-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with OpenSSL version 1.1.1e. This release addresses vulnerabilities related to CVE-2019-1551. We strongly encourage all OpenSSL 1.1.1 users to upgrade to version 1.1.1e.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1d

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2019-1551 - MEDIUM
OpenSSL 1.1.1e
Fixed bug related to CVE-2019-1551


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 1, 2020, with an updated version of OpenSSL 1.1.1. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2019-1551
https://www.openssl.org/news/vulnerabilities-1.1.1.html










-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl6Ex3EUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd/EAg/9H9giUd+wB/+/QszuunADr//D2oc0
Tuht6iD95Ib/a41IqJKXKTuet3amiVcpRUjRUp0MeAN2cyf76wSchAAD8DnZF4jK
h8Qg6uTGmp3k4LBUt4RYtMl0nfW766tsBHKu5U6bdAneLcUj7I4LdY7/W4am9Xg/
vQ7GzCXJNCk6NQ2XELH9hHEKkVNQKqDBPbjSEX54cKd+pDtGlAYehivDtDYS2gco
WYU/i016+kSZ8kb0n82zqa1u5Tcn52IuFgAGMQ1r+6J83Lf6hERkCmncnKYHsj4J
FWKxAPiIYhJm6MuNoXH0ChY/AH+idftrNId79Qck0VclHF4O5ljO2DmvDhZFrUGG
T1SIlsFo8CsU/ucGfF0tZhtLGUF/MHDD4VwDEgI+tMKa87OCeMoPSLSuWSSVCJby
nIRR2DEYSPCED953cf948DV0n0snCwujf1KN72FJigTt+Wyj34xnLpOd/Da+u8/S
r7PtyN+XQKqFKBIut5uHxGvUthns7RXD8UqXYxE+m4nfCCJ4C1+GRjXQRvzCIk8r
npt3bDh5rc95oH/ecVMGgiEEHkMgjeqPtQHCzYBn9jT5us+czrdzy/A4BQpzs9pM
2aFJ19jQXmgjGvLBzyowchHLcZf6tlrDZJPZP/siGrmyfnj5eLmVDn8b25RAGA+6
tQiYFGzpzAIRq68=
=eft4
-----END PGP SIGNATURE-----