-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.7.2. This release addresses vulnerabilities related to CVE-2020-25613. We strongly encourage all Ruby users to update to version 2.7.2.
 
 
AFFECTED VERSIONS
All versions of Ruby through 2.7.1.

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2020-25613 - HIGH

Ruby 2.7.2
Fixed bug related to CVE-2020-25613.


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on March 24, 2021, with an updated version of Ruby 2.7.2. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2020-25613
https://www.ruby-lang.org/en/news/2020/10/02/ruby-2-7-2-released/













-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmBbh7wUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd9d/xAAypA23Ytd1e8JJQhOnCJ2IIIQGLoH
+zkIV7egYXr1gIDV3rMgMRAsXi7U4ua+1ZuIA0cGsmxfFrdjPw1r8l5dtoEjw/vY
Ge2N2krLrjvc+4U84udgj76QSKK5PaBLPqhq8kikIvc34OzIdoSTA5WxNqCpMcgS
CZSZCIW16Ms1CYvY3UFanI8/4/H9txw3ZxruWMkKqAwhzOLMsDsd6yZBk3OEePKn
YN5zk2La2Y+amy1vorasOK2KH4+Khml2Wq4/HN5jhBWtuc6k918iS9LGn9gWEGPj
B5MlRFRqncKk+hjkJli7Hvq2PW3GQovawjv+NhRjf+ZA2YFRkw4h9esJm+JGqfk3
p+L/BeT90w0ypG1C9PFfcCtCA/CrA9yxFEnSQ4DX61lVC6ysh2u/Nim3aj2dfrdi
yYYRaNHzQfWEUwOUe09ENRc2RssIf0NnQUYRTeMtpdO9cY72fRWZdyUfyXDccs7/
yG0PW677VN/lrn6YF7e/vVCQYqwunoiPYkQpbkQAaOTdiE+Z2pUHmXIZ1HMu2iRA
Y+87HRpc2OJGrCePnAz3eB1WHxWjPZGcRTAgVeGhFh/wHfhN2DauHKWUCGR1w8dB
/o1ygB6aELDpL3Vx2WhS9i2cCNJ21sE72NCvkzXIRjT4xZi+hiyNnRpEHH8m53fh
gv61Y+fJoKcTpsI=
=ZONB
-----END PGP SIGNATURE-----