-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with OpenSSL version 1.0.2q on December 5, 2018. This release addresses vulnerabilities related to CVE-2018-5407 and CVE-2018-0734. We strongly encourage all OpenSSL users to update to version 1.0.2q. AFFECTED VERSIONS All versions of OpenSSL through OpenSSL 1.0.2p SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2018-5407 - MEDIUM OpenSSL 1.0.2q Fixed bug related to CVE-2018-5407 CVE-2018-0734 - MEDIUM OpenSSL 1.0.2q Fixed bug related to CVE-2018-0734 SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on December 5, 2018, with OpenSSL version 1.0.2q. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2018-0734 https://nvd.nist.gov/vuln/detail/CVE-2018-5407 https://www.openssl.org/news/cl102.txt -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIzBAEBCgAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAlwH5eoACgkQlSG+3KvZ Td/CGhAAgDsHLUN5Oosfuu2YmY9BGqTEXvPo+7t9/owpF+Mr5gXaDathS3oG0vmy 70OcePDj4xxexP1a7+jIxy6k0thDNnZl0UyD7rbud1zm/IJ7sKCxpmevm6kdJVVu CXo0KOQdAax6HKMAPqHWtZsC+nDLq2p90jEzbgxDyEU+uYFOSahD17KlVpizeszL kgSFVG5Dzg9cbyw4EMj5o/41CJXq3SLDgxwFSOBmEgpFiRlnb0wKhH+b7+1rIHke yKDtA2G6VQ/I/B+j0nlHnqpmEx4x5Kv+6KwawfvNQ5p4Bf/fN9Z41/OOeMz27EY0 6vgwtSxCcZ0rM+NA5te2txm4HZx/5WpoiCEYZanh60CLCRNRkH/2GqTEsbw3yWxX aBb8NHfweVjWI/nS2GABTNMTqqqOIoDttyDVboMCDSG8ZcmQuK5z3LedNlTUXkXg a9lAMIfZo6CFPyM3Udfx0A8k7h8dG9KUeUBjeH77O+vxcz1hTNJ0pkeifVmduYCF J4MInqIIKH3TbdOppQJgdnQCp4E4pfcJjo0urm2EFUCU8XyURwr8hIDliZlffIKE 6sUpQmc5RwMc837vI6TC1Vf9mvGfN9ixrLpyshkXpQAkZglp4hNWHTNOxowF+8Mz nYdmo436IPyH+WajyaDpvfWbA65htljO3YquK2joCVPVgVmxWZw= =04wZ -----END PGP SIGNATURE-----