cPanel released an update for EasyApache 4 and the release notes. This release includes a security patch that has been issued a fix for a vulnerability. According to the patch notes, cPanel has updated RPMs for EasyApache 4 with OpenSSL version 1.1.1e which addresses vulnerabilities related to CVE-2019-1551. All versions of OpenSSL through 1.1.1d are affected by the vulnerability, thus cPanel also urges users to upgrade to version 1.1.1e.

April 1st update also includes:

scl-ruby24-passenger

• EA-8928: Updated the required version for ea-libcurl

• EA-8898: Update scl-ruby24-passenger from v5.3.7 to v6.0.4

scl-php54

scl-php55

scl-php56

scl-php70

scl-php71

scl-php72

scl-php73

mod_security2

libcurl

• EA-8947: Update libcurl from v7.68.0 to v7.69.1

• EA-8928: Added version check for libssh2

ea-tomcat85

• EA-8948: Update ea-tomcat85 from v8.5.51 to v8.5.53

ea-openssl11

• EA-8946: Update ea-openssl11 from v1.1.1d to v1.1.1e