Nginx 1.14 upgrade to higher version

Discussion in 'ISPConfig 3 Priority Support' started by molahs, Sep 8, 2020.

  1. molahs

    molahs Member HowtoForge Supporter

    Hi,
    It seems there are some medium vulnerabilities for nginx version 1.14 which is installed from the vmware image of ispconfig.
    Should there be any concerns? What will be the best next version to upgrade to and is ISPConfig compatible with later versions?

    Thanks
     
  2. Th0m

    Th0m ISPConfig Developer ISPConfig Developer

    I don't use nginx, but as far as I know there should be no compatibility issues.

    The vmware images are made at the time of writing the tutorial and therefore not everything is up to date.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    It is very likely that there are no vulnerabilities. The Nginx package is the one from the Linux Distribution and Linux distributions patch their packages without increasing version numbers, so you can't compare version numbers from vulnerability reports that you find on the internet with the version number that nginx -v shows on your system as you don't see in that way that the vulnerabilities on your system are already patched. If you want to know in details whats got fixed, then you'll have to look up the package history in the package archive of the used Linux distribution.

    No. Just take care to install the available package updates for the Linux distribution that you use regularly. Regarding VMWare images, just run:

    apt-get update
    apt-get upgrade

    on debian and Ubuntu VM's and your system is up to date.
     
  4. molahs

    molahs Member HowtoForge Supporter

    As always, Till to the rescue. Thanks for a comprehensive response. :)
     

Share This Page