-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, Inc. has released EasyApache 3.24.18 with PHP versions 5.5.12 and 5.4.28. This release addresses the PHP vulnerability CVE-2014-0185 with the fix to a bug in the FPM package. We encourage all PHP users to upgrade to PHP version 5.5.12 or PHP version 5.4.28. AFFECTED VERSIONS All versions of PHP version 5.5 before 5.5.12. All versions of PHP version 5.4 before 5.4.28. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2014-0185 - MEDIUM PHP 5.5.12 Fixed bug in the FPM package related to CVE-2014-0185. PHP 5.4.28 Fixed bug in the FPM package related to CVE-2014-0185. SOLUTION cPanel, Inc. has released EasyApache 3.24.18 with the updated versions of PHP 5.4 and 5.5 to correct these issues. Unless you have disabled EasyApache updates, EasyApache will include the latest versions of PHP automatically. Run EasyApache to rebuild your profile with the latest version of PHP. REFERENCES http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0185 http://www.php.net/ChangeLog-5.php#5.4.28 http://www.php.net/ChangeLog-5.php#5.5.12 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTY54WAAoJEJUhvtyr2U3fmLoP/1gvmSZOzYTyCPVOxy8+n0l/ ydjIelEHO3yb4FTwdc2Taktd5vQ3NI11ddNmxPGWYY+FgTDUK4DDAxThjAOQCKPk OrwDMk5iZYbTcgc70y7HYd3m4UF5YjFrB6K6l+a0AY4frEQF37UdZhPHe3ao9He8 Bq+HP+W14kZG8za5ozD812ljfaTwWZIY3PqjHX9WXbsAmsv2X4XHXGJDuBiwoib/ tQcNUY/SU4wTAnbVg7kUEzk5MD7QG1safnEnSWVQY79WPKqgaMY5Kbjw6NwuIVJ2 t6JjCoCv5vw4juLpDarrzGzgzMAdND5F3TI9JkqiTtYH+2zhKX+xRyua8wUP3qgW 54vSbzsfv0XW22V2ksjoo4yGmPfC9u5gMenAkhFKKkTxkTtfmPq+rrBDGm9D7AH2 lPuobr+1pK8TQtk/r77S1FtDVHNtEdPE+WGLt7KzaVZDh159+vWZLgo2pJ48l0aF nki9gsQxU7hZBhLP6NMM4vfZqznOGL0uqlspOX8FuPw0WVAcOXSOofYfn4Xqqcz3 4lfJeePmCa/dk8+/P8Bf5lEEuyl4YSR6NLi9WM5ry5FMyca7h2ZOLop1ziM//cBi L2boMd6X2S6YSpocD0Quw18qmLF0umpr4oCHTngRZZo/iOkPNDAK+H9WSNrowX/Y BvrIveWigMb3DI86puhG =5Ukh -----END PGP SIGNATURE-----