-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1p. This release addresses vulnerabilities related to CVE-2022-2068. We strongly encourage all OpenSSL users to update to version 1.1.1p.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1o.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2022-2068 - MEDIUM
OpenSSL 1.1.1p
Fixed vulnerability related to CVE-2022-2068.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on June 22, 2022, with OpenSSL 1.1.1p. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2068
https://www.openssl.org/news/cl111.txt


















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmKzSJsUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd8jWA/+POs2HXqND3DMyy+MP2VRpWxVu8KP
jEav6AcYYZFdOlmE/gbuFH8qfJ4TOUHN0ptm7kHKxkXb3ajkFFQ3EbX01uFi8Iuc
Qr72YVrtFesv2N2/Xgo2TCWoQm/4l3UpoSShwa+34ul6Fc0iKs0UkyWOTvAPNDzc
3WApJlj9XruR6HwaBNQ84r6oPtuT22Nt8yixsPwPqgMDChGPn3bChAMjKOer10V9
FvADJzm6vOBAslPaNRIrlOR1PHg1NrDPBFDNwI162Sc+Y6C9l6Deq/PJt7GAQZbU
H3U/EV5hSPr2EaKisIqK04uu7vsP8BdVfx34eFh5CW8CX1s1+sxl6mxg7W5C6CD0
5INLG18Hy/HSV5Cn9eTfyN3P6EagFb6DtwP+L4IDh5BQU6oPRCMxPMDexlUxooqZ
w+Sk7F06smpFbu8GqIxJMBJEd5ZeNhzsPNfej2d03wBg7F93ly4u7QEyDmYRFgVN
hp9Epnfp+JeKh3ib1cb9mW9VAanxPsVIh+Y5xvrPewDOti960+KcXwrohwjO5LhF
Ej3W+nMeQ41UQ7/L+5IetjwzKVpuueaazTkvIuMC1u0ipyQnuadOoQkYq4aUGbwo
x/Id8Gjf3xYJJPjrzGjmzgxu639h9aj94hnN3W7CVRdvmUsnyBHsefhII+8oSQPm
JgSH5FB5u2h06pk=
=Jr61
-----END PGP SIGNATURE-----