Want to subscribe to topics you're interested in?
Become a Member

Memcached Server 1.4.33 Security Vulnerability Fix Release

Discussion in 'Centmin Mod News' started by eva2000, Nov 5, 2016.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    30,168
    6,784
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    12:08 AM
    Nginx 1.13.x
    MariaDB 5.5
    Memcached Server 1.4.33 was released. Centmin Mod LEMP stack by default install Memcached server so everyone who uses Centmin Mod needs to update to fix security vulnerabilities CVE-2016-8704, CVE-2016-8705 and CVE-2016-8706. Full details of how to update are outlined here.

    Note, Centmin Mod installs CSF Firewall by default out of the box and Memcached port 11211 is not whitelisted anymore for public access to port 11211. You can verify this via this grep command on CSF config file /etc/csf/csf.conf and if command returns empty it means no mention of 11211 exists in the config file so memcached port 11211 is not publicly accessible anyway.
    Code (Text):
    grep '11211' /etc/csf/csf.conf

     
    • Informative Informative x 2
Thread Status:
Not open for further replies.