Welcome to Centmin Mod Community
Register Now

Security PHP 8.1.30, 8.2.24, 8.3.12 Security Updates & Backported Fixes For PHP 5.6, 7.0-7.4, 8.0

Discussion in 'Centmin Mod News' started by eva2000, Sep 27, 2024.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    53,531
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    10:51 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    PHP has released security & bug fix updates specifically for PHP 8.1.30, 8.2.24 and 8.3.12 (cve-2024-4577, cve-2024-8925, cve-2024-8926, cve-2024-8927 and cve-2024-9026). Centmin Mod has backported relevant security fixes for EOL PHP 5.6/7.0/7.1/7.2/7.3/7.4/8.0 versions. For Centmin Mod 131.00stable and 140.00beta01, you can update to those versions if you haven't already. And if you're already on Centmin Mod 131.00stable or 140.00beta01, you can pull this latest update to your server via cmupdate command.

    FYI, AlmaLinux/Rocky Linux 8 supports minimum PHP 7.2 version while AlmaLinux/Rocky Linux 9 supports minimum PHP 7.4 version so you wouldn't be able to use PHP versions <=7.1. Only EOL CentOS 7 will be able to use PHP 5.6, 7.0 and 7.1.

    Ensure that you run cmupdate command to update your Centmin Mod local server code BEFORE you run the centmin.sh menu option 5 to update their PHP versions.

    PHP Releases


    • PHP 8.3.12 - is latest newest PHP 8.3 minor version
    • PHP 8.2.24 - latest newest PHP 8.2 minor version
    • PHP 8.1.30 - latest newest PHP 8.1 minor version. Centmin Mod tests at PHP 8.1.0 vs 8.0.13 vs 7.4.26 vs 7.3.33 vs 7.2.34 Benchmarks
    • PHP 8.0.30 - last release in PHP 8.0 branch which is now end of life - no more bug fixes or security updates.
    • PHP 7.4.33 - last release in PHP 7.3 branch which is now end of life - no more bug fixes or security updates. See PHP 7.4 End Of Life November 2022. If you're still using PHP 7.4.33, run cmupdate and re-run centmin.sh menu option 5 to recompile PHP 7.4.33 with backported security patch fixes.
    • PHP 7.2.34 - last release in PHP 7.2 branch which is now end of life - no more bug fixes or security updates. If you're still using PHP 7.2.34, run cmupdate and re-run centmin.sh menu option 5 to recompile PHP 7.2.34 with backported security patch fixes.
    • PHP 7.1.33 - last release in PHP 7.1 branch which is now end of life - no more bug fix or security updates. If you're still using PHP 7.1.33, run cmupdate and re-run centmin.sh menu option 5 to recompile PHP 7.1.33 with backported security patch fixes. Not applicable for AlmaLinux/Rocky Linux 8/9.
    • PHP 7.0.33 - last release in PHP 7.0 branch which is now end of life - no more bug fix or security updates. If you're still using PHP 7.0.33, run cmupdate and re-run centmin.sh menu option 5 to recompile PHP 7.0.33 with backported security patch fixes. Not applicable for AlmaLinux/Rocky Linux 8/9.
    • PHP 5.6.40 - last release in PHP 5.6 branch which is now end of life - no more bug fix or security updates. If you're still using PHP 5.6.40, run cmupdate and re-run centmin.sh menu option 5 to recompile PHP 5.6.40 with backported security patch fixes. Not applicable for AlmaLinux/Rocky Linux 8/9.
    • PHP 8.0.30, 7.4.33, 7.3.33, 7.2.34, 7.1.33, 7.0.33 & 5.6.40 are EOL as security and maintenance updates have ended. However, I have backported PHP 8.1+ security fixes to PHP 5.6, 7.0, 7.1, 7.2, 7.3, 7.4 and 8.0 branches for Centmin Mod 131.00stable/140.00beta01 and newer branches.

    PHP Change logs for



    Updating PHP On Centmin Mod LEMP Stacks


    • If you're on Centmin Mod 130.00beta01 or older and want PHP 7.1, 7.2, 7.3, 7.4, 8.0, or 8.1 support, you will need to update your server from Centmin Mod 130.00beta01 to either 131.00stable and 140.00beta01 first. If you want PHP 8.2/8.3 support only Centmin Mod 131.00stable and 140.00beta01 or newer will support those versions.
      Code (Text):
      --------------------------------------------------------
             Centmin Mod Updater Sub-Menu           
      --------------------------------------------------------
      1). Setup Centmin Mod Github Environment
      2). Update Centmin Mod Current Branch
      3). Update Centmin Mod Newer Branch
      4). Exit
      --------------------------------------------------------
      Enter option [ 1 - 4 ] 3
      --------------------------------------------------------
      
    • For Centmin Mod 131.00stable or 140.00beta01 and newer, first update to latest version code via SSH command = cmupdate (same equivalent to centmin.sh menu option 23 submenu option 2 method). Then run centmin.sh menu option 5 to update to either PHP versions 8.3.12, 8.2.24, 8.1.30, 8.0.30 or 7.4.33 .
    • If you are on older Centmin Mod versions and concerned about losing customisations when you upgrade to Centmin Mod 131.00stable or 140.00beta01, read this guide on how to upgrade and keep most of your customisations at How to upgrade Centmin Mod + backing up customisations.

