-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with PHP versions 7.1.33, 7.2.24, and 7.3.11. This release addresses vulnerabilities related to CVE-2019-11043. We strongly encourage all PHP 7.1 users to upgrade to version 7.1.33, all PHP 7.2 users to upgrade to version 7.2.24, and all PHP 7.3 users to upgrade to version 7.3.11. AFFECTED VERSIONS All versions of PHP through 7.1.32 All versions of PHP through 7.2.23 All versions of PHP through 7.3.10 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2019-11043 - MEDIUM PHP 7.1.33 Fixed bug related to CVE-2019-11043 PHP 7.2.24 Fixed bug related to CVE-2019-11043 PHP 7.3.11 Fixed bug related to CVE-2019-11043 SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on October 30, 2019, with updated versions of PHP versions 7.1.33, 7.2.24, and 7.3.11. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2019-11043 https://www.php.net/ChangeLog-7.php -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl25qPAUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd+yVBAAhCiG5+fv8ZKoKx5DTyWQAr+S/pGY pc7tNkC5Fy2VE7D7c2NdYznTHA58ZfdSitXQQxPtBb6cb+Ho4Jn5A1HIYI3sfPfs LyVEPPYXSFpRW9SptpzUFslmY937xdiy9gmu70D8tCoJjA4cwty3R1S53ONOKKhl xSnjJa6EHxpRNmQoBZhGp6YMqOR1KRvZcsoPXJSms8ILHZGlZi3Ke8cV/MBISXAA qE872HMZX/hfHWCA+JGafVq84+6rMwa0WeV0cIKjKElm2GBussWb8o8gg7pu1zFP 1fLW85Cgg0xj/yhWtJbnOUXxYFwTSyp3/59zZrk/NfkexPUkTvMBrhyc3gbvtgW2 jLDngIU2pp47H1ST/0exeZtOOPFo1HQwjqwoSQTShXA3ZuxZ4ycgyv2dQC0u+PU9 fziSaauotjAl/kDYVclJp2RbaAgldJ82uMbausPbB1wHgttEYSMgxg3gG74QHx0s OeTyTGQ0PCxlmE0BjUaDhz9lP9Sd6slWyOor0t5SRSpNY/MPkPOYsUVTlRuNVTKF K6EIT1BTa58MRVoCMch517zH8oSgSY7YSJIiL9eRnNwb3xh9j/y2PW28ZC8A8YtE Q1vpkHMMQEWulgOMOdVrpS7UA31O330vIvJ7Xxx48nbheAGEWokh4bkYqis664x+ MPRqUfv4LZ1koG4= =X4XG -----END PGP SIGNATURE-----