cPanel announced that the company has released an update for EasyApache 4. EasyApache is a powerful and easy-to-use tool built into WHM/cPanel that allows users to update and configure their Apache webserver. Information about the new release can be found in EasyApache 4 Changelog and the EasyApache 4 Release Notes page.
What’s new?
ea-nginx
- EA-9692: Ensure server blocks contain root path when in reverse proxy mode.
- EA-9694: Update ea-nginx to 1.19.10, drop 1.19.9.
The cPanel team announced that the EasyApache team has released an update for EasyApache 4.
cPanel announced that the company has released an update for EasyApache 4. EasyApache is a powerful and easy-to-use tool built into WHM/cPanel that allows users to update and configure their Apache webserver. Information about the new release can be found in EasyApache 4 Changelog and the EasyApache 4 Release Notes page.
2020-11-11
ea-freetds
- EA-9397: Update ea-freetds to 1.2.9, drop 1.2.5.
ea-nodejs10
- EA-9400: Update ea-nodejs10 to 10.23.0, drop 10.22.1.
ea-php74
- ZC-7893: Remove unused php.modconf.
- ZC-7893: Update DSO config to factor in PHP 8.
- EA-9401: Update ea-php74 to 7.4.12 (reworked patches), drop 7.4.11.
- EA-9401: Update ea-php74 to 7.4.12, drop 7.4.11.
ea-php74-meta
- EA-9401: Update ea-php74 to 7.4.12, drop 7.4.11.
mod_security2
- EA-9177: Set SecRequestBodyLimitAction to ProcessPartial in the conf file.
scl-ioncube10
- EA-9356: Update scl-ioncube10 to 10.4.4, drop 10.4.3.
scl-php70
- ZC-7893: Remove unused php.modconf.
- ZC-7893: Update DSO config to factor in PHP 8.
scl-php71
- ZC-7893: Remove unused php.modconf.
- ZC-7893: Update DSO config to factor in PHP 8.
scl-php72
- ZC-7893: Remove unused php.modconf.
- ZC-7893: Update DSO config to factor in PHP 8.
scl-php73
- ZC-7893: Remove unused php.modconf.
- ZC-7893: Update DSO config to factor in PHP 8.
- EA-9403: Update scl-php73 to 7.3.24, drop 7.3.23.
scl-php73-meta
- EA-9403: Update scl-php73 to 7.3.24. drop 7.3.23.
cPanel announced that the company has released an update for EasyApache 4. Information about the new release can be found in EasyApache 4 Changelog and the EasyApache 4 Release Notes page.
2020-11-4
ea-apache24-mod_pagespeed
- EA-9262: Exclude cpanel. subdomain from Pagespeed.
ea-apache2-config
- ZC-7308: Updates for PHP 8.
ea-brotli
- EA-9380: Updated from upstream to 1.0.9.
- EA-9390: Fix build with latest ea-brotli (v1.0.9).
- scl-php54
- scl-php55
- scl-php56
- scl-php70
- scl-php71
- scl-php72
- scl-php73
- ea-php74
- scl-ruby24-passenger
cPanel has announced EasyApache 4 July 15 release. With the new release, cPanel updated PHP versions 7.4.8, 7.3.20, and 7.2.32 and Tomcat version 8.5.57. This release addresses vulnerabilities related to CVE-2020-8169, CVE-2020-13934 and CVE-2020-13935.
2020-7-15 update
cPanel encourages all PHP 7.4 users to upgrade to version 7.4.8, all PHP 7.3 users to upgrade to version 7.3.20, all PHP 7.2 users to upgrade to version 7.2.32, and all Tomcat users to upgrade to version 8.5.57. With the new update cPanel has the changes below:
ea-libicu
- EA-9155: Update
ea-libicu
to 67.1, drop 66.
ea-freetds
- EA-9148: Update
ea-freetds
to 1.2.3, drop 1.1.24.
ea-php74
- EA-9150: Update
ea-php74
to 7.4.8, drop 7.4.7 (with fix for Windows users in CVE-2020-8169).
ea-php74-meta
- EA-9150: Update
ea-php74
to 7.4.8, drop 7.4.7 (with fix for Windows users in CVE-2020-8169).
scl-php72
- EA-9152: Update
scl-php72
to 7.2.32, drop 7.2.31 (with fix for Windows users in CVE-2020-8169).
scl-php72-meta
- EA-9152: Update
scl-php72
to 7.2.32, drop 7.2.31 (with fix for Windows users in CVE-2020-8169).
scl-php73
- EA-9153: Update
scl-php73
to to 7.3.20, drop 7.3.19 (with fix for Windows users in CVE-2020-8169).
scl-php73-meta
- EA-9153: Update
scl-php73
to 7.3.20, drop 7.3.19 (with fix for Windows users in CVE-2020-8169).
ea-tomcat85
- EA-9151: Update
ea-tomcat85
to 8.5.57, drop 8.5.56 (with fixes for CVE-2020-13935 and CVE-2020-13934).
This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.
Affected versions
All versions of PHP 7.4 through 7.4.7.
All versions of PHP 7.3 through 7.3.19.
All versions of PHP 7.2 through 7.2.31.
All versions of Tomcat 8.5 through 7.5.56.
Security Rating
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
CVE-2020-8169 – Medium
PHP 7.4.8
Fixed bug related to CVE-2020-8169.
PHP 7.3.20
Fixed bug related to CVE-2020-8169.
PHP 7.2.32
Fixed bug related to CVE-2020-8169.
CVE-2020-13934 – Medium
Tomcat 8.5.57
Fixed bug related to CVE-2020-13934.
CVE-2020-13935 – Medium
Tomcat 8.5.57
Fixed bug related to CVE-2020-13935.
Source: Cloud7.news