zabbix 4 自带 php、httpd漏洞升级

Zabbix 自带的 PHP 5.4、apache httpd 2.4.6扫描出安全漏洞，需要进行升级。

PHP

# php -v
PHP 5.4.16 (cli) (built: Apr 12 2018 19:02:01)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies

使用remi 源 升级 PHP 7.3

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://rpms.remirepo.net/enterprise/remi-release-7.rpm
cat <<EOF> /etc/yum.repos.d/remi.repo
[remi]
name=Remi's RPM repository for Enterprise Linux 7 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/7/remi/$basearch/
#mirrorlist=https://rpms.remirepo.net/enterprise/7/remi/httpsmirror
mirrorlist=http://cdn.remirepo.net/enterprise/7/remi/mirror
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
EOF

cat <<EOF> /etc/yum.repos.d/remi-php73.repo
[remi-php73]
name=Remi's PHP 7.3 RPM repository for Enterprise Linux 7 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/7/php73/$basearch/
mirrorlist=https://rpms.remirepo.net/enterprise/7/php73/httpsmirror
mirrorlist=http://cdn.remirepo.net/enterprise/7/php73/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
EOF

yum -y upgrade php*

升级成功

# php -v
PHP 7.3.5 (cli) (built: Apr 30 2019 08:37:17) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.5, Copyright (c) 1998-2018 Zend Technologies

Apache httpd

现在的版本

[root@nfs ~]# rpm -qa|grep http
python-httplib2-0.9.2-1.el7.noarch
httpd-tools-2.4.6-89.el7.centos.x86_64
httpd-2.4.6-89.el7.centos.x86_64

升级

安装codeit 库

cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release)`.repo

升级httpd

yum update httpd

[root@nfs yum.repos.d]# httpd -v
Server version: Apache/2.4.41 (codeit)
Server built:   Aug 14 2019 15:23:26
[root@nfs yum.repos.d]# rpm -qa|grep httpd
httpd-tools-2.4.41-1.codeit.el7.x86_64
httpd-filesystem-2.4.41-1.codeit.el7.noarch
httpd-2.4.41-1.codeit.el7.x86_64