Announcement - cPanel security update


Dear Valued Clients,

A bug report about a heap overflow in Exim and a patch for the exploit was released by cPanel.


What is Exim?

Exim is the mail server software cPanel & WHM servers use.

How to protect yourself?

Kindly perform an upgrade to a supported version of cPanel & WHM that are immune to the bug.

How to check your current Exim version?

You can run this command on the server:


rpm -q exim


Expected response on version 82 and the EDGE tier:


Expected response on LTS version 78:


Those cPanel Dedicated/VPS clients who not display updated versions after tryout the above steps may perform cPanel update urgently or contact support team by submitting a ticket at

How to check cPanel version?

How to update cPanel version?

1) Log in your WHM as root.

2) Navigate to cPanel >> Upgrade to Latest Version

3) Click the Click to Upgrade button

4) At the end you will see a message Upgrade complete

How to verify the new Exim RPM was installed:

 Run the following:

rpm -q exim

The output on version 82 and the EDGE tier should resemble below:


The output on LTS version 78 should resemble below:


Run the following to ensure the CVE is in the changelog:

rpm -q --changelog exim | grep CVE-2019-16928

The output on LTS version 78, version 82, and the EDGE tier should resemble below:

- Fix buffer overflow in string_vformat.  CVE-2019-16928

If you need further information and clarification on this update or if you experience difficulties after the maintenance period, please contact us via helpdesk at

Best Regards,

Support Team
Technical Support Department