We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more.
EA-9610: Update scl-sourceguardian to 12.0 drop 11.4.1.
This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.
cPanel, L.L.C. has updated RPMs for EasyApache 4 with NodeJS version 10.24.0. This release addresses vulnerabilities related to CVE-2020-8265, CVE-2020-8287, and CVE-2020-1971. We strongly encourage all NodeJS users to update to version 10.24.0.
AFFECTED VERSIONS All versions of NodeJS through 10.23.3.
SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
CVE-2020-8265 – HIGH
NodeJS 10.24.0 Fixed bug related to CVE-2020-8265.
CVE-2020-8287 – MEDIUM
NodeJS 10.24.0 Fixed bug related to CVE-2020-8287.
CVE-2020-1971 – MEDIUM
NodeJS 10.24.0 Fixed bug related to CVE-2020-1971.
SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on March 3, 2021, with an updated version of NodeJS 10.24.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.