Announcement - cPanel security update
Dear Valued Clients,
A bug report about a heap overflow in Exim and a patch for the exploit was released by cPanel.
News:
https://documentation.cpanel.net/display/CKB/Exim+CVE-2019-16928
What is Exim?
Exim is the mail server software cPanel & WHM servers use.
How to protect yourself?
Kindly perform an upgrade to a supported version of cPanel & WHM that are immune to the bug.
How to check your current Exim version?
You can run this command on the server:
=========
rpm -q exim
=========
Expected response on version 82 and the EDGE tier:
exim-4.92-4.cp1180.x86_64 |
Expected response on LTS version 78:
exim-4.92-6.cp1178.x86_64 |
Those cPanel Dedicated/VPS clients who not display updated versions after tryout the above steps may perform cPanel update urgently or contact support team by submitting a ticket at [email protected]
How to check cPanel version?
How to update cPanel version?
1) Log in your WHM as root.
2) Navigate to cPanel >> Upgrade to Latest Version
3) Click the Click to Upgrade button.
4) At the end you will see a message Upgrade complete
How to verify the new Exim RPM was installed:
Run the following:
rpm -q exim |
The output on version 82 and the EDGE tier should resemble below:
exim-4.92-4.cp1180.x86_64 |
The output on LTS version 78 should resemble below:
exim-4.92-6.cp1178.x86_64 |
Run the following to ensure the CVE is in the changelog:
rpm -q --changelog exim | grep CVE-2019-16928 |
The output on LTS version 78, version 82, and the EDGE tier should resemble below:
- Fix buffer overflow in string_vformat. CVE-2019-16928 |
If you need further information and clarification on this update or if you experience difficulties after the maintenance period, please contact us via helpdesk at https://support.exabytes.com.my
Best Regards,
Support Team
......................................
Technical Support Department