New Kernel

Kernel was updated to version 2.6.32-896.16.1.lve1.4.53.el6.x86_64This is a re-base of the kernel to the latest version. The kernel will continue to be updated every 4 hours with the latest patches and fixes by our KernelCare service that provides reboot-less kernel patching.Changelog since kernel-2.6.32-896.16.1.lve1.4.52: CLKRN-219: fixed ... Read More »

21st Mar 2018
cPanel TSR-2018-0002 Full Disclosure

This is the full disclosure of the Targeted Security Release that was installed yesterday.SEC-338 Summary Arbitrary file chmod during legacy incremental backups. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 7.5 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N Description It was possible for a user to prepare their ... Read More »

20th Mar 2018
cPanel Targeted Security Release -2018-0002

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv3 scores ranging from 3.8 to 8.2. Information on ... Read More »

19th Mar 2018
Next Updates and Upgrades

We have been informed that the next round of upgrades and updates has tentatively been scheduled for the week starting the 26th February 2018This round of updates could make the older security protocols and cyphers obsolete, and the eMail system might not accept them as an option.I urge any users that have not upgraded to a contemporary operating ... Read More »

22nd Feb 2018
Updates and Upgrades

We have successfully updated to the latest production versions of a number of services including the exim and dovecot systems that provide our eMail services.The good news is that it would appear that I was able to maintain the legacy (and less secure) protocols and cyphers for the benefit of customers using older software.The bad news is that the ... Read More »

14th Feb 2018
Update to eMail systems

The next set of upgrades to the email services that may affect users ability to connect with older or legacy software that do not support the stricter modern security protocols and ciphers, have been published to production. It may be only a matter of hours now before they are automatically installed on our systems.I urge any users that have not ... Read More »

13th Feb 2018
Next round of Updates and Upgrades

cPanel have just released their next version to the production testing stage which, from past experience, can last anything from a couple of days to several weeks.

I think the upgrades will be released to production much sooner rather than later, so please be ready for the new security settings to go into effect.

6th Feb 2018
Updates and Upgrades

We are expecting to have the next round of system and security upgrades released for installation as early as next week (29th Jan 2018) and probably before the middle of February.At this point, we shall be returning all our security settings to the current industry standard recommendations which, almost certainly, will prevent older software from ... Read More »

28th Jan 2018
Softaculous Software Installer

As part of my on-going campaign to supply customers with up-to-date, industry standard security, I have withdrawn from the Softaculous software installer all the scripts that have not been updated by their publisher for more than 2 years.This does not preclude users from obtaining those scripts directly from their software writers and deploying ... Read More »

25th Jan 2018
eMail security and Cipher Downgrades

Following reports from a user that they were unable to send eMail from their Apple Mail after our recent upgrades to the eMail security, we have been temporarily obliged to significantly lower the levels of the eMail security and Ciphers.After extensive testing, and with the support of one of the cPanel senior engineers, we have established that ... Read More »

24th Jan 2018