said
11-02-2013, بتوقيت غرينيتش 01:02 AM
SECURITY ADVISORY: Official Horde Update to 3.1.7 and upgrades to
cPanel's PHP application security model
available in cPanel builds 11.18.3 and 11.19.3.
----------------------
Summary:
The Horde webmail application framework has been updated to 3.1.7.
Upgrades have
been made in cPanel's PHP application security model.
Description:
The Horde webmail application framework has been updated to 3.1.7 for
the official
fix to the previously announced arbitrary file inclusion
vulnerability. cPanel has
also made upgrades in cPanel's PHP application security model for
Horde,
PHPMyAdmin, and PHPPGAdmin. These upgrades have been made to
minimize
or mitigate
undiscovered vulnerabilities in these third-party applications while
running within
a cPanel installation.
Fix Details:
It is recommended that all cPanel servers running Horde be updated to
either
cPanel 11.18.3 or cPanel 11.19.3. If you do not wish to update
cPanel, it is
strongly recommended that you keep Horde disabled until these updates
have been
applied. You can disable horde on your cPanel system by unchecking
WHM ->
Server Configuration -> Tweak Settings -> Mail -> Horde Webmail, and
saving with
the new settings.
You can check your current version of cPanel by executing:
/usr/local/cpanel/cpanel -V
Updates can be run via the following command executed from a root
shell:
/scripts/upcp
Updates can be run through WHM as well. Login to WHM, then select
cPanel -> Upgrade
to Latest Version -> Click to Upgrade.
References:
http://lists.horde.org/archives/anno...08/000382.html (http://lists.horde.org/archives/announce/2014/000382.html)
Credits:
cPanel would also like to thank Jeff Petersen and Rob Brown for the
additional
security information provided with regards to this update.
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
cPanel's PHP application security model
available in cPanel builds 11.18.3 and 11.19.3.
----------------------
Summary:
The Horde webmail application framework has been updated to 3.1.7.
Upgrades have
been made in cPanel's PHP application security model.
Description:
The Horde webmail application framework has been updated to 3.1.7 for
the official
fix to the previously announced arbitrary file inclusion
vulnerability. cPanel has
also made upgrades in cPanel's PHP application security model for
Horde,
PHPMyAdmin, and PHPPGAdmin. These upgrades have been made to
minimize
or mitigate
undiscovered vulnerabilities in these third-party applications while
running within
a cPanel installation.
Fix Details:
It is recommended that all cPanel servers running Horde be updated to
either
cPanel 11.18.3 or cPanel 11.19.3. If you do not wish to update
cPanel, it is
strongly recommended that you keep Horde disabled until these updates
have been
applied. You can disable horde on your cPanel system by unchecking
WHM ->
Server Configuration -> Tweak Settings -> Mail -> Horde Webmail, and
saving with
the new settings.
You can check your current version of cPanel by executing:
/usr/local/cpanel/cpanel -V
Updates can be run via the following command executed from a root
shell:
/scripts/upcp
Updates can be run through WHM as well. Login to WHM, then select
cPanel -> Upgrade
to Latest Version -> Click to Upgrade.
References:
http://lists.horde.org/archives/anno...08/000382.html (http://lists.horde.org/archives/announce/2014/000382.html)
Credits:
cPanel would also like to thank Jeff Petersen and Rob Brown for the
additional
security information provided with regards to this update.
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
