-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, Inc. has updated RPMs for EasyApache 4 with OpenSSL version 1.0.2p on August 29, 2018. This release addresses security vulnerabilities related to CVE-2018-0732 and CVE-2018-0737. We strongly encourage all OpenSSL users to update their version of OpenSSL.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.0.2o

 
SECURITY RATING

CVE-2018-0732 - MEDIUM
Fixed bug key agreement related to CVE-2018-0732

CVE-2018-0737 - MEDIUM
Fixed vulnerability in RSA Key generation algorithm related to CVE-2018-0737



SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on August 29, 2018 with OpenSSL version 1.0.2p. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://www.openssl.org/news/vulnerabilities-1.0.2.html
https://nvd.nist.gov/vuln/detail/CVE-2018-0732
https://nvd.nist.gov/vuln/detail/CVE-2018-0737










-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAluG5VgUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd/www//S1VGtOop3gvAuWmgWzxswhcIO4Cb
A/QAux+3wb0KN2cbJyZlxPIQqWfdey8mnWuxpqdlB0PMJtKOadekWxsgoMvBSicH
+vBanHEZj3C8MjLtlApY6JQc24fsHiLiUPG7I9Spb6qJ+MweyfYXOOUr79dFTEsJ
uYwgeiPx2oQPdafiN0/tfKNQI2+WbzYO8biIvsVKAF1ngN/2kzvrX+t4JYD9YsEF
hlvnYm/3ROjX8BfAJGyYjsilqlIsKf/9c0iDKwTrQA2GfEBGFpipZT0gQRwHqHBL
OXX0nAlXP9TxhuuqlwCXd9QfRXolleb4LxUVieF5x93zEBMuTwVbl42Ep+DBLFSb
GZ/3eTVuSpLLGKCO4N4I2S2ypiBhzjq55GV1h8BBywFCGGFQVA4rDcLKd/8Stth2
TBaqyQiJC0SQl0oiXzLpGH0D9IuMvdBnwzBwhC5V4Q5hPYVgJQfmd05mEjoKAyJV
0fU6qv4ZhTvHi2uhu10B2WMXRJbiTyGCTouRQJXlSvhb9eOrkyhPXghsQsYz0uDA
2I3EuD+zPsQQgs6Ra0AHSONQsl523QdiHT4R/g/QUwXeu2dr2knM32CgkMpwDmDo
zliBFkmvhSS0YF7yw4QGU8oaPgr2aGueE1wcXcyLaQaqTzdvJVSAGaputVGGLmEc
pbtoBWpW8aSMqOE=
=1oKy
-----END PGP SIGNATURE-----