---

Last modified: November 15, 2023

EasyApache 4 does not use versioning and organizes changes by date only.

Each entry contains the following information:

1. The package that we changed.
2. The case number for the change.
3. A description of the change.

For more information about our GitHub repository, read our The EasyApache 4 Git Repository and Build Updates documentation.

2023-11-15

---

ea-ruby27-libuv

• EA-11789: Update ea-ruby27-libuv from 1.46.0 to 1.47.0.

2023-11-8

---

ea-nginx

• EA-11772: Update ea-nginx from 1.25.2 to 1.25.3.

ea-nghttp2

• EA-11777: Update ea-nghttp2 from 1.57.0 to 1.58.0.

ea-podman

• ZC-11296: Silence warning about insufficient UID/GID’s.

ea-podman-repo

• ZC-11296: Add new podman repo for U22.

2023-11-1

---

ea-php81

• EA-11776: Update ea-php81 from 8.1.24 to 8.1.25.

ea-php81-meta

• EA-11776: Update ea-php81 from 8.1.24 to 8.1.25.

ea-php82

• EA-11774: Update ea-php82 from 8.2.11 to 8.2.12.

ea-php82-meta

• EA-11774: Update ea-php82 from 8.2.11 to 8.2.12.

ea-nodejs20

• EA-11773: Update ea-nodejs20 from 20.8.1 to 20.9.0.

ea-freetds

• EA-11775: Update ea-freetds from 1.4.5 to 1.4.6.

2023-10-25

---

ea-apache24

• EA-11758: Update ea-apache24 from 2.4.57 to 2.4.58 (with fixes for CVE-2023-31122, CVE-2023-43622, and CVE-2023-45802.)

ea-freetds

• EA-11759: Update ea-freetds from 1.4.3 to 1.4.5.
• EA-11760: Update ea-freetds from 1.4.3 to 1.4.5.

ea-nginx-njs

• EA-11761: Update ea-nginx-njs from 0.8.1 to 0.8.2.

2023-10-18

---

ea-freetds

• EA-11745: Update ea-freetds from 1.4.2 to 1.4.3.

ea-nginx-standalone

• EA-11530: Disable file protect when in standalone mode.

ea-nodejs18

• EA-11746: Update ea-nodejs18 from 18.18.0 to 18.18.2 (with fixes for CVE-2023-45143, CVE-2023-44487, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, and CVE-2023-39333.)

ea-nodejs20

• EA-11747: Update ea-nodejs20 from 20.8.0 to 20.8.1 (with fixes for CVE-2023-45143, CVE-2023-44487, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, and CVE-2023-39333.)

ea-oniguruma

• EA-11748: Update ea-oniguruma from 6.9.8 to 6.9.9.

ea-tomcat85

• EA-11749: Update ea-tomcat85 from 8.5.94 to 8.5.95.

ea-profiles-cpanel

• ZC-11253: Update EA4 profiles - Add ea-php82, Remove ea-php80.

2023-10-12

---

ea-apache2

• EA-11729: Rebuild mod_http2 against updated ea-nghttp2 (with a fix for CVE-2023-44487.)

ea-libcurl

• EA-11731: Update libcurl from 8.3.0 to 8.4.0 (with fixes for CVE-2023-38545 and CVE-2023-38546.)

ea-tomcat85

• EA-11593: Update dead faster start up link.
• EA-11728: Update ea-tomcat85 from 8.5.93 to 8.5.94 (with fixes for CVE-2023-45648, CVE-2023-44487, CVE-2023-42795, and CVE-2023-42794.)

ea-nghttp2

• EA-11729: Update ea-nghttp2 from 1.56.0 to 1.57.0 (with fix for CVE-2023-44487.)

