Announcement - cPanel security update (Dec 2021)

Dear Valued Clients,

cPanel published an update with the mitigation for CVE-2021-44228 to the cpanel-dovecot-solr RPM.

Official reference.

What is CVE-2021-44228?

A critical vulnerability that’s affecting a Java logging package log4j  which is used in a significant amount of software, including Apache,  Apple iCloud, Steam, Minecraft, and others.

How to obtaining the Mitigation for CVE-2021-44228?

You can run a cPanel Update which will update the cpanel-dovecot-solr RPM for you:

How to update cPanel/WHM

Alternatively you could update just the cpanel-dovecot-solr RPM via YUM as the root user with the following command:

yum update cpanel-dovecot-solr

If you previously uninstalled cPanel Solr, you may install it again with the steps in this guide

How to Install cPanel Solr

Verifying That You Have The Mitigation In Place

1. Login to the server via SSH or Terminal as the root user

2. Issue the following command:

rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455

If the mitigation has been successfully added to your server you will see the following output:


# rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455

* Fri Dec 10 2021 Tim Mullin <> - 8.8.2-4.cp1180

- CPANEL-39455: Add mitigation for CVE-2021-44228

If  you need further information and clarification or if you experience  difficulties after the updating please contact us via helpdesk

Best Regards,

Support Team
Technical Support Department