You can also build the packages yourself and keep abreast of the mailing list
On Sun, Jul 3, 2011 at 9:11 AM, John R. Dennison jrd@gerdesas.com wrote:
On Sun, Jul 03, 2011 at 02:29:12PM +0200, Alain Péan wrote:
So 5.1.6 is the current package on CentOS, at least in base repo, I don't know for CentOSPlus, and your question is totally valid.
The php in base, for both C4 and C5, gets updates. I've not seen an update for the C4 plus package since, well, 2008. This also brings up the question what stack this package was part of upstream; I'm not able to locate it in Redhat's mirrors.
I am not using PHP, so I am not aware of the last vulnerabilities, but you should know that RedHat backports security fixes, and features, from further releases, so the version number is not that informative. See for example this rather old thread (2010) :
They only backport for supported packages. It appears that this package may have been orphaned upstream.
Returns a 404.
John-- When there are too many policemen, there can be no liberty. When there are too many soldiers, there can be no peace. When there are too many lawyers, there can be no justice.
-- Lin Yutang (10 October 1895 - 26 March 1976), Chinese writer and translator, as quoted in Alexander, James (2005). The World's Funniest Laws. Cheam: Crombie Jardine. pp. page 6
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos