cPanel

New cxs v1.43

Changes:

  • Improvements to –decode ([D]) option. If the final decode depth results in a php Parse error, the previous depth is scanned instead. This improves the likelihood of a successful decode and scan
  • Improvements to –decode ([D]) option. Decode PHP scripts in memory using the interactive php interpreter instead of using temporary files
  • Improvements to –decode ([D]) option. Add timeout to php interpreter to avoid decoding hangs
  • Exploit fingerprint definitions database additions

Additional:

  • Increased the number of Exploit fingerprint definitions to over 4500
  • Updated cxs web pages to reflect latest version

New cxs v1.42

Changes:

  • Suppress error output from Archive::Zip

New cxs v1.41

Changes:

  • Enabled option –options [Z] by default for scanning within compressed archives
  • Suppress error output from Archive::Tar
  • Exploit fingerprint definitions database additions

New cxs v1.40

Changes:

  • Improved detection of ruby and c exploits
  • Added the ability to use –quarantine and –delete when performing a manual or scheduled scan. However, since the likelihood of a false-positive is relatively high, this is not recommended without care and understanding of the implications
  • Added test for existence of –quarantine [dir]. If it does not exist an error will be shown and the scan will continue with the quarantine directive disabled
  • New –options [Z]. This option decompresses archives (e.q. zip, tar, tar.gz and tar.bz2 files) and scans each file within the archive using the same options provided to the original scan
  • Added –options [Z] to WHM UI
  • Updated perl modules requirements to now include: Archive::Zip and Archive::Tar
  • Cater for single quotes in cron jobs in the WHM UI
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cmm v1.15

Changes:

  • Updated “Manage Mail Hourly Limits” for the replacement new method in cPanel v11.28.48+

Note: This replacement new method supports per domain hourly limits again

New MailScanner Script v2.79

Changes:

  • Due to a critical vulnerability in exim cPanel have disabled the option -D in the exim binary that MailScanner Incoming Only scanning uses. This means that that method can no longer be used at this time and all MailScanner implementations that use this installer need to switch to In/Out scanning (the default install). This update forces that switch.
  • An alternative to upgrading is to simply run:/usr/mscpanel/msswitch.pl inout
  • Regardless of whether you are running either In Only or In/OUT scanning ALL clients should ensure that they are running the latest version of cPanels exim implementation either by running /scripts/upcp or /scripts/eximup
  • http://mail.cpanel.net/pipermail/news_cpanel.net/2010-December/000060.html

New csf v5.13

Changes:

  • Added obsolete OS checkes for Fedora v11 and v12, plus RedHat/CentOS v2 and v3 in Server Check
  • Fixed broken reference URL’s in Server Check for cPanel servers
  • Modified statistics to not display pie chart if no data is available
  • Sort LF_DIRWATCHFILE output by time to improve the reported results
  • Added new setting for AT_ALERT to only trigger on modification to the root account (i.e. not all superuser accounts)
  • Tested successfully for support on Fedora v14 and Ubuntu v10.10

New cxs v1.39

Changes:

  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cmm v1.14

Changes:

  • Updated “Manage Mail Hourly Limits” for the new method in cPanel v11.28+
  • Added Note regarding the changes in v11.28+, i.e. Mail Hourly Limits apply to all domains on an account, no longer per domain
  • Include /etc/remotedomains in addition to /etc/localdomains in the list of available domains
  • Fixed issue where “[truncated to 500 lines]” link was always displayed on emails even if they were less than 500 lines long
  • Changed system calls to use open3 to trap messages
  • Added retry timeout in WHM UI for checking www.configserver.com for new version information (to avoid repeated hangs when unreachable)