Hello Everyone,
You can find our blog post and Knowledge Base article on this topic at the links below:
Exim CVE-2019-10149, how to protect yourself | cPanel Blog
CVE-2019-10149 Exim - cPanel Knowledge Base - cPanel Documentation
Here's an overview of how
CVE-2019-10149 applies to specific cPanel & WHM versions:
1. cPanel & WHM
version 80 uses Exim version 4.92 and is unaffected by this vulnerability.
2. An update to cPanel & WHM
version 78 was published to the STABLE and 78 LTS release tiers on June 5th, 2019 with the following fix included in the change log:
Fixed case CPANEL-27723: Update exim to 4.92-1.cp1178. Fixes CVE-2019-10149.
If you are using cPanel & WHM version 78 and
Daily Updates is set to
Never or
Manual Updates Only in
WHM >> Update Preferences, then you should initiate the update to version 78.0.27 immediately to ensure the patch for this vulnerability is applied. For information on how to update cPanel & WHM, see the document below:
Upgrade to Latest Version - Version 78 Documentation - cPanel Documentation
3. If you're using cPanel & WHM version 76 or lower, please see the information published to the cPanel Blog on the link below:
Exim CVE-2019-10149, how to protect yourself | cPanel Blog
Let us know if you have any questions or need assistance with the update.
Thank you.
