EasyApache 4 Change Log 2023
Last modified: June 1, 2023
EasyApache 4 does not use versioning and organizes changes by date only.
Each entry contains the following information:
- The package that we changed.
- The case number for the change.
- A description of the change.
For more information about our GitHub repository, read our The EasyApache 4 Git Repository and Build Updates documentation.
2023-5-31
ea-cpanel-tools
- ZC-10931: Updated for
ea-libc-client
. - ZC-10474: Add
ea-nginx-echo
toadditional_packages
.
ea-brotli
- ZC-10933: Correct brotli dependency.
libcurl
- EA-11448: Update
libcurl
from 8.1.1 to 8.1.2 (with fixes for CVE-2023-28322, CVE-2023-28321, CVE-2023-28320, and CVE-2023-28319.) - EA-11432: Update
libcurl
from 8.0.1 to 8.1.1.
ea-php74
- ZC-10931: Link with
libc-client
statically.
ea-php80
- ZC-10931: Link with
libc-client
statically.
ea-php81
- ZC-10931: Link with
libc-client
statically.
ea-php82
- ZC-10931: Link with
libc-client
statically.
ea-libc-client
- ZC-10931: Initial Build.
ea-nginx
- EA-11442: Update
ea-nginx
from 1.24.0 to 1.25.0.
ea-openssl11
- EA-11449: Update
ea-openssl11
from 1.1.1t to 1.1.1u (with fix for CVE-2023-2650.)
2023-5-24
ea-libxml2
- EA-11431: Update
ea-libxml2
from 2.11.3 to 2.11.4.
ea-ruby27-libuv
- EA-11427: Update
ea-ruby27-libuv
from 1.44.2 to 1.45.0.
ea-tomcat85
- EA-11428: Update
ea-tomcat85
from 8.5.88 to 8.5.89.
ea-apache24-mod-qos
- EA-11430: Update
ea-apache24-mod-qos
from 11.73 to 11.74.
scl-sourceguardian
- EA-11429: Update
scl-sourceguardian
from 14.0.2 to 14.0.3.
2023-5-17
ea-nghttp2
- EA-11412: Update
ea-nghttp2
from 1.52.0 to 1.53.0.
ea-php81
- EA-11415: Update
ea-php81
from 8.1.18 to 8.1.19.
ea-php81-meta
- EA-11415: Update
ea-php81
from 8.1.18 to 8.1.19.
ea-php82
- EA-11413: Update
ea-php82
from 8.2.5 to 8.2.6.
ea-php82-meta
- EA-11413: Update
ea-php82
from 8.2.5 to 8.2.6.
ea-libxml2
- EA-11414: Update
ea-libxml2
from 2.11.2 to 2.11.3.
2023-5-10
ea-nginx
- EA-11397: Ensure deb package moves
/var/log/nginx
to/var/log/nginx.uninstall
upon removal.
ea-libxml2
EA-11401: Update ea-libxml2
from 2.11.1 to 2.11.2.
2023-5-3
ea-nginx
- EA-11132: Ensure
/var/log/nginx.uninstall
does not exist before moving active log files there. - EA-11131: Ensure userdata reflects apache port changes when
ea-nginx
is removed.
ea-libxml2
- EA-11388: Update
ea-libxml2
from 2.10.4 to 2.11.1. This update contains security releases, but no CVEs are assigned.
ea-php80-php-memcached
- EA-11384: Update
ea-php80-php-memcached
from 3.1.5 to 3.2.0.
ea-php81-php-memcached
- EA-11385: Update
ea-php81-php-memcached
from 3.1.5 to 3.2.0.
ea-php82-php-memcached
- ZC-10561: Create
ea-php82-php-memcached
.
ea-cpanel-tools
- ZC-10561: Add
ea-php82-php-memcached
.
2023-4-26
ea4-experimental
- ZC-10895: make
From repo
have OS info akin toAPT-Sources
.
apr
- EA-11357: Update
apr
from 1.7.3 to 1.7.4.
ea-apache2
- EA-11296: Fix posttrans scriptlet failures on RHEL8+.
ea-apache24-mod-passenger
- EA-11368: Change
PassengerInstanceRegistryDir
to/opt/cpanel/ea-passenger/run/passenger-instreg
.
ea-ruby27-rubygem-rack
- EA-11374: Update
ea-ruby27-rubygem-rack
from 2.2.6 to 2.2.7.
ea-tomcat85
- EA-11369: Update
ea-tomcat85
from 8.5.87 to 8.5.88.
