-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SUMMARY cPanel, L.L.C. has updated packages for EasyApache 4 with Apache version 2.4.55. This release addresses vulnerabilities related to CVE-2022-37436, CVE-2022-36760, and CVE-2006-20001. We strongly encourage all Apache users to upgrade to version 2.4.55. AFFECTED VERSIONS All versions of Apache through 2.4.54. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs: CVE-2022-37436 - MEDIUM Apache 2.4.55 Fixed vulnerability related to CVE-2022-37436. CVE-2022-36760 - MEDIUM Apache 2.4.55 Fixed vulnerability related to CVE-2022-36760. CVE-2006-20001 - MEDIUM Apache 2.4.55 Fixed vulnerability related to CVE-2006-20001. SOLUTION cPanel, L.L.C. has released updated packages for EasyApache 4 on January 19, 2023, with Apache version 2.4.55. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface. REFERENCES https://www.cve.org/CVERecord?id=CVE-2022-37436 https://www.cve.org/CVERecord?id=CVE-2022-36760 https://www.cve.org/CVERecord?id=CVE-2006-20001 https://downloads.apache.org/httpd/CHANGES_2.4.55 -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmPK6OcACgkQlSG+3KvZ Td+behAAuUG2/D1jqSrZX5b+nrahhF+XEyurFmyGA/dg/xUPTRv4DIxBrFMfRzL6 kui7gNzxme5CUmmjo5BzqDurjBSqFAJbwcn94xHp3ToxOKLFruBhh4oeITSOMuDw zTUhGSlMN2LklB+vlKSoG/BBkHFhCiQ9711r/4kKa8rBvpPBnAq5rLEgJ1MiLg6f XpTC5Dz3V4bttCVSz4jQXcJ6acA6/+p41w77hsS7ZutMG073mZw1LpVUYOwHVJgu OEU3RvSGjWeGzTv7nNC4MejzsjP6GuqolJ1uIMSYA+XR1+/rL6nhiwJvp8SGnEcP es6/0Sl7Eux96Pev7Cg1oT3g+oQFTxv215YTa96b2RaFMYXMp5w+xXncXBv2xJGA aG83LsS5If7wFEziUx7lFwyiJWN61XRTi/XnGylXQXFEby7h2Zy1opeKo3nq/+1w iIPk7P73+psUmyg7V9CZqayED86xn6ML2O53Gyh4kELvojal+fcpYPUaH6P1t+8I VyKh9Oe0GlCsylC3nmgC0YzQXuV0pACdaSLjcRMuZfFp2GsUc++vlouX1QdW7rhb ulQmmSxZne1RO8ZKk2yztg6RRFcATx82eL0xBsn6YkuKQBNFnH6iLf3YPs12R+qF yVJN/zAltFdx1aK/FiTRrG7MdendkP8R3VbvzXnHuZc1TY6nCPE= =gHHU -----END PGP SIGNATURE-----