    Centmin Mod 140.00beta01 PHP Update Example


    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 140.00beta01 centminmod.com  
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  MySQL User Database Management
    7).  Persistent Config File Management
    8).  Option Being Revised (TBA)
    9).  Option Being Revised (TBA)
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 5
    


    Example cmupdate command output of Centmin Mod 140.00beta01 pulled updates before centmin.sh menu optio 5 run.

    Code (Text):
    cmupdate
    Saved working directory and index state WIP on 140.00beta01: 37c83d5 prep for arm64 / aarch64 cpu detection in 140.00beta01
    remote: Enumerating objects: 84, done.
    remote: Counting objects: 100% (84/84), done.
    remote: Compressing objects: 100% (8/8), done.
    remote: Total 65 (delta 57), reused 64 (delta 57), pack-reused 0 (from 0)
    Unpacking objects: 100% (65/65), 21.46 KiB | 448.00 KiB/s, done.
    From https://github.com/centminmod/centminmod
       37c83d5..a98a7ed  140.00beta01 -> origin/140.00beta01
    Updating 37c83d5..a98a7ed
    Fast-forward
     addons/opendkim.sh                      | 482 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------------------------------
     centmin-cli.sh                          |   2 +-
     centmin.sh                              |   2 +-
     inc/php_patch.inc                       |  39 ++++++++++++++---
     installer-edge.sh                       |   6 +--
     installer-latest.sh                     |   6 +--
     installer-modsecurity.sh                |   2 +-
     installer.sh                            |   2 +-
     installer81-gitlab.sh                   |   2 +-
     installer81.sh                          |   6 +--
     installer82-gitlab.sh                   |   2 +-
     installer82.sh                          |   8 ++--
     installer83.sh                          |   6 +--
     installer84.sh                          |  12 +++---
     patches/php/php5640-cve-2024-8925.patch | 245 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php5640-cve-2024-8926.patch | 230 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php5640-cve-2024-8927.patch | 104 ++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7033-cve-2024-8925.patch | 242 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7033-cve-2024-8926.patch | 206 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7033-cve-2024-8927.patch | 102 +++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7133-cve-2024-8925.patch | 239 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7133-cve-2024-8926.patch | 205 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7133-cve-2024-8927.patch | 100 ++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7234-cve-2024-8925.patch | 236 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7234-cve-2024-8926.patch | 204 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7234-cve-2024-8927.patch |  98 +++++++++++++++++++++++++++++++++++++++++
     patches/php/php7331-cve-2024-8925.patch | 233 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7331-cve-2024-8926.patch | 203 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php7331-cve-2024-8927.patch |  96 +++++++++++++++++++++++++++++++++++++++++
     patches/php/php742-cve-2024-8925.patch  | 227 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php742-cve-2024-8926.patch  | 210 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php742-cve-2024-8927.patch  |  57 ++++++++++++++++++++++++
     patches/php/php742-cve-2024-9026.patch  | 245 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php80-cve-2024-8925.patch   | 188 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php80-cve-2024-8926.patch   | 209 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     patches/php/php80-cve-2024-8927.patch   |  56 ++++++++++++++++++++++++
     patches/php/php80-cve-2024-9026.patch   | 177 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
     37 files changed, 4446 insertions(+), 243 deletions(-)
     create mode 100644 patches/php/php5640-cve-2024-8925.patch
     create mode 100644 patches/php/php5640-cve-2024-8926.patch
     create mode 100644 patches/php/php5640-cve-2024-8927.patch
     create mode 100644 patches/php/php7033-cve-2024-8925.patch
     create mode 100644 patches/php/php7033-cve-2024-8926.patch
     create mode 100644 patches/php/php7033-cve-2024-8927.patch
     create mode 100644 patches/php/php7133-cve-2024-8925.patch
     create mode 100644 patches/php/php7133-cve-2024-8926.patch
     create mode 100644 patches/php/php7133-cve-2024-8927.patch
     create mode 100644 patches/php/php7234-cve-2024-8925.patch
     create mode 100644 patches/php/php7234-cve-2024-8926.patch
     create mode 100644 patches/php/php7234-cve-2024-8927.patch
     create mode 100644 patches/php/php7331-cve-2024-8925.patch
     create mode 100644 patches/php/php7331-cve-2024-8926.patch
     create mode 100644 patches/php/php7331-cve-2024-8927.patch
     create mode 100644 patches/php/php742-cve-2024-8925.patch
     create mode 100644 patches/php/php742-cve-2024-8926.patch
     create mode 100644 patches/php/php742-cve-2024-8927.patch
     create mode 100644 patches/php/php742-cve-2024-9026.patch
     create mode 100644 patches/php/php80-cve-2024-8925.patch
     create mode 100644 patches/php/php80-cve-2024-8926.patch
     create mode 100644 patches/php/php80-cve-2024-8927.patch
     create mode 100644 patches/php/php80-cve-2024-9026.patch
    No local changes to save
    Already up to date.
    


    PHP-FPM Upgrade Issues



    If you have issues with PHP-FPM upgrades via Centmin Mod centmin.sh menu option 5, check your PHP upgrade logs for details https://community.centminmod.com/threads/how-to-troubleshoot-php-installs-upgrades.17857/

     
Thread Status:
Not open for further replies.