-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated RPMs for EasyApache 4 with libcurl version 7.76.0. This release addresses vulnerabilities related to CVE-2021-22876 and 
CVE-2021-22890. We strongly encourage all libcurl users to update to version 7.76.0.
 
 
AFFECTED VERSIONS
All versions of libcurl through 7.75.0.

 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2021-22876 - MEDIUM
libcurl 7.76.0
Fixed bug related to CVE-2021-22876.

CVE-2021-22890 - LOW
libcurl 7.76.0
Fixed bug related to CVE-2021-22890.


SOLUTION
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 14, 2021, with an updated version of libcurl 7.76.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface.

 
REFERENCES
https://nvd.nist.gov/vuln/detail/CVE-2021-22876
https://nvd.nist.gov/vuln/detail/CVE-2021-22890
https://curl.se/changes.html













-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmB3ECwUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd/jKhAAinI/jtAY27nSz8Km3PePim23u6u1
czNf2LqUS8bFgXsuI+d0fVfNpziA5Lb8NdXnHW/89Y6pd0pOo3BdcNVL8Ybmh2Pv
QSUFID9NFJXhcGMZnGpsQahxQWHS7JX/l2gww8yYCH3zqJ0rUrMlxiaVfORtnIwU
3SrJK7MNpeG4jjoLRNDT+eoCU06I4/iFsUH0E19LPBjsfvgmbV+mowT9Rx9Oqntt
lr2VWbtSiv4yekHngt8MYuraN/gWX3ZjkUg8p0uOKsnw+8SkFmXHc7yZBevCS+Oc
TSyCWRw2GyFI+2/13sx4Y7mKzOfiI34Ks9O6sWaNKIoJwiG5ah6mLfdjd7BiM0UH
E1K70jmhvLMzp79QbbwmmTyzcbE3ulvz0vkXSCWOowikBiiI1uEgroBvXNF4adj0
CHi/5hto2olsyo9VqM2NTaG//PMd46TSwgGqjE1KMogLfo0ZK+qMLMKcidoE77yk
kufWxUayfRW4wmdI1KCiNKb4sIqHTmLdGf+oCqS/LcqxnxiULdTF8enVVfPhvAZz
wTwU+8Al98/a2u9lh/qyRUwI3EhEWWYIkMw21tAJewiuwma8sdVfg3+MaYU/IQOq
w7cfgfJ1JGWBrFRYMCHjz4TgEPwRA8eA5QBF3g3jGu497oLAiPKykNHmaSXMEH73
Dt6wmCuiO+txyuM=
=1fA4
-----END PGP SIGNATURE-----