-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released EasyApache 3.32.13 with PHP versions 5.5.35 and 5.6.21. This release addresses vulnerabilities related to CVE-2016-3074. We strongly encourage all PHP 5.5 users to version 5.5.35, and all PHP 5.6 users to upgrade to version 5.6.21. 
 
AFFECTED VERSIONS

All versions of PHP 5.5 through version 5.5.34
All versions of PHP 5.6 through version 5.6.20
 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2016-3074 - HIGH
PHP 5.5.35
Fixed bug in the GD library related to CVE-2016-3074

PHP 5.6.21
Fixed bug in the GD library related to CVE-2016-3074


SOLUTION
cPanel, Inc. has released EasyApache 3.32.13 with updated versions of PHP 5.5.35 and PHP 5.6.21. Unless you have disabled EasyApache updates, the EasyApache application updates to the latest version when launched. Run EasyApache to rebuild your profile with the latest version of PHP.
 
REFERENCES
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3074
http://php.net/ChangeLog-5.php
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXJ5RmAAoJEJUhvtyr2U3fq3cQAKtx2N4aeyqxTLdzR6M/uKA9
MdhWn+RqZPHsWevRhybfeg40lmTrDpKehziQzy8ErPLiluySTlrAZzqK/96F0lBQ
nGS/jWOtFZMLMr3+/ASkOb8D4jw8+5Aie5tLJ8Obv4jFM86m4/yX0Rz7tLqXwdG5
Ny0fc7KcHEVaCSsKiE6uBHTGCZTnBDctI3Zur9HKnTNy/TUpDI35wjVGUahoZxnx
S7eEj0LhDtmTouSV2sc4R0RA/SG5248a/glKZySuj9YPijN/srRO2MDo+r/Bapr4
N1aF+ICAOMHZ00t9z8n1h2f4adEF04ydxvxur1YRPZz6gUIYsfdMdx9DVI6xOObk
7d3ix6rJLz8DwekJvIEj5upCQaRCRHHwA44sGgN+d1jO+VMezQiO7F8f1/FBeBdU
Ckr71cO5E+HbjhR8tFw1Fdi6ZPuVOS23uRo0SnLDWwI3TGKBkVuL1aqTSfe76v05
KQ/F2DrehWpj1rdpfqHQfGNsx+yPkaX1WVJ4oK1SKJ4n2Ooez8cnDf2x5rPt554j
9APDBdyhM0pL1bLY4Zr8c7Ze/BqgO2H7pFaBKIREVeU3/Dt73GiL3ldX7gAfhlph
5DvWaBtTAFbKTffAU0lpXYFefL0ohSyAeHUH6AnqoKo/WUds7YXl7Haa+V7TnOmx
mrRqkKnIsufHR7Ufz3WY
=wXAR
-----END PGP SIGNATURE-----