2023-10-4

---

ea-podman

• ZC-11180: Make changes to allow pkgacct to backup a users containers.

ea-php82

• EA-11717: Update ea-php82 from 8.2.10 to 8.2.11.

ea-php81

• EA-11716: Update ea-php81 from 8.1.23 to 8.1.24.

ea-nodejs20

• EA-11715: Update ea-nodejs20 from 20.7.0 to 20.8.0.

ea-freetds

• EA-11714: Update ea-freetds from 1.3.9 to 1.4.2.

2023-9-27

---

ea-nginx

• EA-11648: Add hooks needed to update config when whmapi1 delete_domain is called.

ea-nodejs18

• EA-11697: Update ea-nodejs18 from 18.17.1 to 18.18.0.

ea-nodejs20

• EA-11698: Update ea-nodejs20 from 20.6.1 to 20.7.0.

ea-php81-php-ioncube13

• ZC-11156: Create package.

ea-php82-php-ioncube13

• ZC-11156: Create package.

ea-cpanel-tools

• ZC-11156: Add ea-ioncube13.

ea-php-cli

• ZC-11159: Invalidate/don’t use cache if environment variable is passed.

ea-php-cli-lsphp

• ZC-11159: Invalidate/don’t use cache if environment variable is passed.

2023-9-20

---

ea-nodejs20

• EA-11684: Update ea-nodejs20 from 20.6.0 to 20.6.1.

ea-nginx-njs

• EA-11685: Update ea-nginx-njs from 0.8.0 to 0.8.1.

libcurl

• EA-11680: Update libcurl from 8.2.1 to 8.3.0 (with fix for CVE-2023-38039).

ea-openssl11

• EA-11665: Update ea-openssl11 from 1.1.1v to 1.1.1w (with fix for CVE-2023-4807).

2023-9-13

---

ea-nginx

• EA-11657: Ensure nginx is hard restarted during deb/rpm transactions.

ea-php81

• EA-11664: Update ea-php81 from 8.1.22 to 8.1.23.

ea-php81-meta

• EA-11664: Update ea-php81 from 8.1.22 to 8.1.23.

ea-php82

• EA-11658: Update ea-php82 from 8.2.9 to 8.2.10.

ea-php82-meta

• EA-11658: Update ea-php82 from 8.2.9 to 8.2.10.

ea-nghttp2

• EA-11662: Update ea-nghttp2 from 1.55.1 to 1.56.0.

ea-nodejs20

• EA-11663: Update ea-nodejs20 from 20.5.1 to 20.6.0.

ea-nodejs10

• ZC-11106: Mark ea-nodejs10 as EOL.

ea-podman

• ZC-10612: Add container name to output, and add better messaging when ea-podman package is not installed.

2023-8-31

---

ea-nginx

• EA-11646: Clean up global passenger .conf file.

2023-8-30

---

ea-tomcat85

• EA-11635: Update ea-tomcat85 from 8.5.92 to 8.5.93

ea-nginx

• EA-11631: Update ea-nginx from 1.25.1 to 1.25.2 and build following packages against it:

  • ea-nginx-echo
  • ea-nginx-headers-more
  • ea-nginx-njs
  • ea-nginx-passenger
  • ea-modsec30-connector-nginx

• EA-11502: Do not mark cpanel-proxy.conf as a config file.

2023-8-23

---

ea-php82

• EA-11619: Update ea-php82 from 8.2.8 to 8.2.9 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

ea-php82-meta

• EA-11619: Update ea-php82 from 8.2.8 to 8.2.9 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

ea-nodejs18

• ZC-11124: Initial build.

ea-nodejs20

• ZC-11127: Initial build

ea-cpanel-tools

• ZC-11033: Add support for packages w/out an ea- prefix in EA4 profiles.
• ZC-11135: Add ea-nodejs18 and ea-nodejs20 to additional packages list.
• ZC-11149: Add touchfile for nginx cpwrap that will ignore memory limits and set it to unlimited to readme file.

ea-nginx

• ZC-11149: Support touchfile for nginx cpwrap that will ignore memory limits and set it to unlimited.
• ZC-10396: Remove ea-passenger-src dependency and other passenger code.

ea-nginx-passenger

• ZC-10396: Create ea-nginx-passenger.

ea-nginx-standalone

• ZC-10396: Add ea-nginx-passenger dependency.

