I was recently notified that my installation of php is vulnerable and needs updating. I am running SLES 12 SP5 and using php-7.2.5. I wanted to update to a newer version but the repositories don’t have the packages needed. I also tried removing php-7.2.5 and installing php-7.4.6. But, I need the php74-memcached module which is unavailable. How can upgrade php to be in compliance with my security team?
Hi and welcome to the Forum
It depends on how your security team audit the packages, are they just looking at version numbers? If so, then they probably need to look at the CVE requirements as the fixes may have already been backported to the release in SP5. You can check via the patches tab in your SUSE Customer Center https://scc.suse.com/patches
Thank you, very much, for the comment. It turns out, from your direction, that the version of php and it’s modules are patched for the vulnerabilities identified in the scan.