-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 8.0.12, 7.4.25, and 7.3.32. This release addresses vulnerabilities related to CVE-2021-21703. We strongly encourage all PHP 8.0 users to upgrade to version 8.0.12, all PHP 7.4 users to upgrade to version 7.4.25, and all PHP 7.3 users to upgrade to version 7.3.32. AFFECTED VERSIONS All versions of PHP 8.0 through 8.0.11. All versions of PHP 7.4 through 7.4.24. All versions of PHP 7.3 through 7.3.31. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-21703 - HIGH PHP 8.0.12 Fixed vulnerability in PHP-FPM related to CVE-2021-21703. PHP 7.4.25 Fixed vulnerability in PHP-FPM related to CVE-2021-21703. PHP 7.3.32 Fixed vulnerability in PHP-FPM related to CVE-2021-21703. SOLUTION cPanel, L.L.C. has released updated packages for EasyApache 4 on October 27, 2021, with PHP versions 8.0.12, 7.4.25, and 7.3.32. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface. REFERENCES https://www.php.net/ChangeLog-8.php#8.0.12 https://www.php.net/ChangeLog-7.php#7.4.25 https://www.php.net/ChangeLog-7.php#7.3.32 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmF5fTgUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd9xORAAsbKtxIkl5D41uNHDiQH7WflnI6xG vnYHmsOa9uxeUYYHdA+8FSv5YWVXzJZoKMZ4/VbBwvdCUPoIx6DsLGJ0L93j9CBy I25VIoRB2amzpOhyN7CTWQjh16UjLceqkcInFfChEZBwHHIp7AMm4hbPt3bIbZ4v CzwseI3BIY6QHOF/hnxgl2RBYfKLNVbw0gq3CIslUDaJbcoeoLMATLjpcGtnK5Wb uTL7wZnqkct6WYpBpkkm6wkGKWzaZBOT3ONJjYtmfa6HqKhBVaa2/qdHzP19/MHI /bAbFe248hWiHAdIgzTz+TczxTvOfU4tsmQXFp8FEO3AjWIJObJr0968JcAIFD39 2k6UbodEkchpovpi0Di00yMYJ3jctKxj8zJWksxa7cN38ilcHT8EaVrDkcXsM37j BNej9g3MtJb5HsApj0TKPJOHDdW2Pgk2BhUqTPReF9eFxUMxFKNrzjhlvYqRfvjj ZsApQzyBDPBV9vCMw4MjeEW1I0sAiaCVW+GdGZjNZaTO5gNk4PtGJ+4TCOLiWOI+ 8/rOm91EG+WG6sKrpAtsh660ZM2JEal8ce02rBJd89RcGp9Gvx9Ly5zyAkzz9Ild flMTfnI5uS+rn1TcmuEiDHpP8IsmZFWoqXr/gdnzD2SU/5pTT089ap54LpbUr4Zq iTHDbU7yF4gLbWQ= =RD/n -----END PGP SIGNATURE-----