-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with Apache version 2.4.43. This release addresses vulnerabilities related to CVE-2020-1934 and CVE-2020-1927. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.43.
 
 
AFFECTED VERSIONS
All versions of Apache through 2.4.42.

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2020-1934 - MEDIUM
Apache 2.4.43
Fixed bug related to CVE-2020-1934

CVE-2020-1927 - MEDIUM
Apache 2.4.43
Fixed bug related to CVE-2020-1927


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 8, 2020, with an updated version of 2.4.43. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2020-1934
https://nvd.nist.gov/vuln/detail/CVE-2020-1927
https://downloads.apache.org/httpd/CHANGES_2.4.43










-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl6N7VcUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd/VoBAA11/7TJvHe2yjdGiyLIef+P1UneeC
LcBdfEwjXTeUih8I5tl8BCSfiMS/7jDRTwJGYwfddfpbA8IrX/YEpS2OMg4MzoCr
3u/10eSAkljpYSL6GZfEL8iifvQdZSpQA7883LV5TCg0q+61x6Psua5uoHenr8kU
HzTe4TetRfI5uYjWoFVoi2xBtifo0EG6CeMX71YOiJ0ame8ZJArrhR+JZsTViXMG
APKIBG+bM25K7NLX7/H236VgAUO1bDG+i/4F6IOEPJb3NSJVR2Aotcz4qhCo3i2W
kR8QRCrvpPvoHVxz9ZyjM6p4g2vbg1urmtMwmy3MucRZFa7gtCSQZuA5eJKlrpDx
N1OoSUK8/ER5s0vVJca8RZKzhHRRwugomYN11bIA7V9ZqPzQOOp4KoY8uW2ED/1/
KJ+le/7YWML672U0yQf15PcD1rwBaQi1ZVZCbGVBIwu3B5VTGwKevA5IsU3WzjeV
JGUMUA8ha+ZjBG2U/E3jx96I2bqJQtHxnTK/SCD5r5S5ICn25hIdZoP3vv2tFPkl
vM+FzUCUn8KerBPn25/vn2qOGv9pD7TmC/emS97g0jNfKxo3vo+/IHACxtKfWsV9
92E66EQE1S2wrSkSTfiY0sgG5xqBlsFAuaMtUw69kf47p4pKcucfOGl/9KWrieDo
cUIZ0XNXww4Cx0E=
=OwmQ
-----END PGP SIGNATURE-----