-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SUMMARY cPanel, L.L.C. has published EasyApache 3.36.11 with PHP version 5.6.39. This release addresses vulnerabilities related to CVE-2018-19518 and CVE-2018-19935. We strongly encourage all PHP 5.6 users to upgrade to version 5.6.39. AFFECTED VERSIONS All versions of PHP 5.6 through 5.6.38 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2018-19518 - MEDIUM PHP 5.6.39 Fixed bug in IMAP module related to CVE-2018-19518 CVE-2018-19935 - MEDIUM PHP 5.6.39 Fixed bug in IMAP module related to CVE-2018-19935 SOLUTION cPanel, L.L.C. has released EasyApache 3.6.11 with PHP version 5.6.39. Unless you have disabled EasyApache updates, the EasyApache application updates to the latest version when launched. Run EasyApache to rebuild your profile with the latest version of PHP. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2018-19935 https://nvd.nist.gov/vuln/detail/CVE-2018-19518 http://www.php.net/ChangeLog-5.php -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlwX9XwACgkQlSG+3KvZ Td/F6Q/+KCkEAedr3ziGSueRfGC45tipXC7TeYTJGh1UvIS+ltOW/tYEclv1c16s 3NxKvubhUC2ozorqxH+oBTmBGlXrusDMSKDT1BzIjAoircuJR2WMmx0xykhb4tUY JBuCL3P1Ia+84nM/Leq524VsqfvljLVsxTUOKAsUGEa1mmCJSs5prU7bNFI2HzDh pPnSTIx7mDZxeTfxIBpCEXiQUSteg9ZuS5HZEOCKZrM/oBZxP9NMWfcuT+VXpxyG qji5mWHN/rgR/ZNmW2CgDO2Brm1Gc5dfTX/B/swR1Wt7mrMqxY6UNs6oeOjZbqWl ilOFSvoqDUl9CfZGD1crCw3JgMat0/A7zMoSUujHnVqXIArCv0mcnhijXmQtfMoF pOZ3KX5UtYTSZ1atzGaNsIdXvkInWDznqWFxjubN5QN3MN6DxDG4GWNVqGzof7EQ zMHiC0Dq0X+y+BBgOj4uPR/ZYEPm6gSvz0h/xRT9MNK5NUWMwpQG+xW6rxPoy6TX S5efEmCasP8f/xLclmwYKsWQVYi/QZZ9/rqGfgxnEgoGG1v0MkuNJlvUI1r4lYGb yJoWfimUkdcd+pBpVILUryVkLm4vlR/5LtDHkK1Fil0uqLnswBlJYVEniMctsgzr xIGu4xRruChBA/DQv5hPyOlWZg7eu8mFXQ+0FPK9f9KVLAybjRk= =xwm4 -----END PGP SIGNATURE-----