Quote:
Originally Posted by Aussie Bob
James,
That was posted today only a few hours ago on the cpanel security blog, and no, we won't be rushing to upgrade all cpanels accross our server fleet to EDGE release for the Horde fix. Steve will make a call on this shortly and make the appropriate announcement, but for now Horde will remain deactivated until we are 100% certian that the fix provided by cpanel works.
You are quite welcome to reactivate Horde in your VPS by upgrading Cpanel to their suggested EDGE release. I wouldn't rush this though, given this was a root breach but it's your call but we will accept no responsibility if your VPS is root breached.
Due to the severity of the breach (root breach) we acted quickly and let as many other hosts know too, yet at the same time being careful not to make public specific details about the actual exploit.
|
Hello Bob,
Im not subscribed to all Cpanels bumpf so Im just commenting on what info I can find.
Most specifically in that blog post "The builds will be available to all other update servers within one hour of this posting." and "The patch will be available in builds 11.18.2 and greater "
Which was yesterday.
11.18 isnt the edge release?
What are we waiting for then exactly, im lost?
Are we waiting for the next secure upgrade of Cpanel... which could be what weeks/months away?