Running outdated software on your home computer can leave you exposed to all kinds of trouble, especially when that machine is connected to the Internet. The same is true for web hosting servers. cPanel.net, the developers of the popular cPanel web hosting control panel, released new builds for all public update tiers yesterday.
In an announcement that was released late yesterday, the makers of cPanel advised users of their control panel of security issues. During normal cPanel Quality Assurance testing, vulnerabilities were discovered. There's no reason to believe these issues are known to the public, according to cPanel staff. As such, cPanel is only releasing limited information regarding those vulnerabilities.
cPanel and WHM versions that need to be updated:
220.127.116.11 for EDGE and CURRENT update tier
18.104.22.168 for RELEASE, STABLE, and 11.32 LTS update tier
22.214.171.124 for 11.30 LTS update tier
New builds are currently available to all web hosting customers via the standard update system if your cPanel and WHM servers are configured to update automatically when new releases become available. If you have disabled automatic updates on your hosting server, you are highly encouraged to update your cPanel and WHM installs manually.
This targed security release addresses two specific vulnerabilities. Additional information is expected to be released by the cPanel team on June 4, 2012.
As always, cPanel support is available to address your questions and concerns on their website, and also via their online forum.