{"id":10252,"date":"2019-01-09T23:09:46","date_gmt":"2019-01-09T23:09:46","guid":{"rendered":"http:\/\/news.cpanel.com\/?p=55457"},"modified":"2019-01-09T23:09:46","modified_gmt":"2019-01-09T23:09:46","slug":"easyapache-4-2019-1-9-maintenance-release","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/easyapache-4-2019-1-9-maintenance-release\/","title":{"rendered":"EasyApache 4 2019-1-9 Maintenance Release"},"content":{"rendered":"<div><img decoding=\"async\" class=\"ff-og-image-inserted\" src=\"http:\/\/news.cpanel.com\/wp-content\/uploads\/2017\/01\/og-cPnews-1.jpg\" alt=\"\" title=\"\"><\/div>\n<p><strong>SUMMARY<\/strong><br \/>\ncPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.4.5. This release addresses vulnerabilities related to CVE-2018-16396 and CVE-2018-16395. We strongly encourage all Ruby users to update to version 2.4.5.<\/p>\n<p><strong>AFFECTED VERSIONS<\/strong><br \/>\nAll versions of Ruby through Ruby 2.4.4<\/p>\n<p><strong>SECURITY RATING<\/strong><br \/>\nThe National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:<\/p>\n<p>CVE-2018-16395 \u2013 CRITICAL<br \/>\nRuby 2.4.5<br \/>\nFixed bug related to CVE-2018-16839<\/p>\n<p>CVE-2018-16396 \u2013 HIGH<br \/>\nRuby 2.4.5<br \/>\nFixed bug related to CVE-2018-16840<\/p>\n<p><strong>SOLUTION<\/strong><br \/>\ncPanel, L.L.C. has released updated RPMs for EasyApache 4 on January 9, 2019, with Ruby version 2.4.5. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM\u2019s Run System Update interface.<\/p>\n<p><strong>REFERENCES<\/strong><br \/>\n<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-16395\" target=\"_blank\" rel=\"noopener\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-16395<\/a><br \/>\n<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-16396\" target=\"_blank\" rel=\"noopener\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-16396<\/a><br \/>\n<a href=\"https:\/\/www.ruby-lang.org\/en\/news\/2018\/10\/17\/ruby-2-4-5-released\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.ruby-lang.org\/en\/news\/2018\/10\/17\/ruby-2-4-5-released\/<\/a><\/p>\n<p>For the PGP-signed message, please see\u00a0<a href=\"http:\/\/news.cpanel.com\/wp-content\/uploads\/2019\/01\/EA4-CVE-2019-1-9.signed.txt\" target=\"_blank\" rel=\"noopener\">EA4 CVE 2019-1-9.signed<\/a>.<\/p>\n<p class=\"p1\"><strong><u>More Information<\/u><\/strong><\/p>\n<p>Check out the Release notes and the <a href=\"https:\/\/documentation.cpanel.net\/display\/EA4\/EasyApache+4+Change+Log+2019\" target=\"_blank\" rel=\"noopener\">2019 EasyApache 4 Changelog<\/a>. All of the\u00a0details about all this release can be found in the\u00a0<a href=\"https:\/\/documentation.cpanel.net\/display\/EA4\/EasyApache+4+Release+Notes\" target=\"_blank\" rel=\"noopener\">EasyApache 4 Release Notes<\/a>.<\/p>\n<p>To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the Product and Security updates\u00a0mailing lists: <a href=\"https:\/\/cpanel.net\/mailing-list\" target=\"_blank\" rel=\"noopener\">cPanel Mailing List<\/a>.<\/p>\n<p>\u0645\u062f\u06cc\u0631\u06cc\u062a \u0633\u0631\u0648\u0631 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0648 \u0645\u0634\u0627\u0648\u0631\u0647 &#8211; \u062b\u0628\u062a \u062f\u0627\u0645\u0646\u0647<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SUMMARY cPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.4.5. This release addresses vulnerabilities related to CVE-2018-16396 and CVE-2018-16395. We strongly encourage all Ruby users to update to version 2.4.5. AFFECTED VERSIONS All versions of Ruby through Ruby 2.4.4 SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-10252","post","type-post","status-publish","format-standard","hentry","category-cpanel-news"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/10252","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=10252"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/10252\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=10252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=10252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=10252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}