Looking through my Daily Security Run Output, and trying to make sense of it all...
The parts that are troubling me are 2 fold.
First, when it checks for package vulnerabilities:
Not really sure what to do about these, or if these are even worth fussing over?
I know what phpbb3 and mysql56 are, but I'm not sure what libxml2 is or even if it was installed as a dependency like mysql56 was when I installed nextcloud. I'm not keen on updating any of these seeing as how I'm new to dumping and importing databases and last time I hose my installs...
But these next ones are what really bothering me, as I am totally lost as to what caused them or what to do about it. A little insight would really help me.
These go on for about 3000 or so lines comprising of all manner of files in packages nextcloud, opencart, but MOSTLY phpbb3.
I imagine that installing the 12 or so extensions in phpbb3 might have something to do with those, but I just don't know enough about what I'm being told to say with any confidence.
I understand (sorta) what an MD5 checksum is and how it's used. But, as far as I know they are used to ensure that a file you transferred remained intact during the transmission. So what does that have to do with anything once you've actually installed the package?! And further more, how do I stop receiving Tom Clancy novels in my emails every morning telling me about how the checksums don't match?
The parts that are troubling me are 2 fold.
First, when it checks for package vulnerabilities:
Code:
Checking for packages with security vulnerabilities:
libxml2-2.9.4
phpbb3-3.2.1
mysql56-server-5.6.38
Not really sure what to do about these, or if these are even worth fussing over?
I know what phpbb3 and mysql56 are, but I'm not sure what libxml2 is or even if it was installed as a dependency like mysql56 was when I installed nextcloud. I'm not keen on updating any of these seeing as how I'm new to dumping and importing databases and last time I hose my installs...
But these next ones are what really bothering me, as I am totally lost as to what caused them or what to do about it. A little insight would really help me.
Code:
Checking for packages with mismatched checksums:
nextcloud-12.0.2: /usr/local/www/nextcloud/.htaccess
nextcloud-12.0.2: /usr/local/www/nextcloud/.user.ini
opencart-2.3.0.2: /usr/local/www/opencart/admin/config.php
opencart-2.3.0.2: /usr/local/www/opencart/config.php
opencart-2.3.0.2: missing file /usr/local/www/opencart/install/cli_install.php
opencart-2.3.0.2: missing file /usr/local/www/opencart/install/controller/3rd_party/extension.php
opencart-2.3.0.2: missing file /usr/local/www/opencart/install/controller/3rd_party/maxmind.php
...
...
These go on for about 3000 or so lines comprising of all manner of files in packages nextcloud, opencart, but MOSTLY phpbb3.
I imagine that installing the 12 or so extensions in phpbb3 might have something to do with those, but I just don't know enough about what I'm being told to say with any confidence.
I understand (sorta) what an MD5 checksum is and how it's used. But, as far as I know they are used to ensure that a file you transferred remained intact during the transmission. So what does that have to do with anything once you've actually installed the package?! And further more, how do I stop receiving Tom Clancy novels in my emails every morning telling me about how the checksums don't match?