Discover Centmin Mod today
Register Now

Security LibreSSL 2.2.3 Released for Centmin Mod Nginx

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Aug 31, 2015.

  1. eva2000

    eva2000 Administrator Staff Member

    54,087
    12,177
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,735
    Local Time:
    11:11 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+

    Centmin Mod 1.2.3-eva2000.08+ LibreSSL 2.2.3



    LibreSSL 2.2.3 is now the stable release http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.2.3-relnotes.txt. Centmin Mod 123.08stable and 123.09beta01 Github branches corresponding to Centmin Mod 1.2.3-eva2000.08 stable and Centmin Mod 1.2.3-eva2000.09 beta01 have been updated to default to LibreSSL 2.2.3 for new fresh installs. For existing folks, follow below update instructions.

    While Centmin Mod 1.2.3-eva2000.07 stable used OpenSSL for Nginx compile, Centmin Mod .08+ has switched from OpenSSL to LibreSSL, so no longer is reliant on OpenSSL for Nginx. Full details of Nginx + LibreSSL here.

    Centmin Mod Nginx Update LibreSSL



    For Centmin Mod 1.2.3-eva2000.08 beta03, .08 stable and higher you can update to LibreSSL 2.2.3 via 2 steps.

    Step 1. Updating centmin.sh LIBRESSL_VERSION variable to 2.2.3. Best way is to use centmin.sh menu option 23 submenu option 2 for auto updating Centmin Mod code as outlined at centminmod.com/upgrade.html and at https://community.centminmod.com/threads/new-08-beta-menu-option-updating-centmin-mod-via-git.3084/. That will auto update centmin.sh to latest version which already has LIBRESSL_VERSION='2.2.3' set.

    If you do not have centmin.sh menu option 23 submenu option 1 for git environment setup, then you need to manually update and edit your server copy of centmin.sh at /usr/local/src/centminmod/centmin.sh

    from
    Code:
    # LibreSSL
    LIBRESSL_SWITCH='y'        # if set to 'y' it overrides OpenSSL as the default static compiled option for Nginx server
    LIBRESSL_VERSION='2.2.2'   # Use this version of LibreSSL http://www.libressl.org/
    to
    Code:
    # LibreSSL
    LIBRESSL_SWITCH='y'        # if set to 'y' it overrides OpenSSL as the default static compiled option for Nginx server
    LIBRESSL_VERSION='2.2.3'   # Use this version of LibreSSL http://www.libressl.org/
    or can do it via sed replacement on centmin.sh within centmin mod directory

    Code:
    cmdir
    sed -i "s|LIBRESSL_VERSION='2.2.2'|LIBRESSL_VERSION='2.2.3'|g" centmin.sh
    grep LIBRESSL_VERSION centmin.sh 
    Step 2. Then select centmin.sh menu option #4 to upgrade/downgrade Nginx recompile Nginx and specify latest Nginx version i.e. 1.9.4.

    For example after recompile Nginx version output will show built with LibreSSL 2.2.3


    LibreSSL 2.2.3



    You'll find latest LibreSSL 2.2.3 on official site.