-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on April 18, 2017, with PHP versions 7.0.18 and 7.1.4. This release addresses vulnerabilities related to CVE-2017-7272. We strongly encourage all PHP 7.0 users to upgrade to version 7.0.18 and all PHP 7.1 users to upgrade to version 7.1.4. AFFECTED VERSIONS All versions of PHP 7.0 through 7.0.17 All versions of PHP 7.1 through 7.1.3 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2017-7272 - MEDIUM PHP 7.0.18 Fixed bug in fsockopen function related to CVE-2017-7272 PHP 7.1.4 Fixed bug in fsockopen function related to CVE-2017-7272 SOLUTION cPanel, Inc. has released updated RPMs for EasyApache 4 on April 18, 2017, with updated versions of 7.0 and 7.1. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2017-7272 http://www.php.net/ChangeLog-7.php -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJY9PC2AAoJEJUhvtyr2U3fHN4QALdQ6ubNS48ruC06TNX8bmQd Yx46reWxWialv1W2KCPG3fBv546OhlhlOu64UHDbto8VLpXUCMMU35TWHVd0QX5b Dv8o2T3GIxRlJrjmcuQJAt39v+FqShCK1d+lLsBDphftBEcqLdCZAo2O020UWp6p dzwU07U/pJWkr07YLT04qWrvpxNqTctHxi0jlAOErfxaOX3IPOYTMkTOGGW9V6KA KbD92zCtgvOiH822U9Lgs2Kse1cdacJ13gI8kHA75rgZMWr5YniK1JpBjk2KM1WH cAfJgk8KbyENLWKdvgESikg8kjdG7UdBNaWYeR/rKKVuUJcjyqj4TPEC2EWf8UcB ThrZAUH07QGm+rSQR/H0n7KGupLaD5GlfUIRhZiP0VXmNsKYshGzGWNU4iJ3iEPh eaSV8QLDmzKaLjWmkKlx/X8sE+Zlq82Ocq+q3JIJ3dqD61iH0HOyBYj+1eKXd9Uq Ao4WiHjFO/xnXv2kzzrK7tqrheTj/zKQ8DzmIT/YvR4Utq3YvViUZYaps2QHPx0L 0TwtegpCHyoJUXDa47ZKycG6BKZLsdswE5CRxtRsldvI8KILeN27Qewl+P8II3ou 7lXrHeOP37yW1EAWmhSmzexFAm8XD+TpMRjktuc+oPA+8WaoOJ+jS0MvIYjqAEJF DGaVD8JBze/HRJNMGL0n =7n4+ -----END PGP SIGNATURE-----