-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with PHP versions 7.4.28, 8.0.16, and 8.1.3. This release addresses vulnerabilities related to CVE-2021-21708. We strongly encourage all PHP 7.4 users to upgrade to version 7.4.28, all PHP 8.0 users to update to version 8.0.16, and all PHP 8.1 users to upgrade to version 8.1.3.
 
 
AFFECTED VERSIONS
All versions of PHP 7.4 through 7.4.27.
All versions of PHP 8.0 through 8.0.15.
All versions of PHP 8.1 through 8.1.2.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2021-21708 - MEDIUM
PHP 7.4.28
Fixed vulnerability related to CVE-2021-21708.

PHP 8.0.18
Fixed vulnerability related to CVE-2021-21708.

PHP 8.1.3
Fixed vulnerability related to CVE-2021-21708.




SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on February 23, 2022, with PHP versions 7.4.28, 8.0.16, and 8.1.3. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708
https://www.php.net/ChangeLog-7.php#7.4.28
https://www.php.net/ChangeLog-8.php#8.0.16
https://www.php.net/ChangeLog-8.php#8.1.3


















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmIWYAQUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd87sBAAtTINZ+UU0k57peHI+ZUSuw2h2G2x
EHhb5F8CsDYmLPt7Yn5OIQM6R8JcNr94f8tva7p/kK4Kuc4w4BAWeUPkD0uXLw6G
LwXOcILwwiYTPN3q+siHENu7ZKw8utm0rVUypW+txBkcTyNDJqZIot3gi1Q/f1y1
AdMBHQyGtQij8IQumrs4myd8gc6yL1VSaSnbxjB4MQQgEyo6peLgUnS0DSmtlNO2
y8hVGWHfq9zOtGI+TdjQ0FXyPeZjrkgtLfx0CwxWsYoDJ015gP6iJfqBjfAA8H2I
80M3RB1Mte+nIJtAgnQOsZ+ePUzr6Cr4hY10qGrsJOpCW9pk98t4qqMxhkxVnD9X
fKWXZxvL5q4a2ifQLUFmrjeiJxR5Nw3SVCYoxA8E93d3Zv8VPopXfWUGD8pzIBG6
0lrQA5uqO36qnBC0RXDfOy608F2COQP/DD9S4J+7MmCStqc+R4BE7XvhX3WckSxj
ERrSLiRLEvsvxQRCfFwftG/ht0gghaInJ1asHXRXTqGDTBzomyIMPeadKHgGV9U9
LXQKWWG1B0rLHRickOWx8uVF475OlQpm+waPs5zckB6chR2eRWNuIBWty6f5KQuo
XABS/erFXJrzicJZ/mz5whG1qjSXIsZgAIJ5eigoohd+9PmxVTiyZj75+E/lY7J3
NCo2wxerYxqJp0k=
=f84O
-----END PGP SIGNATURE-----