cPanel has announced that they have released a new update for EasyApache 4. The release includes a security patch and RPM updates.
cPanel has updated RPMs for EasyApache 4 with PHP version 7.2.27 and 7.3.14. The new release addresses vulnerabilities related to CVE-2020-7060 and CVE-2020-7059. cPanel advises PHP 7.2 users to upgrade to version 7.2.27 and PHP 7.3 users to upgrade to version 7.3.14.
How to get the newest release
If you’ve enabled automatic RPM updates in your cron, you will have the newest secure RPM packages as well as the PHP versions. If not, it is suggested to update your system with either yum update or WHM’s Run System Update interface.
The updated modules are as follows:
ea-apache2
• COBRA-10700: Optimize finding a module
ea-apache2-config
• EA-8629: Prevent caching of defaultwebpage.cgi redirect
ea-cpanel-tools
• EA-8784: Add PHP 7.1 to EOL recommendations
ea-freetds
• EA-8839: Update to version 1.1.24 and make libtdsodbc.so available
ea-nodejs10
• EA-8841: Update ea-nodejs10 from v10.17.0 to v10.18.1
ea-tomcat85
• EA-8842: Update ea-tomcat85 from v8.5.49 to v8.5.50
mod_security2
• EA-8753: Compile mod_security2 with yajl-devel for JSON
scl-php72
• EA-8850: Update scl-php72 from v7.2.26 to v7.2.27
scl-php72-meta
• EA-8850: Update scl-php72 from v7.2.26 to v7.2.27
scl-php73
• EA-8851: Update scl-php73 from v7.3.13 to v7.3.14
scl-php73-meta
• EA-8851: Update scl-php73 from v7.3.13 to v7.3.14
EA4-Experimental
ea-nginx
• EA-8840: Update ea-nginx from v1.17.6 to v1.17.8
Source: 1