-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with OpenSSL version 1.1.1k. This release addresses vulnerabilities related to CVE-2021-3450 and CVE-2021-3449. We strongly encourage all OpenSSL users to update to version 1.1.1k. AFFECTED VERSIONS All versions of OpenSSL through 1.1.1j. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-3450 - MEDIUM OpenSSL 1.1.1k Fixed bug related to CVE-2021-3450. CVE-2021-3449 - MEDIUM OpenSSL 1.1.1k Fixed bug related to CVE-2021-3449. SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on March 31, 2021, with an updated version of OpenSSL 1.1.1k. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://nvd.nist.gov/vuln/detail/CVE-2021-3449 https://nvd.nist.gov/vuln/detail/CVE-2021-3450 https://www.openssl.org/news/vulnerabilities.html -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmBkvhUUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd9yKw/+I21ZIZEgA/MnfQGmz8shvYqAVt4t V+BHGDAJf28fRtAAIt1HD0TJhbpmaWOKT+B+acxgHIlwWBDzwaUQlzQ0P90R3O+X ki04ham23n23kLhDPuVF2Vm0guN4ON29smj5txaCOpM9FWcc6Oyr9k5JasXLCpg1 PeXpLNlqJWTJziSlqbLUnmnWgtIXIzOQl2TKb20gQ204mrL0Lpve8TPqNnGzINvS RdGmIJlxMxgA62I1dZSkQOraAVZswj7yUD+oRherbEmRPPHwar47sJqw41LRZTbm OT3xowO1QdIAPAd2OzgubHyVr8R1sRLgGgbyP/AAQuUzcW0uTKcSUjZLeYPJu/Ku ERzMPi+gvXidjW5oKLXPryksKvojskGGHbtFd5+UlMV5jgvdoiQgQzQAo0U0r1cO opKlCYuZv0Y7kUUex3TMyDYjVShKJ6T+VhwPIb9GjbH5279SCsrZhZEzVAK82Ia/ z23oST1SoBavqSyRrkrAJlPrVVkpJ3VvdYtM+Ro1TQ07HQsl9XVCISNbP4BIOj05 9AzJ3sezFF6SGcNrknm0Aw492gjsPKErpYlRmGmxEJNfZhSzIo36phVH+5Egqoyf WVqoCbNAKwsbtxqV9rATaECGmUMBoU2sya2Hdeig97u4bLGX0VJui4lUEP8WmAvo DaMBoIvFTGg3GUQ= =dKUi -----END PGP SIGNATURE-----