EasyApache4 v25.51 Maintenance and Security Release

WebPros has released an update for EasyApache 4!  Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

ea-cpanel-tools
CPANEL-51983: Added note fields for error_log and log_errors PHP directives.

  ea-apache24 (mod_suexec subpackage)
EA4-242: Remove exec_code_asuser self-conflict from mod_suexec. Fixes WHM EA4 interface incorrectly showing a conflict warning between mod_suexec and mod_suphp.

  ea-apache24-mod_pagespeed
EA-13373: Fix version to match actual shipped binary (was 1.14.36.1 in spec but 1.13.35.2 in SOURCES RPM since EA-7761). Add Epoch 1 for clean upgrade path.

  ea-libcurl
EA-13370: Security backports from curl 8.19.0:
- CVE-2026-3805 (SMB use-after-free, Medium)
- CVE-2026-3783 (bearer token leak via netrc+redirect, Medium)
- CVE-2026-1965 (HTTP Negotiate connection reuse, Medium)
- CVE-2026-3784 (proxy credential reuse, Low)
- MQTT too-big-message-check (HackerOne 3508500)
- TFTP filename length check (HackerOne 3508321)

  ea-php84 / ea-php84-meta
EA-13372: Update ea-php84 from v8.4.18 to v8.4.19

  ea-php85 / ea-php85-meta
  EA-13374: Update ea-php85 from v8.5.3 to v8.5.4

ea-nginx / ea-nginx-njs / ea-nginx-echo / ea-nginx-headers-more / ea-nginx-passenger / ea-modsec30-connector-nginx

EA-13369: Update ea-nginx from v1.29.5 to v1.29.6 (modules rebuilt)