We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-openssl11

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1o. This release addresses vulnerabilities related to CVE-2022-1473 and CVE-2022-1292. We strongly encourage all OpenSSL users to upgrade to version 1.1.1o.

AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1n.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-modsec2-rules-owasp-crs

ea-nginx

ea-tomcat85

ea-php80

ea-php80-meta

ea-php81

ea-php81-meta

ea-nodejs16

ea-cpanel-tools

ea-profiles-cpanel

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1n in NodeJS. This release addresses vulnerabilities related to CVE-2022-0778. We strongly encourage all NodeJS users to upgrade to version 16.14.2 and take advantage of this OpenSSL fix.

AFFECTED VERSIONS
All versions of NodeJS through 16.14.1.
All versions of OpenSSL through 1.1.1m.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2022-0778 – HIGH
OpenSSL 1.1.1n
Fixed vulnerability related to CVE-2022-0778.

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-openssl11

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1n. This release addresses vulnerabilities related to CVE-2022-0778. We strongly encourage all OpenSSL users to upgrade to version 1.1.1n.

AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1m.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

HOUSTON, March 9, 2022 /PRNewswire/ — cPanel® L.L.C., the Hosting Platform of Choice, a WebPros® portfolio company, is expanding its collaboration with Ubuntu to provide full support for Ubuntu LTS 20.04 with cPanel & WHM version 102.

In the winter of 2020, CentOS 8 announced that it would be reaching its end-of-life in December of 2021. This news was somewhat unexpected in the open-source and web hosting worlds. In response, cPanel has been working towards providing solutions that will benefit our partners and customers and expand options as we move forward together.

Our Commitment to Growth
Aila Power, VP of Product Development, said: “Ubuntu is a solid Linux Distribution with a great track record of security and innovation. I’m really excited that cPanel & WHM are now available on this distro that is the first choice for many when they build a new application.” We provide greater Operating System (OS) diversity, more substantial stability, and increased safety for our customers and their customers. 

Our collaboration with Ubuntu will give cPanel & WHM users more open-source Linux distribution architecture options within their current infrastructure while providing a more robust business suite of solutions to help customers scale and expand their business hosting operations.

“Ubuntu has long been the platform of choice for large scale compute estates and Canonical are delighted to partner with cPanel to mitigate the impact on long term stability and predictability brought about by the changes to CentOS” shared Mark Lewis, VP of Application Services, at Canonical | Ubuntu.

HOUSTON, March 8, 2022 /PRNewswire/ — WebPros®, the global leader in hosting automation software, announced that its Board of Directors has appointed Christian Koch as Chief Executive Officer, effective immediately. Koch will succeed Jens Meggers, who stepped down in December of 2021 to pursue other opportunities.

WebPros companies include hosting management solutions cPanel®, Plesk®, and WHMCS®, which provide a comprehensive suite of solutions and broad capabilities to their expanding set of partners and customers.

Christian Koch is a seasoned industry leader with over 20+ years of experience in executive roles, most recently with GoDaddy EMEA and Host Europe. As Vice President of Partners Brands at GoDaddy, Koch led the company’s partner portfolio of acquired hosting and product brands, including Media Temple and Sucuri in the US, Domain Factory, Host Europe, Heart Internet, and TsoHost in Europe, bringing together strong tech teams fostering collaboration and innovation. Christian prides himself in helping customers’ businesses thrive by providing the tools and insight to transform their ideas and personal initiatives into business success.

“Christian Koch is a perfect fit to lead WebPros to greater growth enabled by his deep understanding of our business partners and customers,” said Mark Templeton, former Citrix CEO, and WebPros Board Chairman. “We are excited by his vision for the company, inspired by his extensive accomplishments in the web hosting industry. His broad executive experience makes him the perfect leader to drive value for our employees, customers, and shareholders.”

“I could not be more excited to be joining WebPros. It is a privilege and an honor to lead such an important, world-class, and diverse organization,” stated Koch. “WebPros group of companies is a unique organization that has grown significantly in its market. This year we are focused on supercharging our efforts to bring even more value to our customers by improving operations, and taking the organization, our partnerships, and our product portfolio to the next level.”

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

2022-2-23

ea-nginx

ea-php74

ea-php80

ea-php81

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 7.4.28, 8.0.16, and 8.1.3. This release addresses vulnerabilities related to CVE-2021-21708. We strongly encourage all PHP 7.4 users to upgrade to version 7.4.28, all PHP 8.0 users to update to version 8.0.16, and all PHP 8.1 users to upgrade to version 8.1.3.

AFFECTED VERSIONS
All versions of PHP 7.4 through 7.4.27.
All versions of PHP 8.0 through 8.0.15.
All versions of PHP 8.1 through 8.1.2.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

SEC-594

Summary

Avoid usage of predictable PostgreSQL socket in /tmp.

Security Rating

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.

cPanel has rated this update as having a CVSSv3.1 score of 2.2 to 9.6.

Information on cPanel’s security ratings is available at Security Levels | cPanel & WHM Documentation .

If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.

RELEASES