2023-8-16

---

ea-tomcat85

• EA-11607: Update ea-tomcat85 from 8.5.91 to 8.5.92.

ea-tomcat100

• ZC-11053: Mark as EOL.

ea-tomcat101

• ZC-11053: Initial Build.

ea-cpanel-tools

• ZC-11122: Add ea-tomcat101 to the manifest.

ea-nodejs16

• EA-11604: Update ea-nodejs16 from 16.20.1 to 16.20.2 . (with fixes for CVE-2023-32559, CVE-2023-32006, and CVE-2023-32002.)

ea-libxml2

• EA-11608: Update ea-libxml2 from 2.11.4 to 2.11.5.

2023-8-9

---

ea-openssl11

• EA-11578: Update ea-openssl11 from 1.1.1u to 1.1.1. (with fixes for CVE-2023-3817 and CVE-2023-3446.)

ea-php80

• EA-11590: Update ea-php80 from 8.0.29 to 8.0.30 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

ea-php80-meta

• EA-11590: Update ea-php80 from 8.0.29 to 8.0.30 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

ea-php81

• EA-11589: Update ea-php81 from 8.1.21 to 8.1.22 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

ea-php81-meta

• EA-11589: Update ea-php81 from 8.1.21 to 8.1.22 (with fixes for CVE-2023-3823 and CVE-2023-3824.)

scl-autotools-latest-m4

• ZC-11101: Fix unresolvable Name (by hard coding it).

2023-8-2

---

ea-libcurl

• EA-11574: Update libcurl from 8.2.0 to 8.2.1.

ea-ruby27-rubygem-rack

• EA-11575: Update ea-ruby27-rubygem-rack from 2.2.7 to 2.2.8.

2023-7-27

---

ea-libcurl

• EA-11560: Update libcurl from 8.1.2 to 8.2.0 (with fix for CVE-2023-32001).

ea-nginx

• EA-11561: Make it so that scripts/ea-nginx is not aware of config syntax for template files.

ea-modsec2-rules-owasp-crs

• EA-11564: Update ea-modsec2-rules-owasp-crs from 3.3.4 to 3.3.5.

2023-7-19

---

ea-nghttp2

• EA-11551: Update ea-nghttp2 from 1.55.0 to 1.55.1.
• EA-11549: Update ea-nghttp2 from 1.54.0 to 1.55.0.

ea-tomcat85

• EA-11550: Update ea-tomcat85 from 8.5.90 to 8.5.91.

2023-7-12

---

ea-cpanel-tools

• ZC-10971: Add support for profile’s pre list.

ea-profiles-cpanel

• ZC-10971: Add WP² profile and license-based profile support.

ea-apache2

• EA-11526: Patch mod_http2 to fix issues with excessive CPU usage.

ea-nginx-njs

• EA-11537: Update ea-nginx-njs from 0.7.12 to 0.8.0.

ea-php81

• EA-11538: Update ea-php81 from 8.1.20 to 8.1.21.

ea-php81-meta

• EA-11538: Update ea-php81 from 8.1.20 to 8.1.21.

ea-php82

• EA-11539: Update ea-php82 from 8.2.7 to 8.2.8.

ea-php82-meta

• EA-11539: Update ea-php82 from 8.2.7 to 8.2.8.

ea-ruby27-libuv

• EA-11533: Update ea-ruby27-libuv from 1.45.0 to 1.46.0.

