So I hear this rumor...

**bear** · 08-04-2009 05:22 PM

Not that I believe most things that are posted at TheRegister.co.uk, there's a rumor of a security issue in WHM/Cpanel.
http://www.theregister.co.uk/2009/08..._trinity_csrf/

Any official word on this from Cpanel?

**Infopro** · 08-04-2009 05:36 PM

Yes. An announcement concerning this is located here.
cPanel Security Update: CSRF (cross-site request forgery) - cPanel Inc.

**teh** · 09-14-2009 11:09 AM

Any cpanel security advisory/announcement mailing list that one can subscribe to stay informed?

**Data 1** · 09-14-2009 12:55 PM

Originally Posted by Infopro

Yes. An announcement concerning this is located here.
cPanel Security Update: CSRF (cross-site request forgery) - cPanel Inc.

It seems like the odds of this happening would be so small that you would have a better chance of winning the lottery twice in one week. If this is the worst exploit we have to worry about I feel very safe.

**Infopro** · 09-14-2009 03:13 PM

This is the root page for that security blog. Security - cPanel Inc. where you'll find a block on the left to sign up for the News List.

**teh** · 09-15-2009 04:09 AM

@Infopro:

I don't see the recent posts on Security - cPanel Inc. in the news mailing list archive: News Private Archives Authentication.

I think the block on the left on the Security - cPanel Inc. page doesn't subscribe for the same list. We need a mailing list or an RSS feed with cpanel's security advisories as posted on Security - cPanel Inc..

thanks upfront.

**mario-cPanel** · 09-15-2009 11:38 AM

Originally Posted by teh

@Infopro:

I don't see the recent posts on Security - cPanel Inc. in the news mailing list archive: News Private Archives Authentication.

I think the block on the left on the Security - cPanel Inc. page doesn't subscribe for the same list. We need a mailing list or an RSS feed with cpanel's security advisories as posted on Security - cPanel Inc..

thanks upfront.

teh we appreciate the feedback.

Over the next few weeks we will be working on a re-org of the forums that will include a thread specifically about important information that will be provided solely by cPanel directly. You will be able to subscribe and RSS feed from this thread once it is online.

In the meantime your welcome to browse News - cPanel Inc. for updates from cPanel at this time.

Thanks again,

**MaraBlue** · 09-24-2009 07:16 PM

Odd....I'm on the "cPanel news" mailing list (I still have the confirmation email:
"Mailing list subscription confirmation notice for mailing list News").

I receive monthly reminders that I'm on the list...including the news that 11.25 is now available, and yet I haven't received any security notices.

cPanel really should offer RSS, rather than just email subscriptions.

LinkBack

Thread Tools

So I hear this rumor...

Who would you like to hear speak?