-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 a new version of the Drupal ModSecurity OWASP rules. This release addresses vulnerabilities related to CVE-2021-35368. We strongly encourage all Drupal ModSecurity OWASP rules users to update their rules. AFFECTED VERSIONS All versions of the Drupal ModSecurity OWASP rules prior to June 30, 2021. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-35368 - HIGH ModSecurity OWASP Fixed vulnerability related to CVE-2021-35368. SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on June 300, 2021, with an updated version of the Drupal ModSecurity OWASP ruleset. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35368 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmDc1UwUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd8kLA//Rp6EiJ6JrD+Khn5CSXIFka8V0vkG FYaoC682Dn3QweoQWsmue5FIxPOn/+Vi5DXpCYH8US0S0eunisnk6BY+fjG9WgPm hFKmH8EZskWTHxM2KsPJPP8VI9wQc/xkyLn7ps/ZOU6jcxaExa5DZ3Y2Fj+47H5a X/HGjLjMU9eGdRH88TF9sopFwWfhbp0lU2wX9HjZapGqEdf2Lp43H25xITpmvI29 KraVBW5XhrWpQ0GxhV2jQ+2gbyzN68LIyNeaCIjBH5awfx7ZMpedpo2lqf3BUqNj GJOsvzz/pjo8QfMLXoM5FnvpqY5gilCQM/UGDHNuWhA1FuwEhtUjNf7Xg0jZZxXj /sLPnPMf5MUiwi631evcUeTchf0AwVjZm68Y3BR6BoaLNhMf1gqHXpgIuOXMqNJq J/Zn+o8xqoT+/AFQXwYkAOXF+MiAHHhjANZ6rJ+i95fAD2ASWxXElE1xJ6pkw1Zi iEH8AdqHm6RvxzOr/rduuhb2euhXiKHWyVn2YlfxAsD03LUb3n0kR5ooXodUIgeJ 5cm7oaqPoF8dXOuop0NSOXI9DrbBPmfmhFvJzd7v2+8rdnv4MdcptMz85BoClStU fJ6C8LGIk1kjF/q7J7JEa8cJoUxyXd2PJczrLEuFThdlfpIv+bGRzCudKe1vKy/V t8Bn6PCV/P70pS4= =yx80 -----END PGP SIGNATURE-----