On 03/05/2010 01:08 PM, Johann wrote:
I have installed PHP 5.2.10 from the testing repo on 2 servers. One is a backup webserver that runs 4 Drupal sites. No issues with any of them so far, and I plan on upgrading the production server this coming weekend. The other is our mail server. It was the catalyst to try the upgrade, as our CEO insisted on getting Roundcube installed and it will not install with any version <5.2.
The 5.2 series has released 5.2.13 and the following security issues were fixed in 5.2.13. * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) * Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak. (Ilia) * Improved LCG entropy. (Rasmus, Samy Kamkar)
There are a two or three repo's with 5.2. I wonder if CentOS overhead should be conserved or allocated elsewhere (not an advocate, just a question).