-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with OpenSSL version 1.1.1i and libcurl version 7.74.0. This release addresses vulnerabilities related to CVE-2020-1971, CVE-2020-8284, CVE-2020-8285, and CVE-2020-8586. We strongly encourage all OpenSSL 1.1 users to update to version 1.1.1i and all libcurl users to update to version 7.74.0.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1h.
All versions of libcurl through 7.73.0.

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2020-1971 - MEDIUM
OpenSSL 1.1.1i
Fixed bug related to CVE-2020-1971.

CVE-2020-8284 - LOW
libcurl 7.74.0
Fixed bug related to CVE-2020-8284.

CVE-2020-8285 - HIGH
libcurl 7.74.0
Fixed bug related to CVE-2020-8285.

CVE-2020-8286 - HIGH
libcurl 7.74.0
Fixed bug related to CVE-2020-8286.


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on December 23, 2020, with an updated version of libcurl 7.74.0 and OpenSSL 1.1.1i. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2020-1971
https://nvd.nist.gov/vuln/detail/CVE-2020-8284
https://nvd.nist.gov/vuln/detail/CVE-2020-8285
https://nvd.nist.gov/vuln/detail/CVE-2020-8286
https://curl.se/changes.html
https://www.openssl.org/news/changelog.html#openssl-111












-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAl/jmbsUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd+5yw//Xymb8F6zAqRouWTNzKAmmBXg0DTq
EnZ81v3HEoMpLWydbghkK17y2bIZD9qEhTdNRhauZX9gsEi2ddUJU92w9ueQXK4V
TGtlKSvvWv+/q5iPir/TEpB529n3DyTkXSvjj9J7rPMck0SyNKD1omJQH+EnCdRX
Pcqz4FWUllEwk8G1PqK3OiCOqRmSIUmkvFsPLoEa2Xv03q15SBYoRNVNXle50bpB
bGpTLYa3NbUE4TvanzfJZ0meJJzUsbv17x7llv8T4J70fOSyFZCeTwrEmkfYdIjH
UoCl/RKdV0etVBqyxAA3NwVJxmFwfsFjMEqruHa7fr/n5qrLk6z/TJsD7jRb6HkM
DbEeSlZOPuHLf3OByrvON4OLU/gPUZPkgYRSheSPYwjzcFFbOQOQ+M07kBdFUi0i
0z22lkFQ/EPnX7AXhoP9oBV5qFx/MYRVJDfxmiqTBZa37qN38WILyTwdSHRgmZUX
VJ1bfPo6MUSu+CllcBmQH60eNymcPVgaXy5SwTbvDRm624tRIDTp8jGd1uExSzcB
zw0Nu3EHHF6Shh7yGoNFe0hUnF5KD2kBFLhoVUc9tLf66xjOhCeJTbqDDnP0bGOo
Pl7tSuDz7uXLiLqp3CP1+wggCPp9ncrXoEg+TFrhHu4thtnqpuW+mjl/i3y4MR6z
ibKrlHw3C6ugrS8=
=1rOY
-----END PGP SIGNATURE-----