-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, Inc. has updated RPMs for EasyApache 4 with cURL version 7.60.0 and released EasyApache 3.36.5 with cURL 7.60.0 on May 22, 2018. This release addresses vulnerabilities related to CVE-2018-1000300 and CVE-2018-1000301. We strongly encourage all cURL users to update to version 7.60.0. AFFECTED VERSIONS All versions of cURL through cURL 7.59.0 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2018-1000300 - MEDIUM cURL 7.60.0 Fixed bug related to CVE-2018-1000300 CVE-2018-1000301 - MEDIUM cURL 7.60.0 Fixed bug related to CVE-2018-1000301 SOLUTION cPanel, Inc. has released updated RPMs for EasyApache 4 on May 22, 2018, with cURL version 7.60.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. cPanel, Inc. has released EasyApache 3.36.5 with cURL version 7.60.0. Unless you have disabled EasyApache updates, the EasyApache application updates to the latest version when launched. Run EasyApache to rebuild your profile with the latest version of Apache and PHP. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2018-1000300 https://nvd.nist.gov/vuln/detail/CVE-2018-1000301 https://curl.haxx.se/changes.html -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIzBAEBCgAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlsEH+oACgkQlSG+3KvZ Td9trA/+L9GhZpyQ2105hrxvqaHAHrbUsqYlAvTWYiz6cVrvPPj6hyOCb/Sm+3rL 5ohzaJN+WNqlJ3Ba4nJZnwcri9vf4msCpx//ExpxkJxzHDQGR8+/QWfv33B0i79Z OcUk1/ECk6IARLqVTAOwJyp/wxJrmMZEQMGYFl1FtRIrueScFv0LZUfjzL78HVMz TexxJXdPTEpLQLONxJoXK0jd+9nm2EyrpV/jzw6CZC2XTlRZ5ha9HTCR/08FK3r5 JwOI7DoR28cy7gDUN5dDfjLleG19o2mMEOXW1xoa6wwDMQLj0xXGAr2P40Me1Oj/ 9RE1V5sNANJIVtjLLPZgvqG6TBrUx+5G8OrYFIj11XHZXTEklZAzGA/75GeFGCrq GEIR+Cop3P8WwsU8WR5vqgJra03+tM1AGcbVx5PafNDdxqolFpfXE106L0gawpsa 3lBR7048ep5z76wvMqiNiNwsM5mZO2IIYzUuHQ3/rzk6kzQUYO2qy3IwQHN1Lw7W NohqcLkGe/choG5svr4qxFs07TLPu2ogP0/SjOir0djfan4Re1kkn/P+/xkMqBD+ vYTTYPGzDhWrxen1bQLmY8mjy+shpgJQjJ5GQZK/Ggjzg7nvhlDvTOH5m7q30lMG brS5iKNdje3rRmTu/1zERwcSXZ1WkPTf8yWpoa6R97vnaR0+2BM= =SQps -----END PGP SIGNATURE-----