-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with OpenSSL version 1.1.1j. This release addresses vulnerabilities related to CVE-2021-23841 and CVE-2021-23840. We strongly encourage all OpenSSL users to update to version 1.1.1j. AFFECTED VERSIONS All versions of OpenSSL through 1.1.1i. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-23841 - MEDIUM OpenSSL 1.1.1j Fixed bug related to CVE-2021-23841. CVE-2021-23840 - MEDIUM OpenSSL 1.1.1j Fixed bug related to CVE-2021-23840. SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on February 24, 2021, with an updated version of OpenSSL 1.1.1j. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2021-23841 https://nvd.nist.gov/vuln/detail/CVE-2021-23840 https://www.openssl.org/news/changelog.html#openssl-111 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmA2lBwUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd8FhQ//bvizcdqJt0OplP+OvyDnTvlKl5+O lL28rLi/xR69IcJOVFQtOaV5cMjs8MpMTxduzYb69iPNBlcGdMOIGcAN4lpqdPtC gH9fiKSRGq4jxIjUoVTZ0eJtaq93rT2TK9Gc1zxO32eca4cwrtvgwbGy4bjGkadm RSBYInrxsj0WJg9iGoEyFG72qTLTIiP1V5ieGqTLFA06VRs5XUZNZvBVDqcTrcaG tpxoD+A8XiHnLHQiKxISa6ErocDcrsqUjkUiphVjVJCq5wYl3yPASHYAKdmKu321 Gu0ArHcnMbtVj4eZWQSDQ6k6XlG315HFQCmscy9sWH67zX88nGruMuIG6HhRYdyk ihCZyF0D+qAai30uu/yNnlUfHR1YC9tTJJtX63lhgpToF27b4W6Gebiunr995Ips KsoLjNWjTSBIOsfpRHX1T9YFZPcSMrZWqb35c5Ce3HcrzT7mkIt5xZd2nJfXVffP D79ldOAsmAlOwUnKk0oYoGeh8fLLrYlyIcQgJWCjIg3KIu9fMvgXWyEyR5VSzJIV 73zxg3Np2bMM9fJm2FiNjZCm1PmfGJh05GI34fhgtA3qy8WZ1si6oqpKfo77vVhZ SgBzwfeWJGSO8rw+wvoqh0dvvezC5ENAz0IQPCTb9ebdqSQt+ofzGxcG0JaX7X4r JDBw8l1dXgXJbYY= =P80R -----END PGP SIGNATURE-----