update to cPanel 9.4.0 build 10 STABLE

rs-freddo

Well-Known Member
May 13, 2003
828
1
168
Australia
cPanel Access Level
Root Administrator
I think cPanel is still working pretty hard to fix the mess they made. If you are running phpsuexec you are not vulnerable and there is no need to upgrade - shame the big red text doesn't say that eh...:rolleyes:
 

mickalo

Well-Known Member
Apr 16, 2002
782
5
318
N.W. Iowa
Originally posted by rs-freddo
I think cPanel is still working pretty hard to fix the mess they made. If you are running phpsuexec you are not vulnerable and there is no need to upgrade - shame the big red text doesn't say that eh...:rolleyes:
right you are. we've been running the most recent STABLE tree w/PHPsuexec and Suexec with no problems for sometime.

With Phpsuexec enabled, this disables the mod_php apache module which should take care of the security problem. :)

Mickalo
 

gorilla

Well-Known Member
Feb 3, 2004
694
1
168
Sydney / Australia
Upgraded apache when I saw the message in WHM as well and got the same issues like everybody else about the broken links for /cpanel and /webmail
and after waiting for a new STABLE release I had two choices to fix this problem .
Upgrade to an unstable EDGE release ( which seems to bring even more problems ) or just disable suexec .
So i just disabled suexec and the links are all working fine again .
Any feed back from you guys regarding disabling suexec ?
 
Last edited:

Jeff-C

Well-Known Member
Mar 16, 2004
116
0
166
Any feed back from you guys regarding disabling suexec ?
Well, obviously you are now more vulnerable to poorly written exploitable cgi perl scripts or malicious users, but other than that :eek:
 

Angel78

Well-Known Member
May 9, 2002
413
1
318
Originally posted by Sinewy
ive got suexec disabled no security issues at all.
Do you mean this like, no there are no security issues at all when you disable suexec (I think that you are wrong)

or

I havent faced any security issues since I have disabled suexec ?