-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 7.3.31, 7.4.24, and 8.0.11.. This release addresses vulnerabilities related to CVE-2021-21706. We strongly encourage all PHP 7.3 users to upgrade to version 7.3.31, all PHP 7.4 users to upgrade to version 7.4.24, and all PHP 8.0 users to upgrade to version 8.0.11.
 
 
AFFECTED VERSIONS
All versions of PHP 7.3 through 7.3.30.
All versions of PHP 7.4 through 7.4.23.
All versions of PHP 8.0 through 8.0.10.
 
SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2021-21706 - MEDIUM
PHP 7.3.31
Fixed vulnerability related to CVE-2021-21706.

PHP 7.4.24
Fixed vulnerability related to CVE-2021-21706.

PHP 8.0.11
Fixed vulnerability related to CVE-2021-21706.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on September 29, 2021, with PHP versions 7.3.31, 7.4.24, and 8.0.11. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://www.php.net/ChangeLog-7.php
https://www.php.net/ChangeLog-8.php
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21706

















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmFUoJgUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd/wig//bLiQdu/N5bXEDx9aec8ZiySy0bnw
W2jp03IwL305TvQblD4zoG/jq2XceMEAHEpj7wZNczb80BRuQyy/zn6gUG4q5cXM
Fbar+2FW27BfcKiW4SaIzydDaI0lAkV22aaxgtbmn1jBmfJ2FWvyaCjzy1LzyoAd
bubYYJZ8+r21BdAuhSiA+F0mHDYrZKxGP7cv5A2kNMcLMHs2EhcUTBnuK/9tpHfq
dCdI8dWQhPgIayrAsPUgz4mWOVB6fTfSyQMFpZ2e1eyifV1+Etv1oOwKM9z8zTZB
y+MCm9p0aZCdGsfPqEA/SyRE5FZXu2z7n4CeTdYEZ56r0+OcC8nA7Lc90nXN+0fX
DuwyonFYLv4MUeUFBsq74StE+aIns4YRs672o6ZTsOzHPM+Zy0YtaCGiRQcjK4np
kfyvA6CMkGs7KlCoIYa/oLOa/Mq+M8IeMJxROBIJMkb4+gIgAdasaa8r6w+dYaBV
LY5gxHrrmZ46am9SmDWPrfhnQOpGRrePSuuhRAIaKeZZw4bLl+RtbsVqe72EuuO1
0k7fLtbwSzBcTqjfPtJKuuaP3YQXrYPeyPxuLjcl73TYCZC18iPp5x2/TTlbPmVE
g9DMpkGkAO3JaK9GMSXA2cg2ySuabDaY9f6Z0thflVrDhoCulong7p6HBZ8vLJsz
8opMGukslyFXqlI=
=LSev
-----END PGP SIGNATURE-----