Hi community! First of all I apologize if you are not talking about this Icinga version anymore, I know is kinda old.
Now, our infosec team discovered a vulnerability (CVE-2020-11579) that is affecting our old environments.
Our Icinga version is 1.13.3 and is the only app using PHP on our server (PHP version 5.6.30).
My question is, will this version of Icinga support PHP if we upgrade it to version 7.2.16?
Thanks for your help.
Hi community! First of all I apologize if you are not talking about this
Icinga version anymore, I know is kinda old.
What’s the reason for not upgrading?
Is that the only software you’re running, on whatever this is installed
on, which is out of date/support?
Now, our infosec team discovered a vulnerability (CVE-2020-11579) that is
affecting our old environments. Our Icinga version is 1.13.3 and is the
only app using PHP on our server (PHP version 5.6.30).
I’m slightly bothered (from a security / support / maintenance perspective)
that the word “environments” is plural.
On the other hand, is your ancient Icinga1 setup exposed in any way to the
Internet, and if not, how significant are your infosec team’s findings?
A vulnerability is only a risk if someone has access to it.
My question is, will this version of Icinga support PHP if we upgrade it to
version 7.2.16?
I cannot speak for the developers, however I doubt that they have looked at
any such combination, so the only suggestion I have is to try out this upgrade
in your testing environment and see whether it causes any problems, and of
not, roll it out to production.
If you do not have a testing environment, then set up a VM somewhere, copy
your current Icinga1 setup there, check that it works as expected, upgrade
PHP, and compare.
If anyone else here can comment more specifically on your situation:
congratulations, I'm surprised and in some ways impressed.
Regards,
Antony
Thanks @Pooh for responding but I’m afraid I was already aware of the info you provided (in a somewhat rude way) and didn’t really answered my simple question 
As mentioned in the description, I just need to know if PHP version 7.2.16 is compatible with Icinga 1.13.3.
Thanks,
Kevin
Hi Kevin,
Unfortunately, I’m not sure anyone will be able to answer this for you - Icinga Classic UI was deprecated in 2017 and has been EOL since late 2018 - additionally Icinga 1 has been EOL since 31-12-2018.
There are a few breaking changes between PHP 5.6 and 7.2, so it’s possible it will still work, but it’s likely all PHP versions released since 2018 will have some compatibility problems - see PHP: Migrating from PHP 5.6.x to PHP 7.0.x - Manual
PHP 7.2.x is also EOL since the beginning of this year (see PHP: Supported Versions) and is no longer receiving security updates.
HI @0xliam, that’s good info, thanks for the help! I’ll take a look at those links tomorrow morning!
Best regards,
Kevin