cPanel, Inc. has released updated RPMs for EasyApache 4 on June 29, 2016, with PHP version 5.5.37. This release addresses vulnerabilities related to CVE-2015-8874. We strongly encourage all PHP 5.5 users to upgrade to version 5.5.37.

About the vulnerability:

All versions of PHP 5.5 through version 5.5.36
SECURITY RATING -The National Vulnerability Database (NIST) has given the following severity ratings to these CVEs:
CVE-2015-8874 - HIGH
PHP 5.5.37
Fixed bug in the GD module related to CVE-2015-8874

What can I do:

If you are a QuickHostUK Managed Hosting customer this has already been patched. If you are not a QuickHostUK Managed Hosting customer and you are using cPanel/WHM please ensure you have also taken the appropriate actions to secure your own servers.

Alternatively, we can handle this for you with our adhoc management scheme, which for this occurrence would be £25.

Please contact us if you wish to utilise this service or if you have any questions.

Kind Regards,

QuickHostUK Limited