2023-6-28

---

ea-nginx

• EA-11496: Update ea-nginx from 1.25.0 to 1.25.1
• EA-11512: Update config script to use new http2 directive instead of deprecated http2 on listen directive.
• ZC-10945: Implement findings from evaluating our web stack performance improvements.

ea-nginx-echo

• EA-11496: Update ea-nginx from 1.25.0 to 1.25.1 and build modules against it.

ea-nginx-headers-more

• EA-11496: Update ea-nginx from 1.25.0 to 1.25.1 and build modules against it.

ea-nginx-njs

• EA-11496: Update ea-nginx from 1.25.0 to 1.25.1 and build modules against it.

ea-passenger-src

• EA-11497: Update ea-passenger-src from 6.0.17 to 6.0.18.

ea-apache24-mod-passenger

• EA-11497: Update ea-passenger-src was from 6.0.17 to 6.0.18.

ea-ruby27-passenger

• EA-11500: Update ea-ruby27-passenger from 6.0.17 to 6.0.18.

ea-tomcat85

• EA-11498: Update ea-tomcat85 from 8.5.89 to 8.5.90.

ea-nodejs16

• EA-11513: Update ea-nodejs16 from 16.20.0 to 16.20.1.

ea-podman

• ZC-10958: Fix issue when uninstalling container packages when user doesn’t exist anymore.

ea-tomcat100

• ZC-11022: Add deployment info to user readme.

ea-modsec30-connector-nginx

• EA-11503: Build against ea-nginx version 1.25.1.

2023-6-14

---

ea-nginx

• EA-11462: Return a 403 for .htaccess file location match.

ea-podman

• ZC-10956: Revert newuidmap changes.

ea-nghttp2

• EA-11474: Update ea-nghttp2 from 1.53.0 to 1.54.0.

ea-php80

• EA-11475: Update ea-php80 from 8.0.28 to 8.0.29.

ea-php80-meta

• EA-11475: Update ea-php80 from 8.0.28 to 8.0.29.

ea-php81

• EA-11477: Update ea-php81 from 8.1.19 to 8.1.20.

ea-php81-meta

• EA-11477: Update ea-php81 from 8.1.19 to 8.1.20.

ea-php82

• EA-11478: Update ea-php82 from 8.2.6 to 8.2.7.

ea-php82-meta

• EA-11478: Update ea-php82 from 8.2.6 to 8.2.7.

2023-6-7

---

ea-php74

• EA-11447: Increase default php memory_limit for new installs from 32M to 128M.

ea-php80

• EA-11447: Increase default php memory_limit for new installs from 32M to 128M.

ea-php81

• EA-11447: Increase default php memory_limit for new installs from 32M to 128M.

ea-php82

• EA-11447: Increase default php memory_limit for new installs from 32M to 128M.

ea-nginx

• ZC-10395: Build/manage modules/ngx_http_modsecurity_module.so and nginx modsec hooks in this package.

2023-5-31

---

ea-cpanel-tools

• ZC-10931: Updated for ea-libc-client.
• ZC-10474: Add ea-nginx-echo to additional_packages.

ea-brotli

• ZC-10933: Correct brotli dependency.

libcurl

• EA-11448: Update libcurl from 8.1.1 to 8.1.2 (with fixes for CVE-2023-28322, CVE-2023-28321, CVE-2023-28320, and CVE-2023-28319.)
• EA-11432: Update libcurl from 8.0.1 to 8.1.1.

ea-php74

• ZC-10931: Link with libc-client statically.

ea-php80

• ZC-10931: Link with libc-client statically.

ea-php81

• ZC-10931: Link with libc-client statically.

ea-php82

• ZC-10931: Link with libc-client statically.

ea-libc-client

• ZC-10931: Initial Build.

ea-nginx

• EA-11442: Update ea-nginx from 1.24.0 to 1.25.0.

ea-openssl11

• EA-11449: Update ea-openssl11 from 1.1.1t to 1.1.1u (with fix for CVE-2023-2650.)

