A vulnerability for Log4j was announced in CVE-2021-44228 and you want to ensure your server is secure.
For CVE-2021-45105 and CVE-2021-45046, please see the following articles instead.
This vulnerability affects the
cpanel-dovecot-solr RPM that is provided by The install_dovecot_fts Script.
No other cPanel-provided packages are affected by this vulnerability and if
cpanel-dovecot-solr is not installed there are no further steps needed.
An internal case for our development team to investigate this further has been filed. For reference, the case number is CPANEL-39455. Follow this article to receive an email notification when a solution is published in the product.
The only service provided by the cPanel software bundle that uses the logging utility Log4j is
cpanel-dovecot-solr. If you do not have this installed, then your server is secure. Any new installations of Dovecot_FTS will include the patched RPM by default. You can check if this RPM is installed with the following command.
Example if installed:
# rpm -q cpanel-dovecot-solr
We have published an update with the mitigation for CVE-2021-44228 to the
cpanel-dovecot-solr RPM in version 8.8.2-4+. This patch will automatically be applied during the nightly updates if this package is installed. You can confirm if your server is patched by using the following command.
Example output of patched RPM:
# rpm -qv --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455
* Fri Dec 10 2021 Tim Mullin <firstname.lastname@example.org> - 8.8.2-4.cp1180
- CPANEL-39455: Add mitigation for CVE-2021-44228
If the package is installed and does not show the patch information above, you can perform an update using the following command.
yum update cpanel-dovecot-solr