-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 SUMMARY cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 8.0.13, 7.4.26, and 7.3.33. This release addresses vulnerabilities related to CVE-2021-21707. We strongly encourage all PHP 8.0 users to upgrade to version 8.0.13, all PHP 7.4 users to upgrade to version 7.4.26, and all PHP 7.3 users to upgrade to version 7.3.33. AFFECTED VERSIONS All versions of PHP 8.0 through 8.0.12. All versions of PHP 7.4 through 7.4.25. All versions of PHP 7.3 through 7.3.32. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2021-21707 - MEDIUM PHP 8.0.12 Fixed vulnerability in XML related to CVE-2021-21707. PHP 7.4.25 Fixed vulnerability in XML related to CVE-2021-21707. PHP 7.3.32 Fixed vulnerability in XML related to CVE-2021-21707. SOLUTION cPanel, L.L.C. has released updated packages for EasyApache 4 on November 23, 2021, with PHP versions 8.0.13, 7.4.26, and 7.3.33. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface. REFERENCES https://www.php.net/ChangeLog-8.php#8.0.13 https://www.php.net/ChangeLog-7.php#7.4.26 https://www.php.net/ChangeLog-7.php#7.3.36 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707 -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmGdDxQUHHNlY3VyaXR5 QGNwYW5lbC5uZXQACgkQlSG+3KvZTd8z8Q/9EZoFOSeJktt4uV4TBTaHPuyrIJzq aH9kteuYU7RdN5pCJnPtEsHHfxv2GxvDNU4Sv+F5Gsv/H4kY0aVDVmv5S/vMvfCJ ReS7WfoB4NAkKLUkPnfBrBShP3v1icr3anwvS3a5mUrTDCkvQUFtVL1gv8r/7L1L UZj58XYVZ88cuUVLwQxYF6urm+SpxOOtPXeyWwrZU58OcZ28Nmr3/px4NtGRhUU8 YdoXWPaHlHbwbcMT6X+hTK8wMfHiktWq2zAxAZHWThkRfZeq2gCUrfyESUEWzchd tDPvpyyBDbZFCTUv20SHUMWxSMk9sq78VH2woBNxyqkPbG6T8GRq+sMiLGpzOysi vClcSIwku2Z6g5Lk4/yJkpYBbv3dwsW0DWsYkgw81xcZYOz78sOFOy6nERUf+vZg KCPwx+dCvOgHL1QopSG8NMAr5paba+L1+K47i9B+n/PiBmFUmss55B0E2F+PYLVm tYqUGYEC8QCzyW1f7TMnpui9ICOyHN0d4mM0mGTvVA4S0E3cO4RyC0XHJtoTkaPC BBRtTv7HUbbab2eALxepTi0epb3v6mU4aw9torttdU2q55UcX6i0pIsU7wVEP3/M NaPcOtOrl317HkyzEW6r5CvaT19UzQA12rf/UFofiibENO1CqIb09BQF7zF0Go5c ri73Ih5uJ5s9cr8= =G6tx -----END PGP SIGNATURE-----