-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with libcurl 7.78.0. This release addresses vulnerabilities related to CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, and CVE-2021-22926. We strongly encourage all libcurl users to upgrade to version 7.78.0. AFFECTED VERSIONS All versions of libcurl through 7.77.0. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-22922 - MEDIUM libcurl 7.78.0 Fixed vulnerability related to CVE-2021-22922. CVE-2021-22923 - MEDIUM libcurl 7.78.0 Fixed vulnerability related to CVE-2021-22923. CVE-2021-22924 - MEDIUM libcurl 7.78.0 Fixed vulnerability related to CVE-2021-22924. CVE-2021-22925 - MEDIUM libcurl 7.78.0 Fixed vulnerability related to CVE-2021-22925. CVE-2021-22926 - MEDIUM libcurl 7.78.0 Fixed vulnerability related to CVE-2021-22926. SOLUTION cPanel, L.L.C. has released updated RPMs for EasyApache 4 on July 28, 2021, with libcurl version 7.78.0. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM's Run System Update interface. REFERENCES https://curl.se/changes.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmEBeh4UHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd925xAAxH4yQanYI/RosdxT/4bSkF0VaHlD 6nIvvzIeY+c6z48y2PN9dFwQ6Ts2hAmSU2tquYHLCNPjupvhlnixYLDLFCgEdN+b 8GaCLUt9QUCUww3vXLvMsgG/c4gYJ+y6Sx5ucXDcus5Wtwqx4e2jVXr6x6vaP6Ro D6+wzB1VFjFHmtq3WANPZ5H4tOKjKCsZFay9HeleRF6X/zXa//qbnyrFD/5Z8ANt TLIcoFPsBDk5DVe4r+zsb9b1+WmMJrm8tmXyGE0y25ruXOyw3mMXGGerf2x0AgIV 0ZSq3cKnjRb4v2Sp10uXHzapbyNw07OHjugxXu2awYvRAjyhIQvDwAoCcxipmJk3 r3jiPHWUlBFAnW82RoPUfvnwrO9zWURPp0MT3NllSlKXsj5etze69YGuyRPuEjOU x0prH7vntx39O9proG28eBgcd72XOZv+VeUVSEckJf4gBJGsM2oBEU4N11HFXqRD FaRxkE+5kCXuv6vKEbr7YyHbX6KJQVrSo97FMxVhRSOjvfqZJMZYWgZUzWkSHtSl dGH2WTrnFWRSvB8+pgTso7Y/8Q+zKHb3sv063TE0fnLN1TVfk/BZePDLob0IVWcI ZghfINYHDFg1TCa6x6nMBds1abFzNaDstmgKgp5hmVVwDKfDwjyYNQLBWNcO7ynf c6vr4fKypJU0Zmw= =NjC8 -----END PGP SIGNATURE-----