In light of the recently discovered vulnerability in OpenSSL, we strongly recommend that all our customers update their system OpenSSL to version 0.9.6g or higher and apply our apache security update, no matter which goes first. WARNING: If you update apache, all your customized or custom apache modules including PHP will be reset to installation defaults, so you need to recompile or customize them anew.

To install the web server apache update:

1. Log into your web server as root.
2. Download the patch:
   wget http://www.psoft.net/shiv/HS23-U/HS-apache-1_3_26-2
3. Install the patch:
   sh HS-apache-1_3_26-2

To install the control panel server apache update:

1. Log into your control panel server as root.
2. Download the patch:
   wget http://www.psoft.net/shiv/HS23-U/HS-apachecp-1_3_26-2
3. Install the patch:
   sh HS-apachecp-1_3_26-2

Warning: Don't apply this patch to the server running Tomcat!

To install the webmail server apache update:

1. Log into your mail server as root.
2. Download the patch:
   wget http://www.psoft.net/shiv/HS23-U/HS-apachelite-1_3_26-2
3. Install the patch:
   sh HS-apachelite-1_3_26-2

Warning: Don't apply this patch to the web server with user homes!

If you have a single server installation, first install the web server update, then install the cp server update. Don't install the one for the webmail server.

To update your system OpenSSL:

RedHat users please make sure to update your OpenSSL and OpenSSH to the latest versions using the up2date utility as instructed here. FreeBSD users please get updated by doing the following:

1. Go through the cvsup procedure (instructions available here)
2. Go through the make world procedure (instructions available here)
3. Login as root to the control panel server.
4. Remove the file /hsphere/local/home/cpanel/.ssh/known_hosts
5. Execute:
   su - cpanel
   
6. ssh to each of your servers answering "yes" when asked.

Other operating system owners please contact your vendors.