Hello LOG Support
(also opening similar topic in XI)
We have to upgrade PHP and Apache on XI (CentOS 6.9 / Nagios VM template) due to security vulnerabilities found in stock versions.
To which versions we could safely upgrade PHP and Apache on XI?
- How to do this safely?
Thank you
PHP and Apache compliance
Re: PHP and Apache compliance
Running a "yum upgrade php" and "yum upgrade httpd" should do the trick. The packages should come from the official CentOS repos and probably get you up to httpd 2.2.15-60 and php 5.3.3-49 or similar "old versions". This shouldn't be a concern though:
https://access.redhat.com/security/updates/backporting
https://wiki.centos.org/FAQ/General#hea ... 629ac835c7
https://access.redhat.com/security/updates/backporting
https://wiki.centos.org/FAQ/General#hea ... 629ac835c7
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: PHP and Apache compliance
Backporting would not work: fully patched but non-compliant. Just tried.cdienger wrote:Running a "yum upgrade php" and "yum upgrade httpd" should do the trick. The packages should come from the official CentOS repos and probably get you up to httpd 2.2.15-60 and php 5.3.3-49 or similar "old versions". This shouldn't be a concern though:
https://access.redhat.com/security/updates/backporting
https://wiki.centos.org/FAQ/General#hea ... 629ac835c7
Re: PHP and Apache compliance
Third party repos can be used if absolutely necessary but haven't been tested and can't be supported.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: PHP and Apache compliance
Thank you, please close the casecdienger wrote:Third party repos can be used if absolutely necessary but haven't been tested and can't be supported.