Join the community today
Become a Member

Security Memcached & PHP Security Updates

Discussion in 'Centmin Mod News' started by eva2000, Mar 3, 2018.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    12:05 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Security updates are available for both Memcached server and PHP (php-fpm). Memcrashed Amplification Attack vulnerability doesn't affect Centmin Mod installed Memcached servers out of the box as Centmin Mod installs CSF Firewall to block such 11211 ports by default and Memcached server is configured to listen locally only and not on public IP address. But updating to Memcached 1.5.6 is still recommended. PHP security updates will require Centmin Mod users to update to latest PHP versions within their chosen PHP branches via centmin.sh menu option 5 as outlined in below linked threads.

    For Memcached 1.5.6 update to fix Memcrashed vulnerability
    For PHP security updates


     
Thread Status:
Not open for further replies.