cPanel & WHM LTS Version 62 EOL June, 2018

The current LTS (Long Term Support) Version, cPanel & WHM version 62, will reach End of Life at the end of June, 2018. At that time, version 62 will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (, 62 will continue functioning on servers[…]

EasyApache 2018-05-22 Security Release

SUMMARY cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.60.0 and released EasyApache 3.36.5 with cURL 7.60.0 on May 22, 2018. This release addresses vulnerabilities related to CVE-2018-1000300 and CVE-2018-1000301. We strongly encourage all cURL users to update to version 7.60.0. AFFECTED VERSIONSAll versions of cURL through cURL 7.59.0 SECURITY RATINGThe National[…]

cPanel TSR-2018-0003 Full Disclosure

cPanel TSR-2018-0003 Full Disclosure SEC-393 Summary API tokens retain ACLs that are removed from accounts. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 6.4 CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H Description Starting with cPanel & WHM version 68, it became possible to limit the authorizations of a WHM API token to a subset of the ACLs assigned[…]

cPanel TSR-2018-0003 Announcement

cPanel TSR-2018-0003 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 2.2 to 6.5.[…]

EasyApache 2018-05-01 Security Release

SUMMARYcPanel, Inc. has updated RPMs for EasyApache 4 with PHP versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5 and released EasyApache 3.36.4 with PHP 5.6.36 on May 1, 2018. This release addresses vulnerabilities related to CVE-2018-10549, CVE-2018-10548, CVE-2018-10547, and CVE-2018-10546. We strongly encourage all PHP 5.6 users to update to version 5.6.36, PHP 7.0 users to update[…]