Security Updates for PHP on Elastic Beanstalk

0

Hello

Following up on my post on the archived forums, we still have outdated PHP versions on Elastic Beanstalk: https://forums.aws.amazon.com/thread.jspa?threadID=347958&tstart=0

Currently we're sitting at version 7.4.21 while version 7.4.27 is the newest as of this post. Of these 6 updates (which date back to July 1 2021; more than 6 months!), 4 of them are security related according to the php.net release log.

I cannot comprehend how it can take you guys so long to get these versions updated. With the resources you presumably have at your disposal, it makes no sense to be so far behind on updates for a platform you support.

Please take a look at this. Every security problem that's publicly documented and patched, but not applied to production instances, serves as an attack vector that can be utilized by anyone.

Note that the outdated version issue also applies to PHP 8, we just happen to use 7.4.

If you don't plan on improving this, at least explain why.

nickdnk
質問済み 2年前230ビュー
1回答
0

Nobody cares about this? Come on, guys.

nickdnk
回答済み 2年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