<html><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><META name="Author" content="Novell GroupWise WebAccess"><style type="text/css">
body p
{
margin: 0px;
}
</style></head><body style='font-family: Helvetica, Arial, sans-serif; font-size: 13px; '><div id="GroupWiseSection_1439434736000_bbecken@aafp.org_EA3C0C0009BE000093F4710063009C00_" class="GroupWiseMessageBody"><div>HI Kris, </div><div>I've not looked at the Remi repos. I'll check into that. thanks for the tip.</div><br><div>Regarding the PCI, we're in the early stages of the PCI compliance and until the scope is sufficiently narrowed, I've been told everything is "in scope". Hence I also have to scan the zendto system until the scope is narrowed. I've forwarded the exact issues offline to Julian for his review.</div><br><div>The Zendto system has been a great asset for us and I'm happy to contribute the findings for review.</div><br><div>-Brad </div><span> </span><span class="GroupwiseReplyHeader"><br><br>>>> Kris Lou <klou@themusiclink.net> 08/12/15 2:49 PM >>><br></span><div dir="ltr">Easiest way is to lookup and hook into the Remi repos for the more updated PHP (and others). <a href="http://blog.remirepo.net/pages/English-site-introduction">http://blog.remirepo.net/pages/English-site-introduction</a><br><div>More difficult is to use the CentOS Software Collections for PHP 5.4. <a href="http://wiki.centos.org/AdditionalResources/Repositories/SCL">http://wiki.centos.org/AdditionalResources/Repositories/SCL</a> </div><br><div>Regarding PCI, is this machine part of the scope?</div><br><div>-Kris</div></div><div class="gmail_extra"><br><div><div class="gmail_signature"><br>Kris Lou<br><a href="klou@themusiclink.net">klou@themusiclink.net</a></div></div> <br><div class="gmail_quote">On Wed, Aug 12, 2015 at 11:56 AM, Brad Beckenhauer <span><<a href="mailto:bbecken@aafp.org">bbecken@aafp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0 0 0 0.8ex;border-left: 1.0px rgb(204,204,204) solid;padding-left: 1.0ex;"> <div style="font:10pt/normal Segoe UI;font-size-adjust:none;font-stretch:normal"><div><div>Running zendto-4.12-5.noarch on CentOS 6.7 Final.</div><div> </div><div>I was looking at the <a href="http://zend.to/downloads.php">http://zend.to/downloads.php</a> webpage.</div><div> </div><div>The status for the CentOS virtual machine is "Not yet updated".</div><div> </div><div>Is there a timeline on when the new version will be released and will it be CentOS version 6 or 7.</div><div>Any migration process to move stats and data to the new system?</div><div> </div><div>I ran a PCI DSS compliance check against one of my test systems and they:</div><div>a) want php version 5.3.22 or 5.4.13</div><div>b) recommend setting "expose_php = Off" in php.ini </div><div> </div><div>Does anyone have a script/process to upgrade php on CentOS 6.7 they would care to share?</div><div> </div><div>Julian, I'll send you the other vulnerabilities discovered by the PCI scan off line.</div><div> </div><div>thanks</div><span class="HOEnZb"><font color="#888888"><div>Brad</div><div> </div><div> </div></font></span></div></div> <br>_______________________________________________<br> ZendTo mailing list<br> <a href="mailto:ZendTo@zend.to">ZendTo@zend.to</a><br> <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto">http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto</a><br></blockquote></div><br></div> </div></body></html>