-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1n. This release addresses vulnerabilities related to CVE-2022-0778. We strongly encourage all OpenSSL users to upgrade to version 1.1.1n.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1m.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 
CVE-2022-0778 - HIGH
OpenSSL 1.1.1n
Fixed vulnerability related to CVE-2022-0778.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on March 17, 2022, with OpenSSL version 1.1.1n. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
https://www.openssl.org/news/vulnerabilities-1.1.1.html


















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmIzb3sUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd+kYxAA1PjmeY9uzhoWYgFPihLsVZBoEFZx
Uy8dIx/W2or9bptKqtQaNWSODNq7VhxOei7yNIZh+vgMTXhvrbxT0rUviHtWQ+L6
c9gzMBtsa738ZSJhZ1zJVRa8JH5bzb1XOBmiyLKxljGlJXlI9dXP2o/1jyd/X8r1
wpFH1yaKV5JTMOgYdi4B6nPuP8e4oNsH3AcZ3EsK2n+hw6PnnLSHw6VgOCLGdfzF
/OUc1NGW6Ar4gyCuuQnwi9SHwfRps1HaFFlRB7BcgxYc823BhRRW/NfDZfBZHy3N
ezEoOWrXUPt9jA50mjVbBejB8cqVhIb9el0pbpu9E+y4lDuufMRWNCJ9NTQhnD7K
9Q9TWCsWkwzfY4vI8mtXyRRo70PTb9stgIz3PE5Q2gi3HW+PQEs5VtB5BlYJy73h
BltKoCHs6ADoSGDKiCkqGoCruw4yOJO8FyYb1jcWPhdXGJGYGNNqhrqOWnUGRPDX
Cp0IzeRt609FC40hsOEbad90ze4NgHzmYE3Djm7wAtRv2zzpjSRHEl9mGGJNWmwX
Sme8gse7EzpxPi9kS6N2LF5aK9FcSX7vfLegCjMOpa8crBmLEEzmsUjZZZ3jQ8/3
zu938gYeBk7GGzfo/JGxm1ZJAM6DQW3GYWDZV9Bq0MqB7NrVGGiCHkXMTbxE9Zmj
BSGOrsdyq1kb6DY=
=yusA
-----END PGP SIGNATURE-----