-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch.
 
AFFECTED VERSIONS
All versions of Passenger

DESCRIPTION

This update patches a vulnerability where a user can list the contents of arbitrary files on the system when Passenger runs as the root user.

SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.
 
REFERENCES
https://blog.phusion.nl/2017/10/16/passenger-5-1-11/
https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIzBAEBCgAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlnlUi0ACgkQlSG+3KvZ
Td+58xAAuT0xYx95iPjxYsn59vhQ0TB96zOedDF8s+k58yzMDH8BAnKzKAx2B9eM
VZMiItnI9oCrBNtW2BmU9Mk5YGJ56wrI37sZbGTZTP3qgT/V4l5YDlOxLOr2TyCb
xqGLgeot5LbgDzOVODYBK9FOMtefbGkEt5DG89kbSk+j8uZgpEZceeZjhY9fk/yh
TpUjfDyBd6HAQwflW88xmDlvazDRBUzI/tMWkFgZuptMaN2P3Mvo4hpIRNCrl295
BM3wL+f1yCzKLpYl38iTrt9YttyOWY8hxXNGtbhXVy4nA0F1ZhPcvZqzOSDCv7Im
2M+hWggTI1Alo27DROGCChk8R+/IC4VvQ/+ZrQ0DGLzoJBc6ZRTGJR0ZI7pCFhSV
c3NqpJo1v4zU1A9eCWp0HXRWbNwvmOms7uQYIJgyOgTutdYcX+5vJywBitHFDlRi
4qmq560xX+MQVKHCLkBMgbzZDFTDz+kOn/EyM6fRs0bM7Bq8cLFj+1Ehs2lN7mhH
RornqOL8ONxSf+gFYFcDZ5s1VpUZSidnV/EQjfD31sp+FvFqbZYND6yQ/oaXahPF
omubh8vxP4/DoGHUqFMp/Tjmy+NW5SRu6AvX1Ujwghod1RFDWI//M/mJmwnWhqBz
JEqfwxW/sXXHzsq80QqgsW0cPSQmq7T4CUebm/U6kMli3umyXT8=
=xdG7
-----END PGP SIGNATURE-----