-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.58.0 on January 25, 2018. This release addresses vulnerabilities related to CVE-2018-1000007. We strongly encourage cURL users to upgrade to version 7.58.0.
 
 
AFFECTED VERSIONS
All versions of cURL through 7.57.0


SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2018-1000007 - MEDIUM
cURL 7.58.0
Fixed bug in authorization: headers related to CVE-2018-1000007


SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on January 25, 2018, with a updated versions of cURL 7.58.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2018-1000007
https://curl.haxx.se/changes.html
https://curl.haxx.se/docs/adv_2018-b3bf.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIzBAEBCgAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlpqRxIACgkQlSG+3KvZ
Td+QwBAAvVlzvp4/ZvXiek+CJAkQ3jJrdWWRzZnHyRidkfr/+HSuaXWypypXQUZE
Xdf7V1V6/HxSnFJUb329ys0D6QWfac870t7xeo5Plyu11/1jWlywC2/qD2kRgWlX
y72yPm0MTfxq1jtChnnGN37xWYHTUQnzbKqdLOdxdUgxh2ntTLMAvh1PX15JNbQb
0z5djv1dBQas4xKhtMPd9/hLIthtSrGV1SNtBBVATmnECquojJb+2JTCM2a9TvcC
waG/nBv7wtLJh+YYfikdEUiyweyBoH7yEIPQBOv/AmKV8LaFH1fIXuSrqlZ1UYpD
FVIp+WsYOZPmbvA/DDwAbn1MwTBcmIlBaswg37/xpoYo6iu3oFemFTHzvyi68XjC
D7lN1PF+9E44SGGMw/HiGw/E2gvoft9FR35RPjw8gLP6+HW35Q5HtJf0T37UMlVj
yGejz/Y7az200g4SbDDQOaamqnyWOiIz6GjucZzIriTNe/eBrZZnz1QaBT1QGx1v
W1fQH7zgQzlI1TXaA5ZwssLLfP8F0S2Rb0WiM+q9akF08QMt01YVWG4bMXQPn5IS
CEzsU+6qmxFzF1kc9zGQkuvuIMWHObLstVvyQOVWS6NIOcSjOc7NPuMzkTP5H+8u
RzLWDJsv3TLAlARe9Xkoy0CDxYXed9Ps1RRh81uo41AQVPsRyKA=
=sW9Q
-----END PGP SIGNATURE-----