-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with Apache 2.4.50. This release addresses vulnerabilities related to CVE-2021-41773 and CVE-2021-41524. We strongly encourage all Apache users to upgrade to version 2.4.50.
 
 
AFFECTED VERSIONS
All versions of Apache through 2.4.49

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2021-41773 - MEDIUM
Apache 2.4.50
Fixed vulnerability related to CVE-2021-41773.

CVE-2021-41524 - MEDIUM
Apache 2.4.50
Fixed vulnerability related to CVE-2021-41524.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on October 6, 2021, with Apache version 2.4.50. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://downloads.apache.org/httpd/CHANGES_2.4.50
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41524

















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmFd2cEUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd9+ZRAAsQo/8Hlz/3AWU+oBJIEmqPq+Qq9z
ekpG1bmTibFKgTbq9+kRAJ+FwrfSnMjizSQcAxRJEsfievIhrNh6RtHxXOvGfE7N
9xa7Q80bQm96qEktTs9u0v8H0tsd9pfAnzFprMDnDvXds/yRAHP5SaUi6Ujq5WlS
Z47vzniMubSLDR7xMK25OZrRlyw3yRC6aaF+c97cUOFkIkCi36a/N35nABHpBc5J
feoVL0UO63IRa1EX+m2hNQE4O43HwlkQdo58MiKxxjPTdfgtqj06SGRft2e+ENFO
Zoa6F8CKpcf+L2+WsNffTTBAk12Ht4mkcl7qlw9CO9co7thTeU/ucxjdKS3P8V8m
RG+CgUPJJAPnw0ude6ybX4hkmcRwGKoKJ/uwNVy8X8axDXQ9Y55rev8oxTa6xaRW
a4WWHzRuEUuvedOhPVW7nQ4GVMy1i8yLUz8UsZRCJXW4lAFOxJ1Ka3TXgUMjUonc
mR+6R4AwMKi+etFFZkp0maIO6ETdjxCCh7Qw/xUyRU3pt8NtXP54NcGpSX3GDz+t
/joldZZlrqFBJrKk/JMSfCnO6Qxm1v3DblCZrb/OsFb9Di0xGof+oFJQgDhJc716
3IB1wl03sznZICQ2MTRQiffPZ1alp27HkLBJCGnD7muq/wJX36R/WukMv35kY2dB
SXGqXefvfhhkUY8=
=CdcE
-----END PGP SIGNATURE-----