(Mar 24) Apache HTTP server could be made to crash if it received specially craftednetwork traffic.
Comment
(Mar 24) Updated net-snmp packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate [More…]
(Mar 24) Updated net-snmp packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate [More…]
cPanel TSR-2014-0003 Announcement
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.
cPanel has rated these updates as having security impact levels ranging from Minor to Critical.
Information on cPanel’s security ratings is available at http://go.cpanel.net/securitylevels.
If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience.
RELEASES
The following cPanel & WHM versions address all known vulnerabilities:
* 11.42.0.23 & Greater
* 11.40.1.13 & Greater
* 11.38.2.23 & Greater
The latest public releases of cPanel & WHM for all update tiers are available at http://httpupdate.cpanel.net.
SECURITY ISSUE INFORMATION
The cPanel security team and independent security researchers identified the resolved security issues. There is no reason to believe that these vulnerabilities have been made known to the public. As such, cPanel will only release limited information about the vulnerabilities at this time.
Once sufficient time has passed, allowing cPanel & WHM systems to automatically update to the new versions, cPanel will release additional information about the nature of the security issues. This Targeted Security Release addresses 47 vulnerabilities in cPanel & WHM software versions 11.42, 11.40, and 11.38.
Additional information is scheduled for release on March 26th, 2014.
For information on cPanel & WHM Versions and the Release Process, read our documentation at:
http://go.cpanel.net/versionformat
For the PGP signed message, please go to: http://cpanel.net/wp-content/uploads/2014/03/TSR-2014-0003-Accouncement.txt
Plesk 12 preview w/ Fail2Ban, ModSecurity, WordPress Toolkit & Outgoing Antispam available: https://sp.parallelsnetwork.com/plesk-12-preview Tell us what you think!
Besides these groundbreaking features you can also play with mobile-ready UI for Power User and Customer views, latest version of Web Presence Builder with great new website designs among other features, granular restoration of backup files, and many other improvements. Your feedback can make all the difference, so let your voice be heard!