-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released EasyApache 3.24.18 with PHP versions 5.5.12 and 5.4.28. This release addresses the PHP vulnerability CVE-2014-0185 with the fix to a bug in the FPM package. We encourage all PHP users to upgrade to PHP version 5.5.12 or PHP version 5.4.28.


AFFECTED VERSIONS
All versions of PHP version 5.5 before 5.5.12.
All versions of PHP version 5.4 before 5.4.28.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2014-0185 - MEDIUM

PHP 5.5.12
Fixed bug in the FPM package related to CVE-2014-0185.

PHP 5.4.28
Fixed bug in the FPM package related to CVE-2014-0185.

SOLUTION
cPanel, Inc. has released EasyApache 3.24.18 with the updated versions of PHP 5.4 and 5.5 to correct these issues. Unless you have disabled EasyApache updates, EasyApache will include the latest versions of PHP automatically. Run EasyApache to rebuild your profile with the latest version of PHP.

REFERENCES
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0185
http://www.php.net/ChangeLog-5.php#5.4.28
http://www.php.net/ChangeLog-5.php#5.5.12
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTY54WAAoJEJUhvtyr2U3fmLoP/1gvmSZOzYTyCPVOxy8+n0l/
ydjIelEHO3yb4FTwdc2Taktd5vQ3NI11ddNmxPGWYY+FgTDUK4DDAxThjAOQCKPk
OrwDMk5iZYbTcgc70y7HYd3m4UF5YjFrB6K6l+a0AY4frEQF37UdZhPHe3ao9He8
Bq+HP+W14kZG8za5ozD812ljfaTwWZIY3PqjHX9WXbsAmsv2X4XHXGJDuBiwoib/
tQcNUY/SU4wTAnbVg7kUEzk5MD7QG1safnEnSWVQY79WPKqgaMY5Kbjw6NwuIVJ2
t6JjCoCv5vw4juLpDarrzGzgzMAdND5F3TI9JkqiTtYH+2zhKX+xRyua8wUP3qgW
54vSbzsfv0XW22V2ksjoo4yGmPfC9u5gMenAkhFKKkTxkTtfmPq+rrBDGm9D7AH2
lPuobr+1pK8TQtk/r77S1FtDVHNtEdPE+WGLt7KzaVZDh159+vWZLgo2pJ48l0aF
nki9gsQxU7hZBhLP6NMM4vfZqznOGL0uqlspOX8FuPw0WVAcOXSOofYfn4Xqqcz3
4lfJeePmCa/dk8+/P8Bf5lEEuyl4YSR6NLi9WM5ry5FMyca7h2ZOLop1ziM//cBi
L2boMd6X2S6YSpocD0Quw18qmLF0umpr4oCHTngRZZo/iOkPNDAK+H9WSNrowX/Y
BvrIveWigMb3DI86puhG
=5Ukh
-----END PGP SIGNATURE-----