UNIX for Advanced & Expert Users

Hi,

Anyone can help on applying patch "PHP Vulnerability: CVE-2015-4601" on Centos 6.8 platform.

How can I install this patch in command line using "yum" or "rpm"? Do I need to download or there is a direct command.

Thanks in advance.

Ragards,
FSPalero

According to Redhat's knowledgebase, this should be fixed in php-5.3.3-46 or later.

Check your installed version with

Code:

# rpm -q php
php-5.3.3-48.el6_8.i686

If the installed version is too low, run

Code:

# yum update "php*"

After that you should restart your webserver to load the new PHP module.

Hi Hergp,

I try the command you given to me on this step;

Code:

sysadmin@app [~]# rpm -q php
package php is not installed

sysadmin@app [~]# php -version
PHP 5.5.37 (cli) (built: Jul 25 2016 19:19:08)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies

Regards,
Ferdie

Moderator's Comments:

Please use CODE tags as required by forum rules!

This output shows, that php was not installed using a package manager on your system. Someone compiled and installed php from source. Therefore there is no way to update your installation using yum or rpm.

You have to download, configure, compile and install php again from source. Version 5.6.7 or higher is required to fix this vulnerability.

Another possibility is to delete the manually installed php version and reinstall a current version from a third party yum repository like remi (Remi's RPM repository) or webtatic (Webtatic.com). You have to check first, if the manual install was done for a special reason which can not be covered by the standard rpm packages.

Hi Hergp,

Great! Many thanks for the help.

Regards,
FSPalero