A new version of the popular rootkit hunter application has been released.Uprade instructions:
Category: cPanel
MailScanner Script v2.31 Released
A new version of the update script has been released to cater for some hidden changes in the way MailScanner uses its SpamAssassin preferences file. This will likely only have affected those that have modified spam.assassin.prefs.conf.Changes in the new release:
MailScanner Script v2.30 Released
MailScanner have release a new version which includes some major enhancements, some of which I’ve seen improve performance dramatically on servers that receive a lot of spam.Changes in this new release to the script are:
PHP v4.4.2 Released by cPanel
v4.4.2 has been released for inclusion in building apache/php on cPanel servers. I’ve upgraded all of our servers with it and it appears to be working well. From the php site:
- Prevent header injection by limiting each header to a single line.
- Possible XSS inside error reporting functionality.
- Missing safe_mode/open_basedir checks into cURL extension.
- Apache 2 regression with sub-request handling on non-Linux systems.
- key() and current() regression related to references.
This release also fixes about 30 other defects
EV1 RHN Problems
Anyone with an EV1 server running RHE will probably find that up2date isn’t working. This is as a result of upgrades that EV1 have just performed on their RHN mirrors. There is a simple fix:
More details in the EV1 Forum thread.
New mod_security v1.9.2
A new version of mod_security has been released hereChanges:
ClamAV v0.88 Released
Problems with cPanel and the new CPAN.pm module
When running /scripts/perlinstaller you might be seeing this error:
This is being caused by the renaming of a function call in CPAN.pm which cPanel relies upon. Although there now appears to be a fix in the EDGE tree from the report I logged in bugzilla:http://bugzilla.cpanel.net/show_bug.cgi?id=3710There is a new version of CPAN.pm release at cpan.org this morning that addresses the issue.To manually upgrade to this fixed version do the following:
That should resolve the issue.
MailScanner Script v2.29 Released
Changes in this new release to the script are:v2.29 – New version of MailScanner 4.49.7Upgrades can be done by following upgrade instructions.Details of the MailScanner Changes:
OS Updates breaking perl and therefore MailScanner
We have had a lot of reports about MailScanner failing with perl module errors. We’re finding that this has nothing to do with MailScanner at all. It’s because clients are not excluding perl updates from their OS providers update utility (e.g. yum or up2date). There was a recent update to RH based OS’s with a new iteration of perl which fixes some security bugs. Most likely this has downgraded installed version of perl (perhaps v5.8.7) to v5.8.0 which won’t contain all the perl modules needed to run many things including MailScanner, cPanel and it will almost definitely break cPanel stats.The fix is fairly simple:
establish which version of perl you should be using:
Check it’s correct with:
Check that /usr/local/bin/perl is a symlink to /usr/bin/perl. Then stop and restart MailScanner, cPanel and any other daemons running through the perl interpreter.