-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.4.10. This release addresses vulnerabilities related to CVE-2020-10663. We strongly encourage all Ruby users to upgrade to version 2.4.10. AFFECTED VERSIONS All versions of Ruby through 2.4.9. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2020-10663 - MEDIUM Ruby 2.4.10 Unsafe object creation vulnerability in JSON. SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 15, 2020, with an updated version of Rubu 2.4.10. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2020-10663 https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-4-10-released/ -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl6XMJIUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd+4Iw/9FCej6UcstQIzb7TYleBlqM71ivfu TsyjEuO9Uk/Z5h5G92yNazfYME+mKjrLzl7gOpV3TMtI1xuFrZewP7E0aYYr9HL3 XAsZv05FsyFlVNtSAaakFADuZAuw/wfVJI/HfXD6ESGdPv8kmDA/ke1+K67Ef9+i l8gdiXA7JzuUhEjF7G9SKpczx3861Brgnfq44zXSNCm6q+8AshauF9i5jtxzVAyr OSIT0u63sxc+oqskAuRRDPJe30imgE2XhAc1qx9SfwdA9/tbt7gY48Ac0Syo+MEA ZFJ89D9ljHCERtQ8VQ3S2ET/EszgyZdbkObdHKbBqnLva4Fk8Wqe3iwCkC5S+rhP Qm8Th+HYEcVFrZMUa0+OddmVJE2bbt1+8+8+udmmL7dLRKshC1I07WYAbr5LFLzG dxljqLAJN3sIWbGgmaZ4LXfmy0kjXtuEY0jW8MKwjJu7QYZFJY3HR8NVVPnRicEN rgmhjvIVfrXRJD+H7o+qyhUZfEPZKTtcnX443m8KcqcBRgS0GgDPNhYgsxp9UTxR zL4MYNKbq9ndwKWlCnKlh9ZM+q7s0Xu9mpvPUL7b9SxPhpGp5BZYYL6pvIsMr6CB YENq8QiFfdg221B6lmw+Mw4ThnTl4L1CLdqvi4Pq4CBjqDLlgXt43Zb/c9nfScRZ Y64VGeBlS8wW2AY= =tTFY -----END PGP SIGNATURE-----