Want to subscribe to topics you're interested in?
Become a Member

Security Nginx OpenSSL 1.1.0g & 1.0.2m Security Updates

Discussion in 'Centmin Mod News' started by eva2000, Nov 3, 2017.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    May 24, 2014
    Brisbane, Australia
    Local Time:
    8:05 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Centmin Mod Nginx supports both crypto libraries for LibreSSL and OpenSSL. LibreSSL is default but you can optionally switch to OpenSSL via persistent config variable, LIBRESSL_SWITCH='n'. Nginx OpenSSL has an CVE-2017-3735 & CVE-2017-3736 security update for and released OpenSSL 1.0.2m (used in 123.08stable) and OpenSSL 1.1.0g (used in 123.09beta01).

    Full details on how to update Nginx OpenSSL at Security - OpenSSL - November 2017: OpenSSL 1.0.2m & 1.1.0g Updates + Centmin Mod Nginx

    Also heads up if you missed the Wget & PHP CVE security updates here.

Thread Status:
Not open for further replies.