Page 1 of 1
PHP and Apache compliance
Posted: Thu May 03, 2018 5:06 am
by dlukinski
Hello LOG Support
(also opening similar topic in XI)
We have to upgrade PHP and Apache on XI (CentOS 6.9 / Nagios VM template) due to security vulnerabilities found in stock versions.
To which versions we could safely upgrade PHP and Apache on XI?
- How to do this safely?
Thank you
Re: PHP and Apache compliance
Posted: Thu May 03, 2018 10:36 am
by cdienger
Running a "yum upgrade php" and "yum upgrade httpd" should do the trick. The packages should come from the official CentOS repos and probably get you up to httpd 2.2.15-60 and php 5.3.3-49 or similar "old versions". This shouldn't be a concern though:
https://access.redhat.com/security/updates/backporting
https://wiki.centos.org/FAQ/General#hea ... 629ac835c7
Re: PHP and Apache compliance
Posted: Fri May 04, 2018 7:28 am
by dlukinski
Backporting would not work: fully patched but non-compliant. Just tried.
Re: PHP and Apache compliance
Posted: Fri May 04, 2018 12:09 pm
by cdienger
Third party repos can be used if absolutely necessary but haven't been tested and can't be supported.
Re: PHP and Apache compliance
Posted: Fri May 11, 2018 10:55 am
by dlukinski
cdienger wrote:Third party repos can be used if absolutely necessary but haven't been tested and can't be supported.
Thank you, please close the case