2023-5-24

---

ea-libxml2

• EA-11431: Update ea-libxml2 from 2.11.3 to 2.11.4.

ea-ruby27-libuv

• EA-11427: Update ea-ruby27-libuv from 1.44.2 to 1.45.0.

ea-tomcat85

• EA-11428: Update ea-tomcat85 from 8.5.88 to 8.5.89.

ea-apache24-mod-qos

• EA-11430: Update ea-apache24-mod-qos from 11.73 to 11.74.

scl-sourceguardian

• EA-11429: Update scl-sourceguardian from 14.0.2 to 14.0.3.

2023-5-17

---

ea-nghttp2

• EA-11412: Update ea-nghttp2 from 1.52.0 to 1.53.0.

ea-php81

• EA-11415: Update ea-php81 from 8.1.18 to 8.1.19.

ea-php81-meta

• EA-11415: Update ea-php81 from 8.1.18 to 8.1.19.

ea-php82

• EA-11413: Update ea-php82 from 8.2.5 to 8.2.6.

ea-php82-meta

• EA-11413: Update ea-php82 from 8.2.5 to 8.2.6.

ea-libxml2

• EA-11414: Update ea-libxml2 from 2.11.2 to 2.11.3.

2023-5-10

---

ea-nginx

• EA-11397: Ensure deb package moves /var/log/nginx to /var/log/nginx.uninstall upon removal.

ea-libxml2

EA-11401: Update ea-libxml2 from 2.11.1 to 2.11.2.

2023-5-3

---

ea-nginx

• EA-11132: Ensure /var/log/nginx.uninstall does not exist before moving active log files there.
• EA-11131: Ensure userdata reflects apache port changes when ea-nginx is removed.

ea-libxml2

• EA-11388: Update ea-libxml2 from 2.10.4 to 2.11.1. This update contains security releases, but no CVEs are assigned.

ea-php80-php-memcached

• EA-11384: Update ea-php80-php-memcached from 3.1.5 to 3.2.0.

ea-php81-php-memcached

• EA-11385: Update ea-php81-php-memcached from 3.1.5 to 3.2.0.

ea-php82-php-memcached

• ZC-10561: Create ea-php82-php-memcached.

ea-cpanel-tools

• ZC-10561: Add ea-php82-php-memcached.

2023-4-26

---

ea4-experimental

• ZC-10895: make From repo have OS info akin to APT-Sources.

apr

• EA-11357: Update apr from 1.7.3 to 1.7.4.

ea-apache2

• EA-11296: Fix posttrans scriptlet failures on RHEL8+.

ea-apache24-mod-passenger

• EA-11368: Change PassengerInstanceRegistryDir to /opt/cpanel/ea-passenger/run/passenger-instreg.

ea-ruby27-rubygem-rack

• EA-11374: Update ea-ruby27-rubygem-rack from 2.2.6 to 2.2.7.

ea-tomcat85

• EA-11369: Update ea-tomcat85 from 8.5.87 to 8.5.88.

2023-4-19

---

ea-modsec30

• EA-11353: Update ea-modsec30 from 3.0.8 to 3.0.9.

ea-cpanel-tools

• ZC-10899: Add ea-nginx-echo to additional_packages.

ea-libxml2

• EA-11352: Update ea-libxml2 from 2.10.3 to 2.10.4 (with fixes for CVE-2023-29469 and CVE-2023-28484.)

ea-nginx

• EA-11350: ea-nginx: ea4-tool-post-update update include-binaries to new tarball.
• EA-11350: Update ea-nginx from 1.23.4 to 1.24.0.

ea-php81

• EA-11356: Update ea-php81 from 8.1.17 to 8.1.18.

ea-php81-meta

• EA-11356: Update ea-php81 from 8.1.17 to 8.1.18.

ea-php82

• EA-11355: Update ea-php82 from 8.2.4 to 8.2.5.

ea-php82-meta

• EA-11355: Update ea-php82 from 8.2.4 to 8.2.5.

ea-nginx-njs

• EA-11351: Update ea-nginx-njs from 0.7.11 to 0.7.12.

ea-nginx-echo

• ZC-10483: Create ea-nginx-echo module.

