PHP PHP 7.0.25 & PHP 7.1.11 CVE Security Update Available

For PHP 7.1.11 php-src/NEWS at php-7.1.11 · php/php-src · GitHub

Continue reading...

 

To update Centmin Mod code first, run centmin.sh menu option 23 submenu option 2 and then exit centmin.sh. Then re-run centmin.sh menu option 5 to update to your desired PHP version when asked i.e. 7.0.25 or 7.1.11

Code (Text):

--------------------------------------------------------
     Centmin Mod Menu 123.09beta01 centminmod.com     
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB MySQL Upgrade & Management
12). Zend OpCache Install/Re-install
13). Install/Reinstall Redis PHP Extension
14). SELinux disable
15). Install/Reinstall ImagicK PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2...
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Install/Re-Install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + Cache Plugin
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 5

You can skip yum checks and continue to specify PHP version desired.

Code (Text):

Do you want to run YUM install checks ?  [y/n]

This will increase your upgrade duration time wise.
Check the change log centminmod.com/changelog.html
to see if any Nginx or PHP related new additions
which require checking YUM prequisites are met.
If no new additions made, you can skip the 
YUM install check to speed up upgrade time.

 [y/n]: N

Code (Text):

     ____   _   _  ____       _   _                                _       
    |  _ \ | | | ||  _ \  _  | | | | _ __    __ _  _ __  __ _   __| |  ___ 
    | |_) || |_| || |_) |(_) | | | || '_ \  / _` || '__|/ _` | / _` | / _ \
    |  __/ |  _  ||  __/  _  | |_| || |_) || (_| || |  | (_| || (_| ||  __/
    |_|    |_| |_||_|    (_)  \___/ | .__/  \__, ||_|   \__,_| \__,_| \___|
                                    |_|     |___/                         

PHP Upgrade/Downgrade - Would you like to continue? [y/n] y

----------------------------------------------------------------
Install which version of PHP? (version i.e. 5.6.31, 7.0.18, NGDEBUG)
PHP 7.x/7.1.x is GA Stable but still may have broken PHP extensions.
NGDEBUG is PHP 7.2.0 dev builds minus incompatible PHP extensions
----------------------------------------------------------------
Enter PHP Version number you want to upgrade/downgrade to: 7.1.11
----------------------------------------------------------------
existing php.ini will be backed up at /usr/local/lib/php.ini-oldversion_261017-212257
----------------------------------------------------------------

-----------------------------------------------------------------------------------------
Detected PHP 7.1 branch.
You can compile Zend OPcache (Zend Optimizer Plus+) support
as an alternative to using APC Cache or Xcache cache.
But Zend OPcache only provides PHP opcode cache and
DOESN'T do data caching, so if your web apps such as Wordpress,
Drupal or vBulletin require data caching to APC or Xcache,
it won't work with Zend OPcache.

-----------------------------------------------------------------------------------------
Do you want to use Zend OPcache [y/n] ? y

 

Updated

Code (Text):

php -v
PHP 7.1.11 (cli) (built: Oct 26 2017 21:40:20) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.1.11, Copyright (c) 1999-2017, by Zend Technologies

 

it only asks if centmin.sh detects that php-fpm.conf contents differs from default template i.e. if you modified it from default otherwise skips asking

 

will have to look into that.. did you run centmin.sh from /usr/local/src/centminmod or just type centmin shortcut command to bring up centmin.sh menu ? the later method might not pick up the correct directory to compare with default template

if you run centmin.sh from /usr/local/src/centminmod i.e. via cmdir shortcut to change into /usr/local/src/centminmod first

Code (Text):

cmdir
./centmin.sh

it should pick up the template

other reason is if you set in persistent config with PHP_OVERWRITECONF='n' it defaults to yes

Code (Text):

PHP_OVERWRITECONF='y'       # whether to show the php upgrade prompt to overwrite php-fpm.conf

 

Will look into it a bit later. Kind of busy right now and haven't slept in 15hrs heh

 

i see the issue the current check is for php.conf include file not php-fpm.conf config file which is originally intended check as only ever want to overwrite php.conf and leave php-fpm.conf alone as users may have customised their php-fpm.conf settings

 

maybe something for a bit later when I have time

1. there is a bug in the text it should prompt to overwrite php.conf not php-fpm.conf
2. it's actually harder to detect changes in php-fpm.conf as it maybe dynamically tuned after initial install, so you don't have a set default template to compare to

 

if you always answer no for prompt, then just set in persistent config file /etc/centminmod/custom_config.inc

Code (Text):

PHP_OVERWRITECONF='n'

that's what the persistent config file is for

 

see discussion at Sysadmin - What SFTP/FTP and SSH client apps do you use ? with right ssh client you can run one command to update many open ssh sessions

I use securecrt and can update 20-30 centmin mod servers per ssh window with multiple ssh windows with just a single command(s). So 4 ssh windows of 30 ssh sessions = 120 servers