-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.4.9. This release addresses vulnerabilities related to CVE-2019-16201, CVE-2019-15845, CVE-2019-16254, and CVE-2019-16255. We strongly encourage all Ruby users to upgrade to version 2.4.9. AFFECTED VERSIONS All versions of Ruby through 2.4.8 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2019-16201 - MEDIUM Ruby 2.4.9 Fixed bug related to CVE-2019-16201 CVE-2019-15845 - MEDIUM Ruby 2.4.9 Fixed bug related to CVE-2019-15845 CVE-2019-16254 - MEDIUM Ruby 2.4.9 Fixed bug related to CVE-2019-16254 CVE-2019-16255 - MEDIUM Ruby 2.4.9 Fixed bug related to CVE-2019-16255 SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on October 9, 2019, with updated versions of Ruby 2.4.9. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2019-16201 https://nvd.nist.gov/vuln/detail/CVE-2019-15845 https://nvd.nist.gov/vuln/detail/CVE-2019-16254 https://nvd.nist.gov/vuln/detail/CVE-2019-16255 https://www.ruby-lang.org/en/news/ -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl2eAGUUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd8SURAAsrcIyPP6XtB3GnLZV7+1f/tMXQcj 54k97trGCbAoMmX89V+e5YxHWq58C/7QlhVrRdcjRNOb+sp9I9QxC+K3iQFEOBYz C4mMr69mywFIK8dPwozhzeYWbb1FJQ2CnlFuJkcANqoYKiXoMyXEFrsaB9+huWh3 1pdPQ3JO4Wg6kc7ld/9jCHd1JasDwePj4GxoVzY//t14H6XUJNsaL76gBG+i6Rne HUQjBAobvsoOzTaUacfFoAyZV2FnBmW3SaBFZnAn/OPnmUnP3hu/JSadnA7moQ8X RGM3wVsi9IKo1FwXMbFr6BdKAYhvZHwSnZkMlNTkioGppbGuJdwdltAiRVae6T0b ix7kDRzfW6769CZszvU+/QzyJU2LFpQDlDI0x10Ni9Jdj/2zxZ+IMAiLMTBACjrQ P1T8CpwKJnCdBWYNm39V7EINr2C5kVSX/zESWP+Ld1M7yYEtMBNYtYz5pqcCG19I /03ICZ7obuSrTqua8Gycu/Pgzxj3cZL2g/ufGKEw1jx+OwocQLPr9MjqY4w56Vx5 yP0N3ooZnpNA9EjxUIh/6FPLoIwJoTcJIobHUiH98SKhQ1hhiJs0nGAFRnEXz5fi mkr0VR6jeEgRajQmntZWRiHcdbyIMJy4NOROmGh+iyupZqXV8HfXc0kdSEhoyZz1 4Pmdy92bHwNCUQA= =3uOz -----END PGP SIGNATURE-----