srprasad

Registered
Mar 4, 2004
3
0
151
India
Hi,

Iam new to WHM and while i logged in today i could see the
following Security Msg in the WHM.
------
Security A Security hole has been discovered in the exim mail server, if you are using EDGE or CURRENT, you can update to a new build (9.3.0 build 1 or later) which has a fix by clicking here.
-------

My Current build is 9.2.0
How do i check if iam using EDGE or CURRENT, after i click on the update is there anything i need to do manually.
Iam asking this to be on the safer side.

Any help will be appreciated.

Regards
Ratna
 

netlook

Well-Known Member
Mar 25, 2004
334
0
166
Latest CURRENT - is it stable and safe ? I'm currently running RELASE version, but this red bar makes me affraid :eek:
 

kris1351

Well-Known Member
Apr 18, 2003
961
0
166
Lewisville, Tx
Just did several currents and several edge updates. They seem to be working well, took awhile for the exim to stop showing failed though. About 30 minutes each after restarts. One thing I don't like is there is now Exim, Exim26 and Eximstats in the Service Status.
 

Jedia

Well-Known Member
Mar 18, 2004
200
0
166
CN
hello, my WHM is
WHM 9.2.0 cPanel 9.2.0-S29
FreeBSD 4.8-RELEASE - WHM X v2.1.2
may i have to upgrade ? :confused:
 

gundamz

Well-Known Member
Mar 27, 2002
245
0
316
If you see the warning sign, you need to upgrade. You should be upgrade to stable as what you had set for your whm settling.
 

gundamz

Well-Known Member
Mar 27, 2002
245
0
316
correction. i don't think cpanel have release a patch for "Stable" version.
 

BeNE.WS

Well-Known Member
May 14, 2003
49
0
156
Belgium
Originally posted by gundamz
correction. i don't think cpanel have release a patch for "Stable" version.
That's correct:
RELEASE and STABLE will have updates for this problem in the near future

My Question:
WHEN is 'the near future' ?
 

Snowman30

Well-Known Member
PartnerNOC
Apr 7, 2002
679
0
316
cPanel Access Level
DataCenter Provider
Originally posted by kris1351
Just did several currents and several edge updates. They seem to be working well, took awhile for the exim to stop showing failed though. About 30 minutes each after restarts. One thing I don't like is there is now Exim, Exim26 and Eximstats in the Service Status.
I did an upgrade on all servers and all bar one are ok. I have one that exim just constaly shows as being down even though it appears to be working.

Did you do anything to make it start working???
 

netlook

Well-Known Member
Mar 25, 2004
334
0
166
Originally posted by BeNE.WS
That's correct:
RELEASE and STABLE will have updates for this problem in the near future

My Question:
WHEN is 'the near future' ?
Yes, WHEN??? NEAR FUTURE = tomorrow, next week, next year... :mad:
 

Jedia

Well-Known Member
Mar 18, 2004
200
0
166
CN
Originally posted by gundamz
If you see the warning sign, you need to upgrade. You should be upgrade to stable as what you had set for your whm settling.
i ran /scripts/upcp, but it said i have already running the newest stable ver.
 

Host4u2

Well-Known Member
Mar 24, 2002
247
0
316
If you are running the current "Stable" release, WHM 9.2.0 cPanel 9.2.0-S25, then there is no upgrade available yet to close the Exim security hole. You would have to actually downgrade to the EDGE or CURRENT release.

I also would like "Near Future" more clearly defined. I stick with the Stable Releases, as I do not wish to beta test Cpanel on production servers :)
 

hostultra

Well-Known Member
Aug 21, 2002
167
0
166
Is there no FreeBSD fix for this??
I upgraded to CURRENT but i still get the warning in WHM

Is there no mailing list for cpanel security issues?
I think it would be a good idea to have one.
 

gundamz

Well-Known Member
Mar 27, 2002
245
0
316
Originally posted by hostultra
Is there no FreeBSD fix for this??
I upgraded to CURRENT but i still get the warning in WHM

Is there no mailing list for cpanel security issues?
I think it would be a good idea to have one.

Currently, there's no patch for cpanel server that is on the "stable" version. This fix is release to "edge" and "latest" build server
 

hostultra

Well-Known Member
Aug 21, 2002
167
0
166
Originally posted by gundamz
Currently, there's no patch for cpanel server that is on the "stable" version. This fix is release to "edge" and "latest" build server
Yes i know that.
There is no "latest" its called "current" which is what i installed.
Installing "current" on my two redhat servers fixed it but not on freebsd.
 

midnightz

Active Member
Apr 25, 2003
28
0
151
You can try on Stable and Release, the following in the /scripts

./updatenow
./exim4

run from cmd line