Announcement - cPanel security update
Dear Valued Clients,
A bug report about a heap overflow in Exim and a patch for the exploit was released by cPanel.
What is Exim?
Exim is the mail server software cPanel & WHM servers use.
How to protect yourself?
Kindly perform an upgrade to a supported version of cPanel & WHM that are immune to the bug.
How to check your current Exim version?
You can run this command on the server:
rpm -q exim
Expected response on version 82 and the EDGE tier:
Expected response on LTS version 78:
Those cPanel Dedicated/VPS clients who not display updated versions after tryout the above steps may perform cPanel update urgently or contact support team by submitting a ticket at email@example.com
How to check cPanel version?
How to update cPanel version?
1) Log in your WHM as root.
2) Navigate to cPanel >> Upgrade to Latest Version
3) Click the Click to Upgrade button.
4) At the end you will see a message Upgrade complete
How to verify the new Exim RPM was installed:
Run the following:
rpm -q exim
The output on version 82 and the EDGE tier should resemble below:
The output on LTS version 78 should resemble below:
Run the following to ensure the CVE is in the changelog:
rpm -q --changelog exim | grep CVE-2019-16928
The output on LTS version 78, version 82, and the EDGE tier should resemble below:
- Fix buffer overflow in string_vformat. CVE-2019-16928
If you need further information and clarification on this update or if you experience difficulties after the maintenance period, please contact us via helpdesk at https://support.exabytes.com.my
Technical Support Department