Learn about Centmin Mod LEMP Stack today
Become a Member

Nginx 1.11.4 & MariaDB Updates for CVE-2016-6662

Discussion in 'Centmin Mod News' started by eva2000, Sep 14, 2016.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    30,178
    6,786
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,139
    Local Time:
    3:51 PM
    Nginx 1.13.x
    MariaDB 5.5

    Nginx 1.11.4 & MariaDB Security Updates for CVE-2016-6662



    There's been security updates for MariaDB versions for Remote Root Code Execution CVE-2016-6662 vulnerability outlined here. Also Nginx 1.11.4 version has been released. Centmin Mod users can upgrade Nginx versions themselves without waiting on Centmin Mod branch updates via centmin.sh menu option 4 illustrated here.

    Centmin Mod 123.08stable defaults to MariaDB 10.0.x branch so 10.0.27 is latest. Centmin Mod 123.09beta01 defaults to MariaDB 10.1.x branch so 10.1.17 is latest.

    For MariaDB you can check which version you're currently running using via SSH command below.
    Code (Text):
    mysqladmin ver

    and list which version is installed
    Code (Text):
    yum list installed MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared -q


    example outputs
    Code (Text):
    mysqladmin ver
    mysqladmin  Ver 9.1 Distrib 10.1.17-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
    
    Server version          10.1.17-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 3 sec
    
    Threads: 1  Questions: 1  Slow queries: 0  Opens: 18  Flush tables: 1  Open tables: 11  Queries per second avg: 0.333

    Code (Text):
    yum list installed MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared -q
    Installed Packages
    MariaDB-client.x86_64    10.1.17-1.el7.centos      @mariadb
    MariaDB-common.x86_64    10.1.17-1.el7.centos      @mariadb
    MariaDB-compat.x86_64    10.1.17-1.el7.centos      @mariadb
    MariaDB-devel.x86_64     10.1.17-1.el7.centos      @mariadb
    MariaDB-server.x86_64    10.1.17-1.el7.centos      @mariadb
    MariaDB-shared.x86_64    10.1.17-1.el7.centos      @mariadb
    


    MariaDB YUM Updates



    If you need to upgrade MariaDB within same branch, use yum update SSH command
    Code (Text):
    yum update MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared


    Additional Notes


    • If you're already on latest version, you would get a message of no packages marked for update.
    • If mysqladmin ver and yum list installed outputs don't match, i.e. if mysqladmin ver output is one version behind yum list installed, then you may need to restart mysql server for the updated YUM packages to take effect.
     
    Last edited: Sep 14, 2016
    • Like Like x 2
Thread Status:
Not open for further replies.