-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 19, 2016, with PHP versions 5.6.27 and 7.0.12. This release addresses vulnerabilities related to CVE-2016-7568. We strongly encourage all PHP 5.6 users to upgrade to version 5.6.27 and all PHP 7.0 users to upgrade to version 7.0.12.
 
 
AFFECTED VERSIONS
All versions of PHP 5.6 through version 5.6.26
All versions of PHP 7.0 through version 7.0.11
 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2016-7568 - HIGH

PHP 5.6.26
Fixed bug in GD module related to CVE-2016-7568

PHP 7.0.11
Fixed bug in GD module related to CVE-2016-7568


SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 19, 2016, with updated versions of PHP 5.6.27 and 7.0.12. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.
 
REFERENCES
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
http://php.net/ChangeLog-5.php
http://www.php.net/ChangeLog-7.php
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJYB5AcAAoJEJUhvtyr2U3f348QALv5WNKVNLKc1M2gL94y18EE
1XO0OkCr6cTrczVrfyzjD0kkfoakhRj8yDeR4jHs+wP1x2JZwql+c/yPoIpFa0FO
EObpw18YHhiGb/V4keHFAQVVlPyds7/f+UEiFewW460w46A1a4kCy3xnh14hN9vl
MV8zrM3nBzeYA/8Dk0UH7jmIFnsQW0HX7FczeErbg9jTshBtjUqNZTdLqoXd0AZV
tpnYU83/xTXwNRyFeTGVKxx0afkNM6udjwqtUNOGwckKBxxOUjgHukpAQYXpDGaK
olMkiNn+b2q1FDE/SrLpJusjH8w1MXv0S4IJezGi7SPu+20sQAh51pJohTKLko5+
1up8TqDxjeDjbt8BjktLbDC/5evB/DvxyuOJhxSNWYQATLdXVhGVhp+CislgUkN9
3YLxbYtcTVRt8QvG2py95g5lyoVjqEY79mGYpL8ZZ7ar9KHGK+R0tGZXW6fac4Is
HutqsI2WVVbm5gk5tjQg/488CIeSMz6T/LqTX/NDT4GQIWdmJjCbbnvRIYcRH8ga
huEnX9Srx3ggZq/AYg4I4v/ErkCICVqIq3d23te8B2B+ZD4FtMNLXWhO86B250+K
jSoI3IJKBWfNR1llVh6OW/2sSUSp2S4MI4RIuilcMI6VnpmsIDN3s39EepnpH318
8AkAgS6iQppjon5w2ars
=+e3i
-----END PGP SIGNATURE-----