TO - All Hosts - IMPORTANT - SECURITY ALERT - URGENT !!

SECURITY ALERT: Horde arbitrary file inclusion vulnerability​

We at LaceHost have already updated cPanel to the latest version.
I would recommend all of you to do so too.

Thank you
Ishan

 

Thanks a lot Ishan.
Regards

 

Umm this was out 2 days ago and I already updated everything . This will probably warn others.

- Prilep

 

????????????
The update was released on 6th March , & its still 6th March in some parts of the world

http://changelog.cpanel.net/

 

I was saying the problem with horde was released a couple of days ago and I disabled it right away .

- Prilep

 

HI, yes, I got a IM from the head server tech at my data center telling me to update as well, so all of you on our servers, we will be updating this soon..

Thanks for the heads up..

 

Hi thanks yes our techs have updated thank you.

 

we just updated our systems too, thank you for the update.

 

It's so great when all hosts come together and and tell each other important stuff

 

It's so great when all hosts come together and and tell each other important stuff

 

All of our updates have been completed..

 

we just updated our servers too,

i was reading some stuff on this at wht and there saying you should update cpanel but still disable horde untill horde release a patch

 

I was reading that as well, we still have our horde disabled for now, untill I here back from either cpanel or the data center, to confirm.

 

I disabled horde 3 or 4 days ago and updated cPanel now .

- Prilep

 

Patched in builds later than 21594

Or if you go by version then you're looking at:

For 11.19.x Everything 11.19.2 or newer is patched
For 11.18.x Everything 11.18.2 or newer is patched


You can check by running:

/scripts/autorepair check_horde_patch


cPanel patched it and sent it to the Horde Project for inclusion in their code base.

 

Exactly..
There is no need to disable Horde & force users to use other Mail programs.

 

Yup I just got the confirmation back that the patch fixed the problem, and there is no need to disable the horde mail.

 

Hey,
I cannot reply to your PM right now, as whenever I go into PMs, my browser shows Stopped

Anyway, whatever you did was right

Ishan

 

Haha i thought there was some other way. Thanks.

- Prilep

 

Hey with this update, is any one else missing the icons in the cpanel, x3 skin..