Join the community today
Become a Member

Nginx OpenSSL 1.1.1g Security Update Fix CVE-2020-1967

Discussion in 'Centmin Mod News' started by eva2000, Apr 22, 2020.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    44,186
    10,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,572
    Local Time:
    12:36 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Centmin Mod 123.09beta01 and newer have a new security update for Nginx's OpenSSL 1.1.1g crypto library for Segmentation fault in SSL_check_chain (CVE-2020-1967). You can update by first running cmupdate command to update your Centmin Mod 123.09beta01 code to latest in SSH.
    Code (Text):
    cmupdate

    Then run centmin.sh menu option 4 to recompile Nginx 1.17.10 latest to use updated OpenSSL 1.1.1g
    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 123.09beta01 centminmod.com     
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer (TBA)
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 4
    --------------------------------------------------------
    

    Code (Text):
    Do you want to run YUM install checks ?  [y/n]
    
    This will increase your upgrade duration time wise.
    Check the change log centminmod.com/changelog.html
    to see if any Nginx or PHP related new additions
    which require checking YUM prequisites are met.
    If no new additions made, you can skip the
    YUM install check to speed up upgrade time.
    
     [y/n]: n
    **********************************************************************
    * Nginx Update script - Included in Centmin Extras
    * Version: 123.09beta01.b497 - Date: 31/03/2020 - Copyright 2011-2020 CentminMod.com
    **********************************************************************
     
    This software comes with no warranty of any kind. You are free to use
    it for both personal and commercial use as licensed under the GPL.
    

    Code (Text):
    Nginx Upgrade - Would you like to continue? [y/n] y
    
    Current Nginx Version: 1.17.10 (190420-104720-centos7-5cd76ab-br-bcceaab)
    
    Install which version of Nginx? (version i.e. type 1.17.10): 1.17.10
    
    Do you still want to continue? [y/n] y

    End result is Nginx built against OpenSSL 1.1.1g with security fix for CVE-2020-1967 :)

     
Thread Status:
Not open for further replies.