-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

SUMMARY

WebPros International, LLC has updated packages for EasyApache 4 with updated versions of ea-nginx and ea-libcurl. This release addresses vulnerabilities related to CVE-2025-53859 and CVE-2025-10148. We strongly encourage all NGINX users to update to version 1.29.1 and all libcurl users to update to version 8.16.0.

AFFECTED VERSIONS

All versions of ea-nginx through 1.26.3.
All versions of ea-libcurl through 8.15.0.

SECURITY RATING

CVE-2025-53859 - MEDIUM
NGINX 1.29.1
Fixed vulnerability related to CVE-2025-53859.

CVE-2025-10148 - MEDIUM
libcurl v8.16.0
Fixed vulnerability related to CVE-2025-10148.

SOLUTION

WebPros International, LLC has released updated packages for EasyApache 4 on 2025 September 17, with NGINX v1.29.1 and libcurl 8.16.0. Unless you have enabled automatic package updates in your cron, update your system with either your package manager or WHM's Run System Update interface.

REFERENCES
https://www.cve.org/CVERecord?id=CVE-2025-53859
https://www.cve.org/CVERecord?id=CVE-2025-10148
https://curl.se/changes.html
https://nginx.org/en/CHANGES
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtnCbTMb0IHf2mEGRlSG+3KvZTd8FAmjLE0wACgkQlSG+3KvZ
Td9GiQ//adphBjIcZIbvh65XNbj8u40JRTOHuxZPwwEW4DI/RkoRVrhG61VJAW2B
CbCxInV4up7cctR3yBgDYamdgFKveGQ8Q32oQCIYjTJ9eEOv+GzTKVonHExoKiFz
qe6jRuJGDJhQCikUwkCiF0CdNI8/KAteG9cdI1xvz5/USGK2mxO4mDwtSUbX/Z7A
/hvNmqQdOU28qIa+oFb1fR993lF6lt/ATchdW29ruzJqkw2vZa5pQqisSzGipNhR
b2GUUSSIiuA3ijACDBJZjMOiK8BZua232iP8wAIsbknAG0BKQYf85ENEmSztfhyo
SH/yR+82C+9WuGRYllP0CNZmnJTxWcL7Z7YSQQ4Qe8PS8lpY//uAq0+WKjMGWbEy
XYdF6UlH6fxLIpQ2wH4UfCIe1ANJXADwXD8xL1D82SauqSQzntZM3hdt/ax6XjWV
NCHsIY/tZ+KufNYCi/yy/9uuGk9w3oGLhaznL+T/jrP0n6CngxJflEQRURCTSj6L
ECW3mKdduahwIByk5oOXK3MfKXJMq+Cwre1ha66kGyRJ/JILbxOWHjuia0NZ80ZL
/gsUjDiaJr3bjl9ShhVAfwJdukaSxv+wWr+cFK6AN4OcciJy+nuUzGjYIEuR9ysr
ThoiGb6FMDeoXujLB4WTrsQgA0uDnaARysudkJHo1F1x5TPS/y8=
=TThL
-----END PGP SIGNATURE-----