(Dec 4) Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.66, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL [More…]
(Nov 29) Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
Important: cPanel & WHM 11.34 Security Release
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system.
cPanel has rated this update as having important security impact. Information on security ratings is available at http://go.cpanel.net/securitylevels.
If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then you are highly encouraged to update your cPanel & WHM installs at your earliest convenience.
Releases
Version 11.34.0.11 of cPanel & WHM addresses all known vulnerabilities. The latest public releases of cPanel & WHM for all update tiers are published at http://httpupdate.cpanel.net.
Security Issue Information
The resolved security issues were identified by various members of the development and quality assurance teams at cPanel. There is no reason to believe that these vulnerabilities are known to the public. As such, cPanel will only release limited information regarding the vulnerabilities.
Once sufficient time has passed to allow cPanel & WHM systems to automatically update their installed software to the new versions, cPanel will release additional information regarding the nature of the security issue. This Targeted Security Release addresses five vulnerabilities. Additional information is scheduled to be released December 6, 2012, via email.
Important information about today’s update for servers that updated between 1pm – 2pm CST
Due to this morning’s security release, we are seeing heavier than normal network traffic, and have made adjustments that will compensate for this traffic. We apologize for excessive communication during this security release; we want every customer to have a good experience with our support and our software. If your server performed the update process between 1pm and 2pm CST, we recommend verifying the version number or re-running the update.
It is also important to note these issues have nothing to do with the security of cPanel software. More information about the cPanel & WHM 11.30 / 11.32 and 11.34 security announcement will be emailed and posted to www.cpanel.net December 6th 2012.
(Nov 30) Several security issues were fixed in the kernel.
50 queries. 8.75 mb Memory usage. 0.249 seconds.