cPanel TSR-2016-0003 Full Disclosure

cPanel TSR-2016-0003 Full Disclosure SEC-58 Summary SQLite journal allowed for arbitrary file overwrite during Horde Restore. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 6.6 (AV:N/AC:H/Au:S/C:C/I:C/A:N) Description During a Horde restore using the old-style CSV data files, the SQLite database is opened as the user. However, actual …

cPanel TSR-2016-0003 Announcement

cPanel TSR-2016-0003 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores …

cPanel Security Team – CVE-2016-3714 ImageMagick

cPanel Security Team – CVE-2016-3714 ImageMagick Background Information On Tuesday, May 3 2016, ImageMagick announced a vulnerability in all versions of the ImageMagick software. ImageMagick is a software package commonly used by web services to process images. Impact One of the reported vulnerabilities can potentially be exploited for remote code …

EasyApache 3 May 2016 Maintenance Update

SUMMARY cPanel, Inc. has released EasyApache 3.32.13 with PHP versions 5.5.35 and 5.6.21. This release addresses vulnerabilities related to CVE-2016-3074. We strongly encourage all PHP 5.5 users to version 5.5.35, and all PHP 5.6 users to upgrade to version 5.6.21. AFFECTED VERSIONS All versions of PHP 5.5 through version 5.5.34 …

56 Now in RELEASE Tier

Introducing cPanel & WHM 56 cPanel, Inc. has released cPanel & WHM software version 56, which is now available in the RELEASE tier. Introducing Site Publisher Hosting providers can now get their users up and running with Site Publisher, an easy-to-use static web page generator. With 3 templates to choose from, …