Skip to main content

EasyApache4 v25.60 - Critical CVE Fix for ea-nginx (CVE-2026-42945)

cPRex Jurassic Moderator

WebPros has released an update for EasyApache 4!  Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

  • ea-nginx
    • EA-13436: Update ea-nginx from v1.30.0 to v1.31.0
      • (CVE-2026-42945) Critical (CVSS 9.2): Heap buffer overflow in ngx_http_rewrite_module
 
This vulnerability affects nginx versions 0.6.27 through 1.30.0. 
 
The following packages were also rebuilt against the patched ea-nginx:
 
  • ea-nginx-echo
    • EA-13436: Rebuild ea-nginx-echo against ea-nginx v1.31.0
 
  • ea-nginx-headers-more
    • EA-13436: Rebuild ea-nginx-headers-more against ea-nginx v1.31.0
 
  • ea-nginx-passenger
    • EA-13436: Rebuild ea-nginx-passenger against ea-nginx v1.31.0
 
  • ea-nginx-njs
    • EA-13436: Rebuild ea-nginx-njs against ea-nginx v1.31.0

Comments

0 comments

Post is closed for comments.

Didn't find what you were looking for?

New post