2023-4-19
ea-modsec30
- EA-11353: Update
ea-modsec30
from 3.0.8 to 3.0.9.
ea-cpanel-tools
- ZC-10899: Add
ea-nginx-echo
toadditional_packages
.
ea-libxml2
- EA-11352: Update
ea-libxml2
from 2.10.3 to 2.10.4 (with fixes for CVE-2023-29469 and CVE-2023-28484.)
ea-nginx
- EA-11350:
ea-nginx
:ea4-tool-post-update
update include-binaries to new tarball. - EA-11350: Update
ea-nginx
from 1.23.4 to 1.24.0.
ea-php81
- EA-11356: Update
ea-php81
from 8.1.17 to 8.1.18.
ea-php81-meta
- EA-11356: Update
ea-php81
from 8.1.17 to 8.1.18.
ea-php82
- EA-11355: Update
ea-php82
from 8.2.4 to 8.2.5.
ea-php82-meta
- EA-11355: Update
ea-php82
from 8.2.4 to 8.2.5.
ea-nginx-njs
- EA-11351: Update
ea-nginx-njs
from 0.7.11 to 0.7.12.
ea-nginx-echo
- ZC-10483: Create
ea-nginx-echo
module.
2023-4-12
ea-apache2
- EA-11337: Update
ea-apache2
from 2.4.56 to 2.4.57.
ea-nginx
- EA-11324: Wrap docroot in quotes so that docroots that contain semicolons do not break the config.
ea-profiles-cpanel
- EA-11338: Don’t ship ruby profiles at all on c9+.
2023-4-5
Ruby 2.7
- EA-11327: Update
ea-ruby27
from 2.7.7 to 2.7.8 (with fixes for CVE-2023-28755 and CVE-2023-28756.)ea-ruby27
ea-ruby27-meta
ea-ruby27-rubygem-mizuho
ea-ruby27-rubygem-nokogiri
ea-ruby27-rubygem-rack
ea-ruby27-rubygem-sqlite3
apr
- EA-11326: Update
apr
from 1.7.2 to 1.7.3.
ea-nginx
- EA-11323: Update
ea-nginx
from 1.23.3 to 1.23.4.
ea-nodejs16
- EA-11328: Update
ea-nodejs16
from 16.19.1 to 16.20.0.
2023-3-29
scl-sourceguardian
- EA-11314: Update
scl-sourceguardian
from 14.0.1 to 14.0.2.
libcurl
- EA-11303: Update libcurl from 7.88.1 to 8.0.1 (with fixes for CVE-2023-27538, CVE-2023-27537, CVE-2023-27536, CVE-2023-27535, and CVE-2023-27534.)
ea-nginx
- EA-11298: Do not log microseconds to bytes log.
ea-apache2-config
- EA-11222: Remove ancient MSIE SSL keepalive hack.
2023-3-23
ea-cpanel-tools
- EA-10893: Fix
ea_install_profile
to return non-zero exit code upon failure.
ea-nginx-njs
- EA-11297: Update
ea-nginx-njs
from 0.7.10 to 0.7.11.
ea-php81
- EA-11300: Update
ea-php81
from 8.1.16 to 8.1.17.
ea-php81-meta
- EA-11300: Update
ea-php81
from 8.1.16 to 8.1.17.
ea-php82
- EA-11301: Update
ea-php82
from 8.2.3 to 8.2.4.
ea-php82-meta
- EA-11301: Update
ea-php82
from 8.2.3 to 8.2.4.
mod_suphp
- ZC-10531: Restore “Scan this dir for additional
.ini
files” for A9.
scl-php-pear
- EA-11253: Ensure
zzzzzzz-pecl.ini
is marked as a config file on debian-based systems.
2023-3-8
ea-nginx
- EA-11269: Reduce frequency of nginx restarts during
cpanellogd
’s domain log processing when piped logging is enabled.
ea-cpanel-tools
- EA-11271: Let
ea_current_to_profile
ignore OpenSSL devel packages under--target-os
.
ea-tomcat85
- EA-11283: Update
ea-tomcat85
from 8.5.86 to 8.5.87.
ea-apache24
- EA-11284: Update
ea-apache24
from 2.4.55 to 2.4.56 (with fixes for CVE-2023-27522 and CVE-2023-25690.)
2023-3-1
ea-tomcat85
- EA-11270: Update
ea-tomcat85
from 8.5.85 to 8.5.86.
scl-php-pear
- EA-11201: Update PEAR and its dependencies (with fixes for CVE-2020-28948, CVE-2020-28949, CVE-2020-36193, and CVE-2021-32610.)
- Update PEAR from 1.10.12 to 1.10.13.
- Update
Archive_Tar
from 1.4.9 to 1.4.14.
2023-2-22
ea-nodejs16
- EA-11255: Update
ea-nodejs16
from 16.19.0 to v16.19.1 (with fixes for CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, and CVE-2023-24807.)
libcurl
- EA-11256: Update
libcurl
from 7.88.0 to 7.88.1.
scl-sourceguardian
- EA-11257: Update
scl-sourceguardian
from 14.0.0 to 14.0.1.
2023-2-16
ea-nghttp2
- EA-11239: Update
ea-nghttp2
from 1.51.0 to 1.52.0.
ea-nginx
- ZC-10615: Remove cleaning pipelog artifacts from
init.d
andchksrvd
files. - EA-11189: Exclude invalid certificate files from the Nginx config.
ea-nginx-njs
- EA-11224: Update
ea-nginx-njs
from 0.7.9 to 0.7.10.
ea-php80
- EA-11227: Update
ea-php80
from 8.0.27 to 8.0.28 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-php80-meta
- EA-11227: Update
ea-php80
from 8.0.27 to 8.0.28 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-php81
- EA-11244: Update
ea-php81
from 8.1.15 to 8.1.16 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-php81-meta
- EA-11244: Update
ea-php81
from 8.1.15 to 8.1.16 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-php82
- EA-11226: Update
ea-php82
from 8.2.2 to 8.2.3 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-php82-meta
- EA-11226: Update
ea-php82
from 8.2.2 to 8.2.3 (with fixes for CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662.)
ea-podman
- ZC-10667: Change perms for
nuewuidmap
for Rocky 9.
libcurl
- EA-11241: Update
libcurl
from 7.87.0 to 7.88.0 (with fixes for CVE-2023-23916, CVE-2023-23915, and CVE-2023-23914.)
mod_security2
- EA-11134: Update
mod_security2
from 2.9.6 to 2.9.7 (with fix for CVE-2023-24021.)
2023-2-9
libcurl
- EA-11221: Bump minimum required
nghttp2
version to 1.51.0-2.
apr
- EA-11198: Update
apr
from 1.7.0 to 1.7.2 (with fixes for CVE-2022-24963 and CVE-2021-35940.)
apr-util
- EA-11199: Update
apr-util
from 1.6.1 to 1.6.3 (with fix for CVE-2022-25147.)
ea-openssl11
- EA-11213: Update
ea-openssl11
from 1.1.1s to 1.1.1t (with fixes for CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, and CVE-2022-4450.)
ea-libxml2
- EA-11205: Update
ea-libxml2
from 2.9.7 to 2.10.3 (with fixes for CVE-2022-23308, CVE-2022-29824, CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303.)
ea-php81
- EA-11208: Update
ea-php81
from 8.1.14 to 8.1.15.
ea-php81-meta
- EA-11208: Update
ea-php81
from 8.1.14 to 8.1.15.
ea-php82
- EA-11212: Fix
PKG_CONFIG_PATH
. - EA-11200: Update ea-
php82
from 8.2.1 to 8.2.2.
ea-php82-meta
- EA-11200: Update ea-
php82
from 8.2.1 to 8.2.2.
ea-nghttp2
- EA-11210: Update
ea-nghttp2
from 1.49.0 to 1.51.0. - EA-11221: Have
ea-nghttp2
requireea-libnghttp2
.
2023-2-1
ea-apache2-config
- EA-11169: Ensure apache restart during
glibc
updates on Ubuntu.
ea-apache24-mod-passenger
- EA-11187:
ea-passenger-src
was updated from 6.0.16 to 6.0.17.
ea-passenger-src
- EA-11187: Update
ea-passenger-src
from 6.0.16 to 6.0.17.
ea-php74
- EA-11075: Correct default value description for
log_errors
inphp.ini
file.
ea-php80
- EA-11075: Correct default value description for
log_errors
inphp.ini
file.
ea-php81
- EA-11075: Correct default value description for
log_errors
inphp.ini
file.
ea-php82
- EA-11075: Correct default value description for
log_errors
inphp.ini
file.
ea-ruby27-passenger
- EA-11188: Update
ea-ruby27-passenger
from 6.0.16 to 6.0.17.
2023-1-25
ea-apache2-config
- EA-11159: Provide touchfile to disable apache restart for
glibc
update.
ea-tomcat85
- EA-11177: Update
ea-tomcat85
from 8.5.84 to 8.5.85.
scl-sourceguardian
- EA-11168: Update
scl-sourceguardian
from 13.0.3 to 14.0.0.
2023-1-19
ea-apache24
- EA-11157: Update
ea-apache2
from 2.4.54 to 2.4.55. - EA-11167: Patch to fix sporadic 500 errors with 2.4.55 (with fixes for CVE-2022-37436, CVE-2022-36760, and CVE-2006-20001.)
2023-1-18
ea-cpanel-tools
- ZC-10586: Update manifest for new C7 PHP 8.2 packages.
ea-nginx
- EA-11156: Avoid reloads while
config
subcommand is executing.
ea-profiles-cpanel
- ZC-10584: Drop special C7 allphp profiles since PHP 8.2 is available on C7.
ea-ruby27-rubygem-rack
- EA-11158: Update
ea-ruby27-rubygem-rack
from 2.2.5 to 2.2.6.
ea-php82
- ZC-10585: Build for CentOS7.
ea-php82-meta
- ZC-10585: Build for CentOS7.
2023-1-11
ea-cpanel-tools
- ZC-10581: Update EA4 recommendations.
- ZC-10447: Make PHP 8.1 the default PHP.
- ZC-10447: Update manifest for A9 and PHP 8.2.
ea-nginx
- EA-10890: Refactor
_render_and_append()
to use more data from global config data. - EA-11121: Add ipv6 subdomain to
server_name
directive when account has an ipv6 address assigned. - EA-11088: Account for mail subdomains of addon and parked domains when configuring the
server_name
directive. - ZC-10593: Merge last upstream bit into
ea-nginx
. - ZC-10517: Address Ubuntu creating additional splitlog processes.
- ZC-10484: Remove
SIGKILL
from various nginx files. - ZC-10317: Update
ngx_http_pipelog_module
to version 1.0.3.
ea-php80
- EA-11137: Update
ea-php80
from 8.0.26 to 8.0.27 (with fix for CVE-2022-31631.)
ea-php80-meta
- EA-11137: Update
ea-php80
from 8.0.26 to 8.0.27 (with fix for CVE-2022-31631.)
ea-php81
- EA-11133: Update
ea-php81
from 8.1.13 to 8.1.14 (with fix for CVE-2022-31631.)
ea-php81-meta
- EA-11133: Update
ea-php81
from 8.1.13 to 8.1.14 (with fix for CVE-2022-31631.)
ea-php82
- EA-11136: Update
ea-php8
2 from 8.2.0 to 8.2.1 (with fix for CVE-2022-31631.)
ea-php82-meta
- EA-11136: Update
ea-php82
from 8.2.0 to 8.2.1 (with fix for CVE-2022-31631.)
ea-profiles-cpanel
- ZC-10447: Update profiles for PHP 7.4 being EOL and PHP 8.2 being available.
ea-ruby27-rubygem-rack
- EA-11119: Update
ea-ruby27-rubygem-rack
from 2.2.4 to 2.2.5.
ea-apache24-mod-qos
- EA-11147: Update
ea-apache24-mod-qos
from 11.72 to 11.73.
2023-1-4
ea-passenger-src
- EA-11116: Update
ea-passenger-src
from 6.0.15 to 6.0.16.
ea-apache24-mod-passenger
- EA-11116: Update
ea-passenger-src
from 6.0.15 to 6.0.16.
ea-ruby27-passenger
- EA-11117: Update
ea-ruby27-passenger
from 6.0.15 to 6.0.16.
ea-redis62
- EA-11106: Update
ea-redis62
from 6.2.7 to 6.2.8.
ea-libcurl
- EA-11118: Update
libcurl
from 7.86.0 to 7.87.0 (with fixes for CVE-2022-43551 and CVE-2022-43552.)
scl-ioncube12
- EA-11120: Update
scl-ioncube12
from 12.0.4 to 12.0.5.
ea-nginx
- EA-11087: Guard against bad userdata where a domain is considered an addon domain and subdomain.