CloudLinux OS Blog - HardenedPHP - another day, another security fix
CloudLinux OS Blog

HardenedPHP - another day, another security fix

HardenedPHP - another day, another security fix

Older versions of PHP are like swiss cheese - they are full of holes. More and more known holes appear with every passing day for PHP version 5.4 and older … holes that no one patches. This is where HardenedPHP comes in - it patches those holes so that your servers can remain secure.

On Mar 31, 2016 new versions of PHP were released. With them, a bunch of security issues were disclosed as well:

alt-php44-4.4.9-46

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php51-5.1.6-52

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php52-5.2.17-79

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php53-5.3.29-29

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php54-5.4.45-9

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71704: php_snmp_error() Format String Vulnerability

* security bug 71798: Integer Overflow in php_raw_url_encode

All those issues have been fixed by our team in HardenedPHP. So no matter which version of PHP you run, they have all been fixed.

To update run the command:

yum groupupdate alt-php

 

Mod_lsapi released to production
KernelCare supports many distributions, but does i...
 

Comments 2

Guest - Chris Maxwell on Saturday, 30 April 2016 20:02

Do the standard PHP packages issued by CloudLinux include the HardenedPHP patches/updates? For example, the package "php-5.3.3-46.el6_7.1.cloudlinux.x86_64" from the CL repo - does that benefit from HardenedPHP updates in the same way as the alt-php packages?

Do the standard PHP packages issued by CloudLinux include the HardenedPHP patches/updates? For example, the package "php-5.3.3-46.el6_7.1.cloudlinux.x86_64" from the CL repo - does that benefit from HardenedPHP updates in the same way as the alt-php packages?
WisiKlo WisiKlo on Sunday, 01 May 2016 01:07

No, only alt-php packages have all the hardened PHP fixes. php-5.3.3 tracks RHEL php package.

No, only alt-php packages have all the hardened PHP fixes. php-5.3.3 tracks RHEL php package.
Already Registered? Login Here
Guest
Sunday, 17 November 2019

Captcha Image