-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.58.0 on January 25, 2018. This release addresses vulnerabilities related to CVE-2018-1000007. We strongly encourage cURL users to upgrade to version 7.58.0. AFFECTED VERSIONS All versions of cURL through 7.57.0 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2018-1000007 - MEDIUM cURL 7.58.0 Fixed bug in authorization: headers related to CVE-2018-1000007 SOLUTION cPanel, Inc. has released updated RPMs for EasyApache 4 on January 25, 2018, with a updated versions of cURL 7.58.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2018-1000007 https://curl.haxx.se/changes.html https://curl.haxx.se/docs/adv_2018-b3bf.html -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIzBAEBCgAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlpqRxIACgkQlSG+3KvZ Td+QwBAAvVlzvp4/ZvXiek+CJAkQ3jJrdWWRzZnHyRidkfr/+HSuaXWypypXQUZE Xdf7V1V6/HxSnFJUb329ys0D6QWfac870t7xeo5Plyu11/1jWlywC2/qD2kRgWlX y72yPm0MTfxq1jtChnnGN37xWYHTUQnzbKqdLOdxdUgxh2ntTLMAvh1PX15JNbQb 0z5djv1dBQas4xKhtMPd9/hLIthtSrGV1SNtBBVATmnECquojJb+2JTCM2a9TvcC waG/nBv7wtLJh+YYfikdEUiyweyBoH7yEIPQBOv/AmKV8LaFH1fIXuSrqlZ1UYpD FVIp+WsYOZPmbvA/DDwAbn1MwTBcmIlBaswg37/xpoYo6iu3oFemFTHzvyi68XjC D7lN1PF+9E44SGGMw/HiGw/E2gvoft9FR35RPjw8gLP6+HW35Q5HtJf0T37UMlVj yGejz/Y7az200g4SbDDQOaamqnyWOiIz6GjucZzIriTNe/eBrZZnz1QaBT1QGx1v W1fQH7zgQzlI1TXaA5ZwssLLfP8F0S2Rb0WiM+q9akF08QMt01YVWG4bMXQPn5IS CEzsU+6qmxFzF1kc9zGQkuvuIMWHObLstVvyQOVWS6NIOcSjOc7NPuMzkTP5H+8u RzLWDJsv3TLAlARe9Xkoy0CDxYXed9Ps1RRh81uo41AQVPsRyKA= =sW9Q -----END PGP SIGNATURE-----