EasyApache declared 4 July 15 release

cPanel has declared the release ofEasyApache 4 July 15. Through the latest release cPanel updated the PHP versions 7.4.8, 7.3.20, and 7.2.32 and Tomcat version 8.5.57. The latest release of EasyApache addresses bugs and vulnerabilities associated with CVE-2020-8169,CVE-2020-13934, andCVE-2020-13935.

July 15 update

cPanel suggests each and every PHP 7.4 users update

to version 7.4.8, all PHP 7.3 users to update to version 7.3.20, all PHP 7.2 users to update to version 7.2.32, and furthermore, each and every Tomcat users to update to version 8.5.57. The new update cPanel brings the following changes:

ea-libicu

• EA-9155: Updated ea-libicu to 67.1, drop 66.

ea-freetds

• EA-9148: Updated ea-freetds to 1.2.3, drop 1.1.24.

ea-php74

• EA-9150: Updated ea-php74 to 7.4.8, drop 7.4.7 (through the fix for Windows users inCVE-2020-8169)

ea-php74-meta

• EA-9150: Updated ea-php74 to 7.4.8, drop 7.4.7 (through the fix for Windows users in CVE-2020-8169).

scl-php72

• EA-9152: Updated scl-php72 to 7.2.32, drop 7.2.31 (through the fix for Windows users in CVE-2020-8169).

scl-php72-meta

• EA-9152: Updated scl-php72 to 7.2.32, drop 7.2.31 (through the fix for Windows users in CVE-2020-8169).

scl-php73

• EA-9153: Updated scl-php73 to 7.3.20, drop 7.3.19 (through the fix for Windows users in CVE-2020-8169).

scl-php73-meta

• EA-9153: Update scl-php73 to 7.3.20, drop 7.3.19 (through the fix for Windows users in CVE-2020-8169).

ea-tomcat85

• EA-9151: Update ea-tomcat85 to 8.5.57, drop 8.5.56 (through the fixes for CVE-2020-13935andCVE-2020-13934).

The latest release incorporates a security patch that has been a fix for a CVE (Common Vulnerabilities and Exposures), the details of which are covered beneath.

Every version of PHP from 7.4 to 7.4.7 is affected.
Every version of PHP from 7.3 to 7.3.19 is affected.
Every version of PHP from 7.2 to 7.2.31 is affected.
Every version of Tomcat from 8.5 to 7.5.56 is affected.

Security Rating

The National Vulnerability Database (NIST) has provided the following severity ratings to these CVEs:

CVE-2020-8169 – Medium

PHP 7.4.8
Fixed the bug associated with CVE-2020-8169.

PHP 7.3.20
Fixed the bug associated with CVE-2020-8169.

PHP 7.2.32
Fixed the bug associated withCVE-2020-8169.

CVE-2020-13934 – Medium

Tomcat 8.5.57
Fixed the bug associated with CVE-2020-13934.

CVE-2020-13935 – Medium

Tomcat 8.5.57
Fixed the bug associated with CVE-2020-13935.

Looking for moresoftware newsStay tuned for the latest update news, subscribe to our newsletter to get the latest and regular updates.

Please leave this field empty

Oh hi there
It’s nice to meet you.

Sign up to receive awesome content in your inbox.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.