/ Register

Welcome to Centmin Mod Community
Become a Member

Nginx 1.11.4 & MariaDB Updates for CVE-2016-6662

Discussion in 'Centmin Mod News' started by eva2000, Sep 14, 2016.

Tags:
Thread Status:
Not open for further replies.
Previous Thread Next Thread
Loading...
  1. Sep 14, 2016 #1
    eva2000

    eva2000 Administrator Staff Member

    54,873
    12,239
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,810
    Local Time:
    6:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+

    Nginx 1.11.4 & MariaDB Security Updates for CVE-2016-6662



    There's been security updates for MariaDB versions for Remote Root Code Execution CVE-2016-6662 vulnerability outlined here. Also Nginx 1.11.4 version has been released. Centmin Mod users can upgrade Nginx versions themselves without waiting on Centmin Mod branch updates via centmin.sh menu option 4 illustrated here.

    Centmin Mod 123.08stable defaults to MariaDB 10.0.x branch so 10.0.27 is latest. Centmin Mod 123.09beta01 defaults to MariaDB 10.1.x branch so 10.1.17 is latest.

    For MariaDB you can check which version you're currently running using via SSH command below.
    Code (Text):
    mysqladmin ver

    and list which version is installed
    Code (Text):
    yum list installed MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared -q


    example outputs
    Code (Text):
    mysqladmin ver
mysqladmin  Ver 9.1 Distrib 10.1.17-MariaDB, for Linux on x86_64
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Server version          10.1.17-MariaDB
Protocol version        10
Connection              Localhost via UNIX socket
UNIX socket             /var/lib/mysql/mysql.sock
Uptime:                 3 sec

Threads: 1  Questions: 1  Slow queries: 0  Opens: 18  Flush tables: 1  Open tables: 11  Queries per second avg: 0.333

    Code (Text):
    yum list installed MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared -q
Installed Packages
MariaDB-client.x86_64    10.1.17-1.el7.centos      @mariadb
MariaDB-common.x86_64    10.1.17-1.el7.centos      @mariadb
MariaDB-compat.x86_64    10.1.17-1.el7.centos      @mariadb
MariaDB-devel.x86_64     10.1.17-1.el7.centos      @mariadb
MariaDB-server.x86_64    10.1.17-1.el7.centos      @mariadb
MariaDB-shared.x86_64    10.1.17-1.el7.centos      @mariadb


    MariaDB YUM Updates



    If you need to upgrade MariaDB within same branch, use yum update SSH command
    Code (Text):
    yum update MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared


    Additional Notes


    • If you're already on latest version, you would get a message of no packages marked for update.
    • If mysqladmin ver and yum list installed outputs don't match, i.e. if mysqladmin ver output is one version behind yum list installed, then you may need to restart mysql server for the updated YUM packages to take effect.
     
    Last edited: Sep 14, 2016
Previous Thread Next Thread
Loading...
Thread Status:
Not open for further replies.

.