2023-4-12

---

ea-apache2

• EA-11337: Update ea-apache2 from 2.4.56 to 2.4.57.

ea-nginx

• EA-11324: Wrap docroot in quotes so that docroots that contain semicolons do not break the config.

ea-profiles-cpanel

• EA-11338: Don’t ship ruby profiles at all on c9+.

2023-4-5

---

Ruby 2.7

• EA-11327: Update ea-ruby27 from 2.7.7 to 2.7.8 (with fixes for CVE-2023-28755 and CVE-2023-28756.)
  • ea-ruby27
  • ea-ruby27-meta
  • ea-ruby27-rubygem-mizuho
  • ea-ruby27-rubygem-nokogiri
  • ea-ruby27-rubygem-rack
  • ea-ruby27-rubygem-sqlite3

apr

• EA-11326: Update apr from 1.7.2 to 1.7.3.

ea-nginx

• EA-11323: Update ea-nginx from 1.23.3 to 1.23.4.

ea-nodejs16

• EA-11328: Update ea-nodejs16 from 16.19.1 to 16.20.0.

2023-3-29

---

scl-sourceguardian

• EA-11314: Update scl-sourceguardian from 14.0.1 to 14.0.2.

libcurl

• EA-11303: Update libcurl from 7.88.1 to 8.0.1 (with fixes for CVE-2023-27538, CVE-2023-27537, CVE-2023-27536, CVE-2023-27535, and CVE-2023-27534.)

ea-nginx

• EA-11298: Do not log microseconds to bytes log.

ea-apache2-config

• EA-11222: Remove ancient MSIE SSL keepalive hack.

2023-3-23

---

ea-cpanel-tools

• EA-10893: Fix ea_install_profile to return non-zero exit code upon failure.

ea-nginx-njs

• EA-11297: Update ea-nginx-njs from 0.7.10 to 0.7.11.

ea-php81

• EA-11300: Update ea-php81 from 8.1.16 to 8.1.17.

ea-php81-meta

• EA-11300: Update ea-php81 from 8.1.16 to 8.1.17.

ea-php82

• EA-11301: Update ea-php82 from 8.2.3 to 8.2.4.

ea-php82-meta

• EA-11301: Update ea-php82 from 8.2.3 to 8.2.4.

mod_suphp

• ZC-10531: Restore “Scan this dir for additional .ini files” for A9.

scl-php-pear

• EA-11253: Ensure zzzzzzz-pecl.ini is marked as a config file on debian-based systems.

2023-3-8

---

ea-nginx

• EA-11269: Reduce frequency of nginx restarts during cpanellogd’s domain log processing when piped logging is enabled.

ea-cpanel-tools

• EA-11271: Let ea_current_to_profile ignore OpenSSL devel packages under --target-os.

ea-tomcat85

• EA-11283: Update ea-tomcat85 from 8.5.86 to 8.5.87.

ea-apache24

• EA-11284: Update ea-apache24 from 2.4.55 to 2.4.56 (with fixes for CVE-2023-27522 and CVE-2023-25690.)

2023-3-1

---

ea-tomcat85

• EA-11270: Update ea-tomcat85 from 8.5.85 to 8.5.86.

scl-php-pear

• EA-11201: Update PEAR and its dependencies (with fixes for CVE-2020-28948, CVE-2020-28949, CVE-2020-36193, and CVE-2021-32610.)
  • Update PEAR from 1.10.12 to 1.10.13.
  • Update Archive_Tar from 1.4.9 to 1.4.14.

2023-2-22

---

ea-nodejs16

• EA-11255: Update ea-nodejs16 from 16.19.0 to v16.19.1 (with fixes for CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, and CVE-2023-24807.)

libcurl

• EA-11256: Update libcurl from 7.88.0 to 7.88.1.

scl-sourceguardian

• EA-11257: Update scl-sourceguardian from 14.0.0 to 14.0.1.

