Security Advisor says there are EasyApache updates?

Hello,

To clarify, have you initiated a new build of Apache/PHP through EasyApache 3.34.0 since that version was made available?

Note for anyone interested, here's the relevant code from Security Advisor that's generating the "EasyApache3 has updates available" message:

Show/Hide: Security Advisor - Code That Checks For EasyApache Build

Code:

sub _check_for_easyapache_build {
    my $self                 = shift;
    my $security_advisor_obj = $self->{'security_advisor_obj'};

    my $cpsources          = Cpanel::Config::Sources::loadcpsources();
    my $ea_update_server   = defined $cpsources->{'EASOURCES'} ? $cpsources->{'EASOURCES'} : $cpsources->{'HTTPUPDATE'};
    my $httprequest_obj    = Cpanel::HttpRequest->new( 'hideOutput' => 1 );
    my $latest_ea3_version = '';
    eval { $latest_ea3_version = $httprequest_obj->request( 'host' => $ea_update_server, 'url' => '/cpanelsync/easy/version_easy', 'protocol' => 0, ); };
    chomp($latest_ea3_version);

    my $installed_version = Cpanel::SafeRun::Errors::saferunallerrors( _get_httpd_path(), '-v' );
    $installed_version = $installed_version =~ /Cpanel::Easy::Apache v([\d.]+)/s ? $1 : '';

    if ( $latest_ea3_version && $installed_version && $latest_ea3_version ne $installed_version ) {
        $security_advisor_obj->add_advice(
            {
                'type'       => $Cpanel::Security::Advisor::ADVISE_WARN,
                'text'       => ['EasyApache3 has updates available.'],
                'suggestion' => [
                    '[output,url,_1,EasyApache3,_2,_3] needs to be run periodically to update Apache, PHP and other public server functionality to the latest versions. Updates to EasyApache3 often fix security vulnernabilities in this software.',
                    $self->base_path('cgi/easyapache.pl?action=_pre_cpanel_sync_screen'),
                    'target',
                    '_blank'
                ],
            }
        );
    }
    return 1;
}

Thank you.

 

Hello,

It's not required, but it's generally a good idea because new versions and bug resolutions are often included. The change log is listed at:

EasyApache Change Log - EasyApache - cPanel Documentation

However, that said, this is less of an issue once you begin using EasyApache 4 due to the integration with YUM. More information on EasyApache 4 is available at:

Introduction to EasyApache 4 - EasyApache 4 - cPanel Documentation

Thank you.

 

Hello,

I recommend migrating to EasyApache 4.

The update process is outlined at How to Install or Uninstall EasyApache 4, however you can choose to wait for cPanel version 58's new EasyApache 4 Migration interface in Web Host Manager if you'd rather migrate through WHM.

We're happy to answer any questions you have about the migration process.

Thanks!

 

cPanel 58 is tentatively scheduled for publication to the Current release tier early next week. You can follow the development process on the cPanel blog. Here's the most recent update:

v58 is coming, and starting v60 | cPanel Blog

Thank you.

 

Yes, this is by design. Here's a quote from cPanel & WHM Product Versions and the Release Process that details how major and minor values are incremented:

Thanks!

 

You can wait if you like, you'll be fine.