-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY

cPanel, L.L.C. has updated packages for EasyApache 4 with an updated version of Ruby Rack. This release addresses vulnerabilities related to CVE-2025-27111. We strongly encourage all Ruby Rack users to update to version 2.2.12.

 
AFFECTED VERSIONS
All versions of Ruby Rack through 2.2.11.


SECURITY RATING
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:

CVE-2025-27111 - MEDIUM
Ruby Rack 2.2.12
Fixed vulnerability related to CVE-2025-27111.


SOLUTION
cPanel, L.L.C. has released updated packages for EasyApache 4 25.8 on 2025 March 5, with Ruby Rack version 2.2.12. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

 
REFERENCES
https://www.cve.org/CVERecord?id=CVE-2025-27111
https://github.com/rack/rack/blob/main/CHANGELOG.md#2212---2025-03-04
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmfIpuMACgkQlSG+3KvZ
Td84XQ//daXT9ESZkL5sHqPX6wMycvRaE6DQmfD0jsM6+oxMxpeuac3stnv5tcJY
35cWuSEUDwd/fZWvfWzGR3icvnvnK5AMQlFNdqit53O06J7hNostjdu2eVQU+v5c
CyLT7wtAtb44rhGVmNmOtG0iLiOJvlb/GBUZjQBDmITZv6zbBLh1/OjQ2yAoM9r/
susQy9Mrx9CWp34b8GyKQc+UYeTECG425J457YS3rDQyTVf3cmZU+iv9/e50hH6i
EJJWCx+Pz8zEGLv/bFKjozn0hzkCa5J2BbJTBJb9NTkjAsH9eKrcexpXN3x976gR
F0/BVeRHJbst3FHwLyOEFcvo4243VG4vngYmXwMHBcaypQZNDLZ4gbTxgmdT7BE1
SBycmNlKPTRO6MjQsoWPdhK+ISz8/TLhkl/Jf0BAjUVVa/xM051R2Jo+aaQFAIo1
CpNoEOQFZkHx2dDzAAHccrL4FFdGohHw5zfM2X2uJX/FezHaeljy20u3/khZs68g
cNk71KJqiFWK382lIcbVJSMIZu8x1eeHxVsEtzYIcSgUZUwuqQliRtPZ3XSJtALH
sA81cYebq1/sd3Ag4ZptH9vNN4FCb4BpB0N8M4tU5cFgG+jEASCRtw8Bagked9RR
NPR9s5o6hSww3ost3SFNTODbeab67tKTkSLrxfl59VFYfefoYjQ=
=Rayi
-----END PGP SIGNATURE-----