2023-2-16

---

ea-nghttp2

• EA-11239: Update ea-nghttp2 from 1.51.0 to 1.52.0.

ea-nginx

• ZC-10615: Remove cleaning pipelog artifacts from init.d and chksrvd files.
• EA-11189: Exclude invalid certificate files from the Nginx config.

ea-nginx-njs

• EA-11224: Update ea-nginx-njs from 0.7.9 to 0.7.10.

ea-php80

• EA-11227: Update ea-php80 from 8.0.27 to 8.0.28 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-php80-meta

• EA-11227: Update ea-php80 from 8.0.27 to 8.0.28 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-php81

• EA-11244: Update ea-php81 from 8.1.15 to 8.1.16 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-php81-meta

• EA-11244: Update ea-php81 from 8.1.15 to 8.1.16 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-php82

• EA-11226: Update ea-php82 from 8.2.2 to 8.2.3 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-php82-meta

• EA-11226: Update ea-php82 from 8.2.2 to 8.2.3 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)

ea-podman

• ZC-10667: Change perms for nuewuidmap for Rocky 9.

libcurl

• EA-11241: Update libcurl from 7.87.0 to 7.88.0 (with fixes for CVE-2023-23916, CVE-2023-23915, and CVE-2023-23914.)

mod_security2

• EA-11134: Update mod_security2 from 2.9.6 to 2.9.7 (with fix for CVE-2023-24021.)

2023-2-9

---

libcurl

• EA-11221: Bump minimum required nghttp2 version to 1.51.0-2.

apr

• EA-11198: Update apr from 1.7.0 to 1.7.2 (with fixes for CVE-2022-24963 and CVE-2021-35940.)

apr-util

• EA-11199: Update apr-util from 1.6.1 to 1.6.3 (with fix for CVE-2022-25147.)

ea-openssl11

• EA-11213: Update ea-openssl11 from 1.1.1s to 1.1.1t (with fixes for CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, and CVE-2022-4450.)

ea-libxml2

• EA-11205: Update ea-libxml2 from 2.9.7 to 2.10.3 (with fixes for CVE-2022-23308, CVE-2022-29824, CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303.)

ea-php81

• EA-11208: Update ea-php81 from 8.1.14 to 8.1.15.

ea-php81-meta

• EA-11208: Update ea-php81 from 8.1.14 to 8.1.15.

ea-php82

• EA-11212: Fix PKG_CONFIG_PATH.
• EA-11200: Update ea-php82 from 8.2.1 to 8.2.2.

ea-php82-meta

• EA-11200: Update ea-php82 from 8.2.1 to 8.2.2.

ea-nghttp2

• EA-11210: Update ea-nghttp2 from 1.49.0 to 1.51.0.
• EA-11221: Have ea-nghttp2 require ea-libnghttp2.

2023-2-1

---

ea-apache2-config

• EA-11169: Ensure apache restart during glibc updates on Ubuntu.

ea-apache24-mod-passenger

• EA-11187: ea-passenger-src was updated from 6.0.16 to 6.0.17.

ea-passenger-src

• EA-11187: Update ea-passenger-src from 6.0.16 to 6.0.17.

ea-php74

• EA-11075: Correct default value description for log_errors in php.ini file.

ea-php80

• EA-11075: Correct default value description for log_errors in php.ini file.

ea-php81

• EA-11075: Correct default value description for log_errors in php.ini file.

ea-php82

• EA-11075: Correct default value description for log_errors in php.ini file.

ea-ruby27-passenger

• EA-11188: Update ea-ruby27-passenger from 6.0.16 to 6.0.17.

2023-1-25

---

ea-apache2-config

• EA-11159: Provide touchfile to disable apache restart for glibc update.

ea-tomcat85

• EA-11177: Update ea-tomcat85 from 8.5.84 to 8.5.85.

scl-sourceguardian

• EA-11168: Update scl-sourceguardian from 13.0.3 to 14.0.0.

