-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, Inc. has released EasyApache 3.30.4 with Apache versions 2.4.16 and 2.2.31. This release addresses vulnerabilities related to CVE-2015-3183, CVE-2015-3185, CVE-2015-0253, and CVE-2015-0228. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.16 and all Apache 2.2 users to upgrade to version 2.2.31. AFFECTED VERSIONS All versions of Apache 2.4 through version 2.4.15 All versions of Apache 2.2 through version 2.2.29 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2015-3183 - MEDIUM Apache 2.2.31 Fixed bug in core related to CVE-2015-3183 Apache 2.4.16 Fixed bug in core related to CVE-2015-3183 CVE-2015-3185 - MEDIUM Apache 2.4.16 Fixed bug in ap_some_authn_required related to CVE-2015-3185 CVE-2015-0253 Apache 2.4.16 - MEDIUM Fixed bug in core related to CVE-2015-0253 CVE-2015-0228 - MEDIUM Apache 2.4.16 Fixed bug in mod_lua related to CVE-2015-0228 SOLUTION cPanel, Inc. has released EasyApache 3.30.4 with updated versions of Apache 2.4.16 and 2.2.31. Unless you have disabled EasyApache updates, EasyApache updates automatically. Run EasyApache to rebuild your profile with the latest version of Apache. REFERENCES https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3185 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0253 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0228 http://www.apache.org/dist/httpd/Announcement2.4.html http://www.apache.org/dist/httpd/Announcement2.2.html -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVtnYEAAoJEJUhvtyr2U3fJxsQAJ10JZJ1VQunfM5X5yv3WYVb Vip9ilDJXh2dfOqAhgE1R/c3Vu9z3weGBnaDLoLFssKMogqc2OE54/nzxfMOoygw QgMa4dw9ukGbjqc9SjqBGOx32sBg1gK/vXjN6QtLmIaNY2VigbFrIp9jmpLpoYkY fjJQHEVlUtn6kAqHUudp8R6PKuSRltGNbO5WMt2rUMJ90i48njYi9owVkbSprsH/ OAIHtVP3UYcdT89GQJCBASDAi8h549jEQMJZVQgOw+3RY/jt1mO6iLH/gO8bSU5Z PeueceBzAXHjRxyALXLBIcegaLjq13tpevPsTpKU76p6xSD/cZn7V9NuQPno5GZo 8YEbB04ovEUd1qdS4gmpbVsqcyN94XVK3P8652IXDLWHVoJKXkHGrRYmTS4Ib2i/ nHA0xeXJYOtYcrtMe8w7v4WV3vKlPKQLRn2TGuKzRM8fa9StT/C9kZR3wNelaD1E YIlQPs5ptUVdY4gMWBOAePudQeV0LkTnyI2LULVrr798upn/x/K4a8a7IasnZl+u voQ8j9DU5VPXa8VbHlrZtV4iaHVMjmHD4pa+lcwmY1hG+MaVo5eamGRllW1gXcgm bBvZ3Jyv4n1dGq6HbTgFlxZZzJDSpZvTyZwo7gYrpClX6DE8k7Q93lJ/J6yxcuw7 DSpoa3Ibzg1Bm/MvvJTW =kvpk -----END PGP SIGNATURE-----