Welcome to Centmin Mod Community
Become a Member

Security Memcached & PHP Security Updates

Discussion in 'Centmin Mod News' started by eva2000, Mar 3, 2018.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    May 24, 2014
    Brisbane, Australia
    Local Time:
    10:57 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Security updates are available for both Memcached server and PHP (php-fpm). Memcrashed Amplification Attack vulnerability doesn't affect Centmin Mod installed Memcached servers out of the box as Centmin Mod installs CSF Firewall to block such 11211 ports by default and Memcached server is configured to listen locally only and not on public IP address. But updating to Memcached 1.5.6 is still recommended. PHP security updates will require Centmin Mod users to update to latest PHP versions within their chosen PHP branches via centmin.sh menu option 5 as outlined in below linked threads.

    For Memcached 1.5.6 update to fix Memcrashed vulnerability
    For PHP security updates

Thread Status:
Not open for further replies.