The cPanel team has released an update for EasyApache 4. This release includes minor security patches for the product related to CVE-2019-0190, CVE-2018-17199, and CVE-2018-17189. For all Apache users using version 2.4.37 and below, it is strongly recommended to update to version 2.4.38. Unless you have enabled automatic RPM updates in your cron, update your system with either yum update or WHM’s Run System Update interface.
The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
https://nvd.nist.gov/vuln/detail/CVE-2019-0190
https://nvd.nist.gov/vuln/detail/CVE-2018-17199
https://nvd.nist.gov/vuln/detail/CVE-2018-17189
http://www.apache.org/dist/httpd/CHANGES_2.4
For more information about the release, please visit the official EasyApache 4 Changelog and the EasyApache 4 Release Notes.
