-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY
cPanel, L.L.C. has updated packages for EasyApache 4 with OpenSSL version 1.1.1q. This release addresses vulnerabilities related to CVE-2022-2097. We strongly encourage all OpenSSL users to update to version 1.1.1q.
 
 
AFFECTED VERSIONS
All versions of OpenSSL through 1.1.1p.

SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
 

CVE-2022-2097 - MEDIUM
OpenSSL 1.1.1q
Fixed vulnerability related to CVE-2022-2097.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 on July 6, 2022, with OpenSSL 1.1.1q. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
https://www.openssl.org/news/cl111.txt


















-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmLFtpUUHHNlY3VyaXR5
QGNwYW5lbC5uZXQACgkQlSG+3KvZTd+GtBAA1tZraAQImc46iBPHPy77kxLQm5cR
CPVmIiueuNLmq31rUJWHhmZ3mJ7Vv9OGvybQ47LJP6B7xMfbCh1JkPiqJCQMNP9w
inGvbwcXcWEEDOE8FITmWYXjBlMQsqzZicUs7fow14Yqwg/3dxbvsb5qm5jW/7sY
ENvicNc43tUWKge47xBf6oRGrxYtcoWh5hJ6AVynlPv4pCz8KLolxKY2YfImO+1K
K1YCpIXxLwsZNFFI5fc27VbgrpEUuvJrrYoa6w8G5A/ZrNeU8/dErs3+S7xAcJLm
Z/+7YHCdfdzdGoltRQepMita4R+MMMGh9BM3MSp49hEqv5kA3NZkiNmtibqDNJA7
zyN6uS5fkZwEq8diEndz2u+nULA1cPToFLF62RRAFqx/DqKku1y3qwyB3VmVetqs
jv28OlFheJjEhn/oq7ErtAG79iGUJsMl3FhpYfHc6N9P8oV+LndWxnIPhvAY78pa
Dqghf3CQAdDI4hNxmzs6BerCA9vZf4IUnaZy3WzADdDiw0RjNt4SUiCzoUjpUcbd
bXtCoW3NcDZ3wPmKgiim6waZXlauecfSWpoWq7Xql3Db5wk5XadFRmHgloAhtbuT
5o6CYfY9dpMROqBBMx1H0cIqm5s0p/tYU9XUDn0qyFfQK8NJzsA5p+5nRkl9RuDr
G4yC8DLVFMS2KiQ=
=Gfxx
-----END PGP SIGNATURE-----