-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released updated RPMs for EasyApache 4 on September 20, 2016, with PHP versions 5.6.27 and 7.0.12. This release addresses vulnerabilities related to CVE-2016-7568. We strongly encourage all PHP 5.6 users to upgrade to version 5.6.27 and all PHP 7.0 users to upgrade to version 7.0.12.
 
 
AFFECTED VERSIONS
All versions of PHP 5.6 through version 5.6.26
All versions of PHP 7.0 through version 7.0.11
 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2016-7568 - HIGH

PHP 5.6.26
Fixed bug in GD module related to CVE-2016-7568

PHP 7.0.11
Fixed bug in GD module related to CVE-2016-7568


SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 18, 2016, with updated versions of PHP 5.6.27 and 7.0.12. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.
 
REFERENCES
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
http://php.net/ChangeLog-5.php
http://www.php.net/ChangeLog-7.php
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJYBlVIAAoJEJUhvtyr2U3fuzEP/1uTONfp1QJboB3hXxgnmRAP
u4FZ2BniX6G+40VCrtHm38wn26FjoUtXxZPXNlaoWlw4LVqJw/Ftnin5NPHXthCi
4QUR2NO4eb0T+aHKtbodN39w5omVNj5+yHoxffpst1GStYrJ1U8OMvGYiJRzK4T4
SjdfdOdvpwjd0zUWWLGZWjO9WyZad0rEXDQqbpjqA4r1DewOnWfItpuhzbLa7nyj
6c5r9oe7f7krNpoxWO76ovgkUAzDD6mzpI0aSOMRlHpmM7hjWp9JwPGDZhDUhQun
O5bPvtOzrzKXma/IWQZxBatmeDRr4kwthtFdTzWxgO1jfsysVtXiiWYj5Up/wC4b
+2OqCjm75ATKvzrXe6qPn3rp1v0pM1Ss/LlnIfiHgRIYf8Cfm7dI31AhYOW6Jn7u
Sfm9dMxBA47rYXPEZNfOLcyNP0rA0h6C0WieSlpnuDOAYE/DVimNRlV1mGxZVKtY
e7Zy63v7ch4Sz9s2zZyateW7G+04EnYiXXGoayfqHcgByVIZOvSs8tisk8hevTAs
JtSZurcOF3LXh0kbCCkeYqFZEmP2gwaS6CIlXN0pdR2MHc5P5B39bpg4hrN9KK2s
tTUn4iJpck6Q7aQ0MQgdw/pyaH05ZYqWmNZuW+399nOaM8KbquH2dfVrjHXEJAPC
gna7Lc3qkbKHQcH43GZE
=0o5L
-----END PGP SIGNATURE-----