Change Log for 78.0.24
Entry: 2019-05-24, 01:30 (UTC)
- [security] Fixed case SEC-486: Local code execution as other cPanel accounts via insecure cpphp execution.
- [security] Fixed case SEC-489: Unsafe file operations as root via fetch_ssl_certificates_for_fqdns API.
- [security] Fixed case SEC-494: Queueprocd log is created with world readable permissions.
- [security] Fixed case SEC-495: API Analytics adminbin allows arbitrary data to be inserted into log.
- [security] Fixed case SEC-496: Arbitrary file modification for demo accounts via extractfile API1 call.
- [security] Fixed case SEC-498: Demo account code execution via ajax_maketext_syntax_util.pl.