Latest Kernel Microcodes applied and the server rebooted.
Updated to the latest cpanel-dovecot-solr-6.6.2-8.1 that allows full text searching of mail messages in webmail.
Our database engine has been updated to MariaDB-server-10.1.35-1
TSR-2018-0004 has been installed. The cPanel Security Team and independent security researchers identified the resolved security issues. There is no reason to believe that these vulnerabilities have been made known to the public. As such, cPanel will only release limited information about the vulnerabilities at this time. Once sufficient time ... Read More »
The server received today a significant number of updates to various core systems, amongst which was:
Kernel microcode_ctl.x86_64 1:1.17-33.1.el6
As a result of this microcode, the server was rebooted to take full advantage of the protection it offers against the Spectre and Meltdown vulnerabilities.
As a result of the predictable (at least by everyone except the politicians that passed it) chaos that the new GDPR regulations have caused, we have been obliged to temporarily disable any domain transfers to our registration repositories.We hope that after the various registrars get a grip on the new regulations, we may be able to re-instate this ... Read More »
Full Disclosure.At 09:00 UTC on Thursday 21st June 2018, the invoicing system we use generated a number of invalid invoices for domain renewals and services, that were subsequently sent to many of our clients.We suspect these invoices were sent as a result of attempting to change the way the invoicing system worked to create continuous invoicing, ... Read More »
Latest Kernel microcodes applied and server rebooted
Kernel was updated to version 2.6.32-896.16.1.lve1.4.54.el6.x86_64 and the server was rebooted.This is a re-base of the kernel to the latest version. The kernel will continue to be updated every 4 hours with the latest patches and fixes by our KernelCare service that provides reboot-less kernel patching. Changelog: CLKRN-250: solved a conflict ... Read More »
TSR-2018-0003 has been installed.After a reasonable time, further details of what security issues this release addresses, will be made public.UPDATE 22nd May 2018 cPanel TSR-2018-0003 Full Disclosure SEC-393 Summary API tokens retain ACLs that are removed from accounts. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of ... Read More »