Unsupported PHP Version

DOWNLOAD THE LATEST FIRMWARE HERE
peter.fowler
Member
 
Posts: 13
Joined: Thu Sep 03, 2020 6:22 pm
Has thanked: 0 time
Been thanked: 1 time

Unsupported PHP Version

Sun Mar 28, 2021 9:48 pm

Hi,
We are are using multiple WS-26-400-IDC switches (firmware version 1.5.6) to monitor some PoE cameras at some of our special buildings and we are getting notified by our vulnerability management software (Tenable) that our version of PHP is no longer supported and is at risk of multiple vulnerabilities (we are running version 5.2.6 and the supported versions are 7.3.x, 7.4.x or 8.0.x). Is there going to be a firmware update that will fix this PHP version in the future?

User avatar
Dave
Employee
Employee
 
Posts: 726
Joined: Tue Apr 08, 2014 6:28 pm
Has thanked: 1 time
Been thanked: 158 times

Re: Unsupported PHP Version

Sun Mar 28, 2021 10:21 pm

Stephen will comment on this tomorrow for you..

User avatar
Stephen
Employee
Employee
 
Posts: 1061
Joined: Sun Dec 24, 2017 8:56 pm
Has thanked: 90 times
Been thanked: 192 times

Re: Unsupported PHP Version

Mon Mar 29, 2021 1:30 pm

Actually, we are investigating the option for upgrading several components of the switch now, including PHP

User avatar
JustJoe
Experienced Member
 
Posts: 266
Joined: Sat Aug 02, 2014 11:33 pm
Has thanked: 94 times
Been thanked: 59 times

Re: Unsupported PHP Version

Tue Mar 30, 2021 4:04 pm

It's been a long time since the release of a "final" version/release, with lots of good bug-fix work being done. :thumbsup:

New versions of underlying support code will ALWAYS bring some new unexpected incompatibility quirks :ak:
... That's just the way software works.

Might it not be wise to release a "final" version of current bug fixes BEFORE opening the Pandora's box of new support code, so the fixes are accessible to those who otherwise are running stable networks??

Then plan to quickly release another final version that only adds that new support code for those that like living life on the bleeding edge?

User avatar
Stephen
Employee
Employee
 
Posts: 1061
Joined: Sun Dec 24, 2017 8:56 pm
Has thanked: 90 times
Been thanked: 192 times

Re: Unsupported PHP Version

Tue Mar 30, 2021 5:10 pm

Hey JustJoe,

I don't have a problem with that. Only reason I hadn't was because I had already promised to include the TLS updates in the 1.5.7 release.
However, there are several large updates involved in that. So if everyone is more comfortable with 1.5.7 coming out with the updates that already exist in 1.5.7rcX then that is fine with us.

It will be out either later today or tomorrow.

User avatar
JustJoe
Experienced Member
 
Posts: 266
Joined: Sat Aug 02, 2014 11:33 pm
Has thanked: 94 times
Been thanked: 59 times

Re: Unsupported PHP Version

Tue Mar 30, 2021 5:50 pm

Stephen wrote:Hey JustJoe,

I don't have a problem with that. Only reason I hadn't was because I had already promised to include the TLS updates in the 1.5.7 release.
However, there are several large updates involved in that. So if everyone is more comfortable with 1.5.7 coming out with the updates that already exist in 1.5.7rcX then that is fine with us.

It will be out either later today or tomorrow.


Works for meeee! Pirate6
I think the folks needing the newer support libraries to meet their requirements and knowing you are working toward meeting their needs will also understand and appreciate the release "dividing line".

And thanks Stephen for always listening and being responsive. :)

peter.fowler
Member
 
Posts: 13
Joined: Thu Sep 03, 2020 6:22 pm
Has thanked: 0 time
Been thanked: 1 time

Re: Unsupported PHP Version

Mon Aug 09, 2021 11:38 pm

Hi team, is there any update on the when this PHP version will be upgraded to a supported version? Also is there a roadmap regarding the date of each stable release?

User avatar
Stephen
Employee
Employee
 
Posts: 1061
Joined: Sun Dec 24, 2017 8:56 pm
Has thanked: 90 times
Been thanked: 192 times

Re: Unsupported PHP Version

Mon Aug 16, 2021 10:43 am

Some things have come up with the WS3 that I have been trying to fix, but the PHP upgrade is my next major task for the WS series. A couple other feature requests and bugs have cropped up in the mean time as well so I am debating currently which I will tackle first. The major things I want to tackle with the next major release is the Dropbear upgrade (done), PHP upgrade (in progress) and TLS upgrade (in progress)

peter.fowler
Member
 
Posts: 13
Joined: Thu Sep 03, 2020 6:22 pm
Has thanked: 0 time
Been thanked: 1 time

Re: Unsupported PHP Version

Sun Jan 30, 2022 4:16 pm

Thanks for the update and sorry for not replying sooner but do you have an approximate ETA for these features as part of stabilizing 1.5.9 to production. My manager and our security manager are keen to know what the next steps will be including a roadmap for this (FYI, all our WS-26-400-IDC switches are now on the 1.5.8 production release build)

peter.fowler
Member
 
Posts: 13
Joined: Thu Sep 03, 2020 6:22 pm
Has thanked: 0 time
Been thanked: 1 time

Re: Unsupported PHP Version

Mon Apr 04, 2022 6:34 pm

Version 1.5.12 fixed a critical vulnerability (the Dropbear version) but do you have an approximate ETA for when the PHP component will be fixed as Tenable.io still says it's unsupported with version 5.2.6 detected and the current supported version of PHP is 8.x?

Next
Return to Hardware and software issues

Who is online

Users browsing this forum: No registered users and 25 guests