{"id":2219,"date":"2017-12-24T12:03:02","date_gmt":"2017-12-24T09:03:02","guid":{"rendered":"http:\/\/news.cpanel.com\/?p=54237"},"modified":"2017-12-24T12:03:02","modified_gmt":"2017-12-24T09:03:02","slug":"easyapache-2017-10-16-security-release","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/easyapache-2017-10-16-security-release\/","title":{"rendered":"EasyApache 2017-10-16 Security Release"},"content":{"rendered":"<p>SUMMARY<br \/>cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch.<\/p>\n<p>AFFECTED VERSIONS<br \/>All versions of Passenger<\/p>\n<p>DESCRIPTION<\/p>\n<p>This update patches a vulnerability where a user can list the contents of arbitrary files on the system when Passenger runs as the root user.<\/p>\n<p>SOLUTION<br \/>cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM\u2019s Run System Update interface.<\/p>\n<p>REFERENCES<br \/>https:\/\/blog.phusion.nl\/2017\/10\/16\/passenger-5-1-11\/<br \/>https:\/\/blog.phusion.nl\/2017\/10\/13\/passenger-security-advisory-5-1-11\/<\/p>\n<p>For the PGP Signed message, please see <a href=\"http:\/\/news.cpanel.com\/wp-content\/uploads\/2017\/10\/EA4-2017-10-16-Sec-Adv-copy.txt\" target=\"_blank\" rel=\"noopener\">EA4 2017-10-16 Sec Adv<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SUMMARYcPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch. AFFECTED VERSIONSAll versions of Passenger DESCRIPTION This update patches a vulnerability where a user can list the contents of arbitrary files on the &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-2219","post","type-post","status-publish","format-standard","hentry","category-cpanel-news"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/2219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=2219"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/2219\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=2219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=2219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=2219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}