CpanelNovember 20, 20200EasyApache New Update has been released ! November 4

cPanel announced that the company has released an update for EasyApache 4. EasyApache is a powerful and easy-to-use tool built into WHM/cPanel that allows users to update and configure their Apache webserver. Information about the new release can be found in EasyApache 4 Changelog and the EasyApache 4 Release Notes page.

2020-11-11

ea-freetds

• EA-9397: Update ea-freetds to 1.2.9, drop 1.2.5.

ea-nodejs10

• EA-9400: Update ea-nodejs10 to 10.23.0, drop 10.22.1.

ea-php74

• ZC-7893: Remove unused php.modconf.
• ZC-7893: Update DSO config to factor in PHP 8.
• EA-9401: Update ea-php74 to 7.4.12 (reworked patches), drop 7.4.11.
• EA-9401: Update ea-php74 to 7.4.12, drop 7.4.11.

ea-php74-meta

• EA-9401: Update ea-php74 to 7.4.12, drop 7.4.11.

mod_security2

• EA-9177: Set SecRequestBodyLimitAction to ProcessPartial in the conf file.

scl-ioncube10

• EA-9356: Update scl-ioncube10 to 10.4.4, drop 10.4.3.

scl-php70

• ZC-7893: Remove unused php.modconf.
• ZC-7893: Update DSO config to factor in PHP 8.

scl-php71

• ZC-7893: Remove unused php.modconf.
• ZC-7893: Update DSO config to factor in PHP 8.

scl-php72

• ZC-7893: Remove unused php.modconf.
• ZC-7893: Update DSO config to factor in PHP 8.

scl-php73

• ZC-7893: Remove unused php.modconf.
• ZC-7893: Update DSO config to factor in PHP 8.
• EA-9403: Update scl-php73 to 7.3.24, drop 7.3.23.

scl-php73-meta

• EA-9403: Update scl-php73 to 7.3.24. drop 7.3.23.

cPanel announced that the company has released an update for EasyApache 4. Information about the new release can be found in EasyApache 4 Changelog and the EasyApache 4 Release Notes page.

2020-11-4

ea-apache24-mod_pagespeed

• EA-9262: Exclude cpanel. subdomain from Pagespeed.

ea-apache2-config

• ZC-7308: Updates for PHP 8.

ea-brotli

• EA-9380: Updated from upstream to 1.0.9.
• EA-9390: Fix build with latest ea-brotli (v1.0.9).
  • scl-php54
  • scl-php55
  • scl-php56
  • scl-php70
  • scl-php71
  • scl-php72
  • scl-php73
  • ea-php74
  • scl-ruby24-passenger

 

cPanel has announced EasyApache 4 July 15 release. With the new release, cPanel updated PHP versions 7.4.8, 7.3.20, and 7.2.32 and Tomcat version 8.5.57. This release addresses vulnerabilities related to CVE-2020-8169, CVE-2020-13934 and CVE-2020-13935.

2020-7-15 update

cPanel encourages all PHP 7.4 users to upgrade to version 7.4.8, all PHP 7.3 users to upgrade to version 7.3.20, all PHP 7.2 users to upgrade to version 7.2.32, and all Tomcat users to upgrade to version 8.5.57. With the new update cPanel has the changes below:

ea-libicu

• EA-9155: Update ea-libicu to 67.1, drop 66.

ea-freetds

• EA-9148: Update ea-freetds to 1.2.3, drop 1.1.24.

ea-php74

• EA-9150: Update ea-php74 to 7.4.8, drop 7.4.7 (with fix for Windows users in CVE-2020-8169).

ea-php74-meta

• EA-9150: Update ea-php74 to 7.4.8, drop 7.4.7 (with fix for Windows users in CVE-2020-8169).

scl-php72

• EA-9152: Update scl-php72 to 7.2.32, drop 7.2.31 (with fix for Windows users in CVE-2020-8169).

scl-php72-meta

• EA-9152: Update scl-php72 to 7.2.32, drop 7.2.31 (with fix for Windows users in CVE-2020-8169).

scl-php73

• EA-9153: Update scl-php73 to to 7.3.20, drop 7.3.19 (with fix for Windows users in CVE-2020-8169).

scl-php73-meta

• EA-9153: Update scl-php73 to 7.3.20, drop 7.3.19 (with fix for Windows users in CVE-2020-8169).

ea-tomcat85

• EA-9151: Update ea-tomcat85 to 8.5.57, drop 8.5.56 (with fixes for CVE-2020-13935 and CVE-2020-13934).

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.

Affected versions

All versions of PHP 7.4 through 7.4.7.
All versions of PHP 7.3 through 7.3.19.
All versions of PHP 7.2 through 7.2.31.
All versions of Tomcat 8.5 through 7.5.56.

Security Rating

The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2020-8169 – Medium

PHP 7.4.8
Fixed bug related to CVE-2020-8169.

PHP 7.3.20
Fixed bug related to CVE-2020-8169.

PHP 7.2.32
Fixed bug related to CVE-2020-8169.

CVE-2020-13934 – Medium

Tomcat 8.5.57
Fixed bug related to CVE-2020-13934.

CVE-2020-13935 – Medium

Tomcat 8.5.57
Fixed bug related to CVE-2020-13935.