Issue
cPanel released an EasyApache4 update to update mod_security2 from 2.9.8 to 2.9.10 to patch
- Possible DoS vulnerability: CVE-2025-47947
- DoS vulnerability: CVE-2025-48866
When will you release mod_security2 version 2.9.10?
Environment
- Imunify360
- ModSecurity
Solution
The release of the newest version of ea-apache24-mod_security2 is already out, and now it is available in a rollout repository, so you can install it using this command:
yum update ea-apache24-mod_security2 --enablerepo=cloudlinux-ea4-rollout-14-bypass
It will be moved to stable repository in ~2 weeks, so the update would be available with this command:
yum update ea-apache24-mod_security2
On Cloudlinux 9 the only modified packages are released for EA-*, and for now you can use the cPanel's version of ea-apache24-mod_security2.
Comments
0 comments
Please sign in to leave a comment.