Hi,
I have php 5.4.16 php in my centos 7 machine & when I searched over internet I could see it is effected by some vulenrabilities. So I wanted to upgrade my PHP to 5.6.x, but did not find procedure for it.
When I tried yum upgrade php, it says "no packages marked for update"
Can you please give me some pointers so that I can continue.
On Tue, Apr 28, 2015 at 2:11 AM, Johnny Hughes johnny@centos.org wrote:
On 04/27/2015 04:09 AM, Venkateswara Rao Dokku wrote:
Thanks for the replies. The tool that we used for testing the security vulnerability is "Nessus".
I have glibc version 2.17-78.el7, I saw that CVE-2015-0235 (Ghost) is
fixed
in this version and I want to apply patch for the vulnerbailities CVE-2015-1472 & CVE-2015-1473. Can you please help me in finding the
right
version that has fixes for these?
Thanks
I don't know how Nessus works, BUT it seems you need to load all the CentOS Plugins to get it to understand the checks:
http://www.tenable.com/plugins/index.php?view=all&family=CentOS+Local+Se...
I have NO IDEA if those are correct or how up2date they are, etc. But if you are not loading them, you have no chance of it understanding the backporting that redhat does.
On Sat, Apr 25, 2015 at 1:05 AM, m.roth@5-cent.us wrote:
John R Pierce wrote:
On 4/24/2015 12:14 PM, Alexander Dalloz wrote:
Am 24.04.2015 um 11:21 schrieb Venkateswara Rao Dokku:
I was using CentOS 7 and when I ran some custom commercial security scan on my machine, I found about 122 vulnerabilities.
That's why those scans are wasted money. From a security management point of view they neither help you nor your manager.
I call it 'security by bullet list'
I would be more interested if the OP had mentioned *what* "custom commercial security scan" tool they'd used.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos