En

cPanel官网安全更新(2021-10-25)

来源:cPanel官网 发布日期:2021-10-25 阅读次数:479 评论:0

基本信息

发布日期:2021-10-25(官方当地时间)

更新类型:安全更新

更新版本:98.0.10

感知时间:2021-11-18 10:37:58

风险等级:未知

情报贡献:TSRC

更新标题

Change Log for 98.0.10

更新详情

[security] Fixed case SEC-592: Arbitrary code execution via install_locallib_loginprofile script.[security] Fixed case SEC-593: Cpanel::SecureDownload executes shell commands in an insecure manner.[security] Fixed case SEC-597, SEC-598, SEC-599, SEC-608: Stored-XSS Vulnerability in ModSecurity Rules Interface.[security] Fixed case SEC-600: Reflected-XSS Vulnerability in ModSecurity Vendors Interface.[security] Fixed case SEC-602: Self-XSS Vulnerability in WHM Change Hostname interface.[security] Fixed case SEC-603: Self-stored XSS Vulnerability in WHM Edit Reseller Nameservers and Privileges interface.[security] Fixed case SEC-604: Self-XSS Vulnerability in cPanel Default Address Interface.[security] Fixed case SEC-606: Passphrase submitted via GET request in scripts2/dogencrt.Fixed case ART-1278: Improvement for license type and status detection.Fixed case ART-1278: When transitioning from a trial, retain automatically enabled analytics for root.Fixed case COBRA-13471: Set OpenSSL verification to use “trusted-first” logic.Fixed case CPANEL-38674: Update the license change detector to use more reliable way to detect trial licenses.Fixed case CPANEL-39074: Update cpanel-mailman to 2.1.35-1.cp1198.Fixed case CPANEL-39103: Update cpanel-php73 to 7.3.32-1.cp1198.Fixed case CPANEL-30985: Run update gatherer from cron instead of upcp.Fixed case CPANEL-37391: Improve the functionality of cPanel theme selection in the Firefox browser.Fixed case CPANEL-37823: Fix cpsrvd’s redirection to a child node when hostname mismatches.Fixed case CPANEL-38167: Fix/prevent bugs regarding duplicate hostname-history entries.Fixed case CPANEL-38222: Fix sync'ing DNS Clusters with DNSSEC keys or invalid SOA records.Fixed case CPANEL-38313: Update Jupiter Tools page to show default group icon.Fixed case CPANEL-38321: Ensure mytop is removed during upgrades to MariaDB 10.5 (v98).Fixed case CPANEL-38427: Expands feature description of the Mail module to end user.Fixed case CPANEL-38430: Fix the Security Advisor's incorrect advisement to add KernelCare's free symlink protection on CloudLinux.Fixed case CPANEL-38473: Update cpanel-perl-532-mail-spamassassin to 3.004004-6.cp1198.Fixed case CPANEL-38668: Ensure wp-toolkit iContact notifications are able to be sent.

软件描述

cPanel 是一套在网页寄存业中最享负盛名的商业软件,是基于于 Linux 和 BSD 系统及以 PHP 开发且性质为闭源软件;提供了足够强大和相当完整的主机管理功能,诸如:Webmail 及多种电邮协议、网页化 FTP 管理、SSH 连线、数据库管理系统、DNS 管理等远端网页式主机管理软件功能。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入