2023-1-19

---

ea-apache24

• EA-11157: Update ea-apache2 from 2.4.54 to 2.4.55.
• EA-11167: Patch to fix sporadic 500 errors with 2.4.55 (with fixes for CVE-2022-37436, CVE-2022-36760, and CVE-2006-20001.)

2023-1-18

---

ea-cpanel-tools

• ZC-10586: Update manifest for new C7 PHP 8.2 packages.

ea-nginx

• EA-11156: Avoid reloads while config subcommand is executing.

ea-profiles-cpanel

• ZC-10584: Drop special C7 allphp profiles since PHP 8.2 is available on C7.

ea-ruby27-rubygem-rack

• EA-11158: Update ea-ruby27-rubygem-rack from 2.2.5 to 2.2.6.

ea-php82

• ZC-10585: Build for CentOS7.

ea-php82-meta

• ZC-10585: Build for CentOS7.

2023-1-11

---

ea-cpanel-tools

• ZC-10581: Update EA4 recommendations.
• ZC-10447: Make PHP 8.1 the default PHP.
• ZC-10447: Update manifest for A9 and PHP 8.2.

ea-nginx

• EA-10890: Refactor _render_and_append() to use more data from global config data.
• EA-11121: Add ipv6 subdomain to server_name directive when account has an ipv6 address assigned.
• EA-11088: Account for mail subdomains of addon and parked domains when configuring the server_name directive.
• ZC-10593: Merge last upstream bit into ea-nginx.
• ZC-10517: Address Ubuntu creating additional splitlog processes.
• ZC-10484: Remove SIGKILL from various nginx files.
• ZC-10317: Update ngx_http_pipelog_module to version 1.0.3.

ea-php80

• EA-11137: Update ea-php80 from 8.0.26 to 8.0.27 (with fix for CVE-2022-31631.)

ea-php80-meta

• EA-11137: Update ea-php80 from 8.0.26 to 8.0.27 (with fix for CVE-2022-31631.)

ea-php81

• EA-11133: Update ea-php81 from 8.1.13 to 8.1.14 (with fix for CVE-2022-31631.)

ea-php81-meta

• EA-11133: Update ea-php81 from 8.1.13 to 8.1.14 (with fix for CVE-2022-31631.)

ea-php82

• EA-11136: Update ea-php82 from 8.2.0 to 8.2.1 (with fix for CVE-2022-31631.)

ea-php82-meta

• EA-11136: Update ea-php82 from 8.2.0 to 8.2.1 (with fix for CVE-2022-31631.)

ea-profiles-cpanel

• ZC-10447: Update profiles for PHP 7.4 being EOL and PHP 8.2 being available.

ea-ruby27-rubygem-rack

• EA-11119: Update ea-ruby27-rubygem-rack from 2.2.4 to 2.2.5.

ea-apache24-mod-qos

• EA-11147: Update ea-apache24-mod-qos from 11.72 to 11.73.

2023-1-4

---

ea-passenger-src

• EA-11116: Update ea-passenger-src from 6.0.15 to 6.0.16.

ea-apache24-mod-passenger

• EA-11116: Update ea-passenger-src from 6.0.15 to 6.0.16.

ea-ruby27-passenger

• EA-11117: Update ea-ruby27-passenger from 6.0.15 to 6.0.16.

ea-redis62

• EA-11106: Update ea-redis62 from 6.2.7 to 6.2.8.

ea-libcurl

• EA-11118: Update libcurl from 7.86.0 to 7.87.0 (with fixes for CVE-2022-43551 and CVE-2022-43552.)

scl-ioncube12

• EA-11120: Update scl-ioncube12 from 12.0.4 to 12.0.5.

ea-nginx

• EA-11087: Guard against bad userdata where a domain is considered an addon domain and subdomain.