{"id":14203,"date":"2020-04-16T06:08:20","date_gmt":"2020-04-16T06:08:20","guid":{"rendered":"http:\/\/news.cpanel.com\/?p=58189"},"modified":"2020-04-16T06:08:20","modified_gmt":"2020-04-16T06:08:20","slug":"easyapache-4-apr-15-release","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/easyapache-4-apr-15-release\/","title":{"rendered":"EasyApache 4 Apr 15 Release"},"content":{"rendered":"
\"\"<\/div>\n

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord<\/a> or Reddit<\/a> to talk about this update and much more.<\/p>\n

April 15<\/h3>\n

EasyApache 4<\/strong><\/p>\n

ea-apache24-mod_lsapi<\/strong>
     \u2022 ZC-6114: Add ea-php74 to hardcoded list that rpm\/switch_lsapi builds \/etc\/container\/php.handler out of<\/p>\n

ea-cpanel-tools<\/strong>
     \u2022 EA-8930: Update max_execution_time default to 30<\/p>\n

ea-libicu<\/strong>
     \u2022 EA-8925: Add ea-libicu packages for PHP 7.4<\/p>\n

ea-liblsapi<\/strong>
     \u2022 ZC-6114: php 7.4 update<\/p>\n

ea-libzip<\/strong>
     \u2022 EA-8863: Add ea-libzip packages for PHP 7.4<\/p>\n

ea-nodejs10<\/strong>
    \u2022 EA-8985: Update ea-nodejs10 from v10.19.0 to v10.20.0<\/p>\n

ea-php54-php-memcache<\/strong>
ea-php55-php-memcache<\/strong>
ea-php56-php-memcache<\/strong>
     \u2022 EA-8978: Add php as a dependency
     \u2022 ZC-6515: Promote from experimental<\/p>\n

ea-php54-php-memcached<\/strong>
ea-php55-php-memcached<\/strong>
ea-php56-php-memcached<\/strong>
     \u2022 EA-8978: Add php as a dependency
     \u2022 ZC-6515: Promote from experimental
     \u2022 EA-8224: Built with our ea-libmemcached module<\/p>\n

ea-php70-php-memcache<\/strong>
ea-php71-php-memcache<\/strong>
ea-php72-php-memcache<\/strong>
ea-php73-php-memcache<\/strong>
     \u2022 EA-8978: Add php as a dependency
     \u2022 ZC-6515: Promote from experimental
     \u2022 EA-8224: Updated to 4.0.3<\/p>\n

ea-php70-php-memcached<\/strong>
ea-php71-php-memcached<\/strong>
ea-php72-php-memcached<\/strong>
ea-php73-php-memcached<\/strong>
     \u2022 EA-8978: Add php as a dependency
     \u2022 ZC-6515: Promote from experimental
     \u2022 EA-8224: Updated to 3.1.3 from upstream and built with ea-libmemcached<\/p>\n

ea-php74-php-memcache<\/strong>
ea-php74-php-memcached<\/strong>
     \u2022 EA-8976: Add ea-php74-php-memcache(d) packages, initial release<\/p>\n

ea-php74<\/strong>
ea-php74-meta<\/strong>
     \u2022 EA-8907: Add PHP 7.4, initial release<\/p>\n

libmemcached<\/strong>
     \u2022 EA-8979: Ensure the package owns \/opt\/cpanel\/libmemcached
     \u2022 ZC-6515: Promote from experimental
     \u2022 EA-8224: Updated spec file from upstream and moved files to be under \/opt\/cpanel<\/p>\n

scl-php54-meta<\/strong>
scl-php55-meta<\/strong>
scl-php56-meta<\/strong>
scl-php70-meta<\/strong>
     \u2022 ZC-6270: Fix circular deps<\/p>\n

scl-php-pear<\/strong>
     \u2022 ZC-5915: Add PHP 7.4<\/p>\n

scl-libc-client<\/strong>
     \u2022 ZC-5915: Adding PHP 7.4<\/p>\n

scl-ruby24<\/strong>
     \u2022 EA-8972: Update Ruby to 2.4.10
     \u2022 CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)<\/p>\n

scl-ruby24-meta<\/strong>
     \u2022 EA-8992: Update meta package to Ruby 2.4.10<\/p>\n

EA4-experimental<\/strong><\/p>\n

ea-nginx<\/strong>
     \u2022 EA-8943: ea-nginx fails to start if a wildcard subdomain has been setup<\/p>\n

scl-snuffleupagus<\/strong>
scl-psr<\/strong>
scl-phalcon4<\/strong>
     \u2022 ZC-5915: Added support for PHP 7.4<\/p>\n

This release includes a security patch that has been issued a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are included below.<\/p>\n

SUMMARY<\/strong>
cPanel, L.L.C. has updated RPMs for EasyApache 4 with Ruby version 2.4.10. This release addresses vulnerabilities related to CVE-2020-10663. We strongly encourage all Ruby users to upgrade to version 2.4.10.<\/p>\n

AFFECTED VERSIONS<\/strong>
All versions of Ruby through 2.4.9.<\/p>\n

SECURITY RATING<\/strong>
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:<\/p>\n

CVE-2020-10663 \u2013 MEDIUM<\/strong>
Ruby 2.4.10
Unsafe object creation vulnerability in JSON.<\/p>\n

SOLUTION<\/strong>
cPanel, L.L.C. has released updated RPMs for EasyApache 4 on April 15, 2020, with an updated version of Rubu 2.4.10. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM\u2019s Run System Update interface.<\/p>\n

REFERENCES<\/strong>
https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-10663<\/a>
https:\/\/www.ruby-lang.org\/en\/news\/2020\/03\/31\/ruby-2-4-10-released\/<\/a><\/p>\n

More Information
<\/strong><\/p>\n

For a PGP-signed message, please see EA4-2020-4-15-CVE.signed.txt<\/a><\/p>\n

Information about all releases this year can be found in the 2020 EasyApache 4 Changelog<\/a> and the EasyApache 4 Release Notes<\/a>. To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the Product and Security updates mailing list on our website.<\/a> You can also sign up for our EasyApache Development<\/a> and EasyApache Production<\/a> lists to see when updates are pushed for our RPMs, letting you know ahead of time what will be updated in each EasyApache release.<\/p>\n

\u0645\u062f\u06cc\u0631\u06cc\u062a \u0633\u0631\u0648\u0631 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0648 \u0645\u0634\u0627\u0648\u0631\u0647 – \u062b\u0628\u062a \u062f\u0627\u0645\u0646\u0647<\/p>\n","protected":false},"excerpt":{"rendered":"

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! Take a look at some highlights below, and then join us on Discord or Reddit to talk about this update and much more. April 15 EasyApache 4 ea-apache24-mod_lsapi     \u2022 ZC-6114: Add ea-php74 to hardcoded list that rpm\/switch_lsapi builds \/etc\/container\/php.handler out of ea-cpanel-tools    …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-14203","post","type-post","status-publish","format-standard","hentry","category-cpanel-news"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/14203","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=14203"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/14203\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=14203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=14203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=14203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}