EasyApache 4 Maintenance and Security Release

cPanel, L.L.C. has released a security update for EasyApache 4!  Take a look at some highlights below, and then join us on the cPanel Community ForumsDiscord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

  • ea-nginx
    • EA-11132: Ensure ‘/var/log/nginx.uninstall’ does not exist before moving active log files there
    • EA-11131: Ensure userdata reflects apache port changes when ea-nginx is removed
  • ea-libxml2
    • EA-11388: Update ea-libxml2 from v2.10.4 to v2.11.1
      • Security:
        • Fix use-after-free in xmlParseContentInternal() (David Kilzer)
        • xmllint: Fix use-after-free with –maxmem
        • parser: Fix OOB read when formatting error message
        • entities: Rework entity amplification checks
  • ea-php80-php-memcached
    • EA-11384: Update ea-php80-php-memcached from v3.1.5 to vv3.2.0
  • ea-php81-php-memcached
    • EA-11385: Update ea-php81-php-memcached from v3.1.5 to vv3.2.0
  • ea-php82-php-memcached
    • ZC-10561: Create ea-php82-php-memcached
  • ea-cpanel-tools
    • ZC-10561: Add ea-php82-php-memcached

ea-libxml2: This update contains security releases, but no CVEs are assigned.

Information about all releases this year can be found in the 2023 EasyApache 4 Changelog and the EasyApache 4 Release Notes. You can also sign up for our EasyApache Development and EasyApache Production mailing lists to see when updates are pushed for our RPMs, letting you know ahead of time what will be updated in each EasyApache release.