Nagios Support Forum

Hello ,
We have latest nagiosxi 5.5.11 Installed. but there are some Vulnerability detected in PHP 5.4 by Our Security Team. To fix that we need to update php to version 7

so, does nagiosXI support php 7 ? if not then from when nagiosxi will support php 7 ?

which is the latest php version supported by nagiosxi ?

Hi @sac1472

The short answer is yes, but we don't choose which versions of packages such as PHP or Apache to install. Those decisions are made by the operating system vendor. Ie; RHEL, CentOS or Ubuntu. Currently, Ubuntu server uses php 7.

To mitigate security vulnerabilities while avoiding backward compatibility issues, RHEL, and by extension CentOS uses a process known as backporting. Here's how it works: RHEL patches the supported versions of these packages with the security fixes from the newer versions of these packages. For example, they will take the code from say PHP 7.2 and apply the security vulnerability fixes from that version to the shipped version, in the case of RHEL 7, PHP 5.4.16. A security audit that checks only the version numbers of installed packages does not take this process into account.

Please share this information with your security team and let us know if you have any additional questions.

https://access.redhat.com/security/updates/backporting

Thanks for detailed information.

but how's if we updated php version to 7.2 or latest stable release using other external repos like remi, epel,etc..

does nagiosxi will still function as usual same like it currently working on php 5.4.16 ????

Hi @sac1472,

Nagios will still function the same way. We don't have an official guide on upgrading to php7, since it requires additional repos that aren't included with the base distro and this may cause errors with future upgrades.