Vulnerabilities after a security scan

[rdhall01]

I have a few question all related to security vulnerabilities! The current versions installed are PHP (php-5.1.6-39.el5_8) and apache (httpd-2.2.3-65.el5_8). To remediate the issue it is requested that I upgrade to php 5.3.x, as well as the next version of httpd along with the dependencies. Are there any documents that show how to upgrade the php and httpd! The server had 67 issue all revolving aorund these 2 prerequisites for nagiosxi!

[scottwilkerson]

What OS and version are you running?

[rdhall01]

Red Hat Enterprise Linux Server release 5.8 2.6.18-274.el5 x86_64 x86_64 x86_64

[scottwilkerson]

I need to first forewarn you that this is somewhat destructive, so if you have a whole system backup method I would recommend doing that first.

You will need to determine all of the php packages installed by running the following

Code: Select all

yum list installed |grep php|awk {'print $1'}

Copy this list as you will need it later

Then you will need to run the following to remove php and all of these packages

Code: Select all

yum remove php

Now using the list created above you will need to make add 53 after php in each to create something like the following to install php 5.3

Code: Select all

yum install php53 php53-cli php53-common php53-devel php53-gd php53-mbstring php53-mcrypt php53-mssql php53-mysql php53-odbc php53-pdo php53-pear.noarch php53-pear-HTML-Template-IT.noarch php53-pgsql php53-snmp php53-xml.i386

This should get you there.

As for apache, you should be able to run

Code: Select all

yum update httpd

Code: Select all

yum update httpd