cPanel, Inc. has updated RPMs for EasyApache 4 with OpenSSL version 1.0.2p on August 29, 2018. This release addresses security vulnerabilities related to CVE-2018-0732 and CVE-2018-0737. We strongly encourage all OpenSSL users to update their version of OpenSSL.
All versions of OpenSSL through 1.0.2o
CVE-2018-0732 – MEDIUM
Fixed bug key agreement related to CVE-2018-0732
CVE-2018-0737 – MEDIUM
Fixed vulnerability in RSA Key generation algorithm related to CVE-2018-0737
cPanel, Inc. has released updated RPMs for EasyApache 4 on August 29, 2018 with OpenSSL version 1.0.2p. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.
For the PGP-signed message, please see EA4 2018-8-29.signed.