EasyApache 2017-10-16 Security Release

SUMMARY
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch.

AFFECTED VERSIONS
All versions of Passenger

نیاز به مدیریت سرور دارید؟

تیم آفاق هاستینگ خدمات نصب، پیکربندی، امنیت، مانیتورینگ و نگهداری سرورهای لینوکسی و ویندوزی را ارائه می‌دهد.

مشاهده خدمات مدیریت سرور

DESCRIPTION

This update patches a vulnerability where a user can list the contents of arbitrary files on the system when Passenger runs as the root user.

SOLUTION
cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.

REFERENCES
https://blog.phusion.nl/2017/10/16/passenger-5-1-11/
https://blog.phusion.nl/2017/10/13/passenger-security-advisory-5-1-11/

For the PGP Signed message, please see EA4 2017-10-16 Sec Adv

نوشته های مشابه

EasyApache4 v25.3 Maintenance Release

EasyApache4 v25.2 Maintenance and Security Release

EasyApache4 v25.1 Maintenance and Security Release

EasyApache4 2024-12-18 Maintenance and Security Release