Blog

We recently came to know about PHP-FPM Vulnerability (CVE-2019-11043) issue which may impact ASTPP setups. The latest version of ASTPP runs on PHP 7.3.9 Version and we strongly advise you to upgrade it to PHP 7.3.11.

Vulnerability case:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043

PHP Changelog for version 7.3.11:
https://www.php.net/ChangeLog-7.php#7.3.11

Steps to upgrade PHP to 7.3.11 Version:

For Centos

yum update php

For Debian

apt-get install php7.3 php7.3-fpm

If you are using Enterprise Edition with support contract, then we have already started the upgrade process on your server. You may contact our support team in case of any questions.

Reference:

https://bugs.php.net/bug.php?id=78599

https://officialhacker.com/nginx-php-hacking/

https://www.nginx.com/blog/php-fpm-cve-2019-11043-vulnerability-nginx/