-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY
cPanel, L.L.C. has published EasyApache 3.36.11 with PHP version 5.6.39. This release addresses vulnerabilities related to CVE-2018-19518 and CVE-2018-19935. We strongly encourage all PHP 5.6 users to upgrade to version 5.6.39.
 
 
AFFECTED VERSIONS
All versions of PHP 5.6 through 5.6.38

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2018-19518 - MEDIUM
PHP 5.6.39
Fixed bug in IMAP module related to CVE-2018-19518


CVE-2018-19935 - MEDIUM
PHP 5.6.39
Fixed bug in IMAP module related to CVE-2018-19935


SOLUTION
cPanel, L.L.C. has released EasyApache 3.6.11 with PHP version 5.6.39. Unless you have disabled EasyApache updates, the EasyApache application updates to the latest version when launched. Run EasyApache to rebuild your profile with the latest version of PHP.


 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2018-19935
https://nvd.nist.gov/vuln/detail/CVE-2018-19518
http://www.php.net/ChangeLog-5.php










-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlwX9XwACgkQlSG+3KvZ
Td/F6Q/+KCkEAedr3ziGSueRfGC45tipXC7TeYTJGh1UvIS+ltOW/tYEclv1c16s
3NxKvubhUC2ozorqxH+oBTmBGlXrusDMSKDT1BzIjAoircuJR2WMmx0xykhb4tUY
JBuCL3P1Ia+84nM/Leq524VsqfvljLVsxTUOKAsUGEa1mmCJSs5prU7bNFI2HzDh
pPnSTIx7mDZxeTfxIBpCEXiQUSteg9ZuS5HZEOCKZrM/oBZxP9NMWfcuT+VXpxyG
qji5mWHN/rgR/ZNmW2CgDO2Brm1Gc5dfTX/B/swR1Wt7mrMqxY6UNs6oeOjZbqWl
ilOFSvoqDUl9CfZGD1crCw3JgMat0/A7zMoSUujHnVqXIArCv0mcnhijXmQtfMoF
pOZ3KX5UtYTSZ1atzGaNsIdXvkInWDznqWFxjubN5QN3MN6DxDG4GWNVqGzof7EQ
zMHiC0Dq0X+y+BBgOj4uPR/ZYEPm6gSvz0h/xRT9MNK5NUWMwpQG+xW6rxPoy6TX
S5efEmCasP8f/xLclmwYKsWQVYi/QZZ9/rqGfgxnEgoGG1v0MkuNJlvUI1r4lYGb
yJoWfimUkdcd+pBpVILUryVkLm4vlR/5LtDHkK1Fil0uqLnswBlJYVEniMctsgzr
xIGu4xRruChBA/DQv5hPyOlWZg7eu8mFXQ+0FPK9f9KVLAybjRk=
=xwm4
-----END PGP SIGNATURE-----