EasyApache 3.24.22 Released
cPanel has released EasyApache 3.24.22 with PHP 5.4.30 and 5.5.14. This release addresses multiple PHP vulnerabilities in the PHP and the fileinfo, Network and SPL modules. It is recommended that you recompile your PHP and Apache using EasyApache and upgrade your PHP version to PHP 5.4.30 and PHP 5.5.14.
Affected Versions:
All versions of PHP 5.4 before 5.4.30
All versions of PHP 5.5 before 5.5.14
Fixed bugs:
– Fixed bug in the PHP core code related to CVE-2014-3981.
– Fixed bug in the Fileinfo module related to CVE-2014-0207.
– Fixed bug in the Fileinfo module related to CVE-2014-3478.
– Fixed bug in the Fileinfo module related to CVE-2014-3479.
– Fixed bug in the Fileinfo module related to CVE-2014-3480.
– Fixed bug in the Fileinfo module related to CVE-2014-3487.
– Fixed bug in the Network module related to CVE-2014-4049.
– Fixed bug in the SPL module related to CVE-2014-3515.
If you have set to install cPanel updates automatically EasyApache should be upgraded automatically. You will have to run EasyApache to rebuild Apache and PHP on your server to address the above bugs.