-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released EasyApache 3.34.5 with PHP version 5.6.26. This release addresses vulnerabilities related to CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, and CVE-2016-7418. We strongly encourage all PHP 5.6 users to upgrade to version 5.6.26. 
 
AFFECTED VERSIONS
All versions of PHP 5.6 through version 5.6.25
 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2016-7416 - HIGH

PHP 5.6.26
Fixed bug in Intl extension related to CVE-2016-7416

CVE-2016-7412 - MEDIUM

PHP 5.6.26
Fixed bug in Mysqlnd module related to CVE-2016-7412


CVE-2016-7414 - MEDIUM

PHP 5.6.26
Fixed bug in Phar module related to CVE-2016-7414

CVE-2016-7417 - MEDIUM

PHP 5.6.26
Fixed bug in SPL library related to CVE-2016-7417


CVE-2016-7411 - MEDIUM

PHP 5.6.26
Fixed bug related to CVE-2016-7411

CVE-2016-7413 - MEDIUM

PHP 5.6.26
Fixed bug in WDDX extension related to CVE-2016-7413


CVE-2016-7418 - MEDIUM

PHP 5.6.26
Fixed bug in WDDX extension related to CVE-2016-7418

SOLUTION
cPanel, Inc. has released EasyApache 3.34.5 with an updated version of PHP 5.6.26. Unless you have disabled EasyApache updates, the EasyApache application updates to the latest version when launched. Run EasyApache to rebuild your profile with the latest version of PHP.
 
REFERENCES
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7416
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7412
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7414
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7417
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7411
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7413
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7418
http://php.net/ChangeLog-5.php
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJX4VfGAAoJEJUhvtyr2U3fSQsP/R6NCNHO2yp3hNaAZZGeahUq
AbEGicnHP9IzrQEaYMOU39xi96JYSJZvtU1piXymsdHQndXcLpQyEN4C01f+PdNu
faSAlzdWpy70aizwf6ctlMwQ+Y5htq3cWfwts/n0hne6ZdlozQQEAvmm5867P8hn
tZtYnDrPKuGmt0zrLoOkC/zdjtde7jPB5iqf+/zJ4Zg0w9kGUXJ/xXeEuT4wwjpm
r6X7CqwdiAUssX+uB+u9buCZ+J/36UU0IC3FQjEz0eGZaLiEmF7WqcZPl7OXsXjU
fHvij/Dyw6M6RnB/+YrwoQo1Sv6sSUCy5goG8MQ/tdmrA923Ye5bGAuxIkAkh8KG
+6oYX3b/V0VANZfNPQ02zinxcBERkwTyOSJ7xw1BeNV0Q5d4dey9hAhKHjb1mL3Q
/3aQEzgUziAjqauAzh9brrLPK77ZNpIrZXnyYtFKIpoaTzzE5d4rfRPeHLeVBjhR
uumc/eYJ4aI6xgAWnPxd0O4+pr53vv0PDHJbpP5fIR5ZolPsqAlndoZNA+5o44z/
5ajrGJV1u0xcC3JoI7qhTY6ghDs/OdK2fpb4wwEEbv89mLpfSg37v8LAjo6mRt9j
VlOOcIKgPweZ5YjZBWeHThfKiF5oTDe4Var30C8cbJ7mQ9x/Lf4x4pjgu+FYBg/w
5UxTzoFqUT5/Yk+i7yfR
=nrAr
-----END PGP SIGNATURE-----