EasyApache4 v25.65 Maintenance Release

WebPros has released an update for EasyApache 4!  Take a look at some highlights below, and then join us on the cPanel Community Forums, Discord, or Reddit to talk about this update and much more. If you have additional questions, feel free to reach out on one of our social channels.

• ea-apache24
• EA-13458: Update ea-apache24 from v2.4.67 to v2.4.68
• critical: CVE-2026-49975 - mod_http2 DoS via memory allocation
• critical: CVE-2026-48913 - mod_http2 memory corruption
• high: CVE-2026-44631 - heap underflow in ap_regname
• high: CVE-2026-44186 - infinite loop in mod_proxy_ftp
• high: CVE-2026-44185 - stack buffer over-read in mod_ssl OCSP
• high: CVE-2026-44119 - privilege escalation via expressions
• moderate: CVE-2026-43951 - OOB read in merge_response_headers
• moderate: CVE-2026-42536 - mod_xml2enc heap overflow
• moderate: CVE-2026-42535 - mod_dav_fs protected directory access
• moderate: CVE-2026-34356 - ProxyPassReverseCookieMap buffer overflow
• moderate: CVE-2026-34355 - mod_proxy_html buffer overflow
• low: CVE-2026-29170 - mod_proxy_ftp XSS
• low: CVE-2026-29167 - mod_ldap use-after-free
   

• ea-apache24-mod-passenger
• EA-13453: ea-passenger-src was updated from v6.1.3 to v6.1.4

• ea-apache24-mod-qos
• EA-13457: Update ea-apache24-mod-qos from v11.78 to v11.79

• ea-nginx-passenger
• EA-13453: ea-passenger-src was updated from v6.1.3 to v6.1.4

• ea-passenger-src
• EA-13453: Update ea-passenger-src from v6.1.3 to v6.1.4

• ea-php84
• EA-13455: Update ea-php84 from v8.4.21 to v8.4.22

• ea-php84-meta
• EA-13455: Update ea-php84 from v8.4.21 to v8.4.22

• ea-php85
• EA-13456: Update ea-php85 from v8.5.6 to v8.5.7

• ea-php85-meta
• EA-13456: Update ea-php85 from v8.5.6 to v8.5.7

• ea-ruby27-passenger
• EA-13444: Update ea-ruby27-passenger from v6.1.3 to v6.1.4