’s security ratings is available at https://go.cpanel.net/securitylevels.

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES

Continue reading
  70 Hits

Copyright

© Cpanel

70 Hits
AUG
10

EasyApache August 10 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 10 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  72 Hits

Copyright

© Cpanel

72 Hits
AUG
03

EasyApache August 3 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache August 3 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  92 Hits

Copyright

© Cpanel

92 Hits
JUL
27

EasyApache July 27 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 27 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  74 Hits

Copyright

© Cpanel

74 Hits
JUL
20

EasyApache July 20 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 20 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  85 Hits

Copyright

© Cpanel

85 Hits
JUL
18

cPanel® Version 106 now in CURRENT!

We are happy to announce that cPanel Version 106 has now been released to the CURRENT tier!  To fully explore all the changes in Version 106, as well as see detailed information about all cPanel & cPanel WebHost Manager versions, visit the release notes. More Information Our Release site also provides an …

The post cPanel® Version 106 now in CURRENT! first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  97 Hits

Copyright

© Cpanel

97 Hits
JUL
13

EasyApache July 13 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 13 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  102 Hits

Copyright

© Cpanel

102 Hits
JUL
13

EasyApache July 13 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on …

The post EasyApache July 13 Release first appeared on cPanel Newsroom.
Original author: Rhoda Arnes
  104 Hits

Copyright

© Cpanel

104 Hits
JUL
06

EasyApache July 6 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-libzipEA-10807: Update ea-libzip from v1.9.0 to v1.9.2
ea-ruby27-rubygem-rackEA-10810: Update ea-ruby27-rubygem-rack from v2.2.3 to v2.2.4
ea-openssl11EA-10811: Update ea-openssl11 from v1.1.1p to v1.1.1qAES OCB fails to encrypt some bytes (CVE-2022-2097)

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1q. This release addresses vulnerabilities related to CVE-2022-2097. We strongly encourage all OpenSSL users to update to version 1.1.1q.

AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1p.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2022-2097 – MEDIUM
OpenSSL 1.1.1q
Fixed vulnerability related to CVE-2022-2097.

Continue reading
  111 Hits

Copyright

© Cpanel

111 Hits
JUN
29

EasyApache June 29 Release

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-nghttp2EA-10794: Update ea-nghttp2 from v1.47.0 to v1.48.0ea-nginxEA-10795: Update ea-nginx from v1.22.0 to v1.23.0ea-nginx-njsEA-10772: Update ea-nginx-njs from v0.7.4 to v0.7.5libcurlEA-10790: Update libcurl from v7.83.1 to v7.84.0CVE-2022-32208: FTP-KRB bad message verificationCVE-2022-32207: Unpreserved file permissionsCVE-2022-32206: HTTP compression denial of serviceCVE-2022-32205: Set-Cookie denial of service

SUMMARY
cPanel, L.L.C. has released updated packages for EasyApache 4 with libcurl version 7.84.0. This release addresses vulnerabilities related to CVE-2022-32208, CVE-2022-32207, CVE-2022-32206, and CVE-2022-32205. We strongly encourage all EA4 users to update to version 7.84.0 of libcurl.

AFFECTED VERSIONS
All versions of libcurl through 7.83.1.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2022-32208 – MEDIUM
libcurl 7.84.0
Fixed vulnerability related to FTP-KRB bad-message verification

Continue reading
  130 Hits

Copyright

© Cpanel

130 Hits
Advertisement