Hi all,
My goal is to have PHP 5.2.x on a centos virtual machine (LXC) Looking at the repositories: - 6.2 has php 5.3: ftp://ftp.free.fr/mirrors/ftp.centos.org/6.2/updates/i386/drpms/ - 5.7 has php 5.1 ftp://ftp.free.fr/mirrors/ftp.centos.org/5.7/updates/i386/RPMS/
I'll have to rebuild a source RPM in order to have what I want: - Which base should I install for a php 5.2 VM? 6.2 or 5.7? - Which release of CentOS had a php 5.2 source rpm that I could just rebuild without too much extra patching?
Thank you all.
Side note: For legacy projects, I'll also have to have a php 4, but there, no problem: ftp://ftp.free.fr/mirrors/ftp.centos.org/4.9/updates/i386/RPMS/ has a php 4.3.9, so, no problem. The machines are simply development machines, on the LAN, in order to keep (very) old projects running if we ever have to get back on them. These are not for public or production use.
Hi,
On Thu, Feb 9, 2012 at 7:33 AM, Mihamina Rakotomandimby mihamina@rktmb.org wrote:
I'll have to rebuild a source RPM in order to have what I want:
- Which base should I install for a php 5.2 VM? 6.2 or 5.7?
- Which release of CentOS had a php 5.2 source rpm that I could just
rebuild without too much extra patching?
There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
http://dev.centos.org/centos/5/testing/SRPMS/
So I would go with CentOS 5.7 and use that as the base. Those RPMs might even provide you what you need without the need to recompile your own?
Best, Peter
On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
Hi,
There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
This should be avoided at all costs. Those packages have not been updated for ever and as a result have multiple known critical vulnerabilities. Additionally, as has been pointed out repeatedly, these packages must be removed; the project is effectively pushing known vulnerable packages.
Use the IUS repository and the php-5.2.17 packages they supply. IUS is known and vetted and they have a commercial stake in the stability and integrity of the packages in that repo as they are what RackSpace makes available to their own paying customers.
Please see http://wiki.centos.org/AdditionalResources/Repositories for more information and a link to the IUS repo.
John
Hi,
On Thu, Feb 9, 2012 at 12:16 PM, John R. Dennison jrd@gerdesas.com wrote:
This should be avoided at all costs. Those packages have not been updated for ever and as a result have multiple known critical vulnerabilities. Additionally, as has been pointed out repeatedly, these packages must be removed; the project is effectively pushing known vulnerable packages.
Thank you John for pointing this out! I just googled for PHP 5.2 SRPM and as it was an official CentOS 5 repositry that provided the package I thought it was maintained security wise. Of course the word "testing" should have rang a bell...
Best, Peter
On 02/09/2012 01:16 PM, John R. Dennison wrote:
On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
There is a PHP 5.2 RPM for CentoOS5 in the testing repo: http://dev.centos.org/centos/5/testing/SRPMS/
Use the IUS repository and the php-5.2.17 packages they supply [...] Please see http://wiki.centos.org/AdditionalResources/Repositories for more information and a link to the IUS repo.
Thank you very much.
On 02/09/2012 04:16 AM, John R. Dennison wrote:
On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
Hi,
There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
This should be avoided at all costs. Those packages have not been updated for ever and as a result have multiple known critical vulnerabilities. Additionally, as has been pointed out repeatedly, these packages must be removed; the project is effectively pushing known vulnerable packages.
Use the IUS repository and the php-5.2.17 packages they supply. IUS is known and vetted and they have a commercial stake in the stability and integrity of the packages in that repo as they are what RackSpace makes available to their own paying customers.
Please see http://wiki.centos.org/AdditionalResources/Repositories for more information and a link to the IUS repo.
For the record, those 5.2.10 php files are the latest released from here:
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/
Those are from the Red Hat Web Application Stack for EL5. It gets errata here:
https://rhn.redhat.com/errata/rhel-appstk-5-errata.html
As to whether or not you should use them, that is ... of course ... up to you. It is the latest released, by upstream.
Le jeudi 09 février 2012 à 15:01 -0600, Johnny Hughes a écrit :
On 02/09/2012 04:16 AM, John R. Dennison wrote:
On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
Hi,
There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
This should be avoided at all costs. Those packages have not been updated for ever and as a result have multiple known critical vulnerabilities. Additionally, as has been pointed out repeatedly, these packages must be removed; the project is effectively pushing known vulnerable packages.
Use the IUS repository and the php-5.2.17 packages they supply. IUS is known and vetted and they have a commercial stake in the stability and integrity of the packages in that repo as they are what RackSpace makes available to their own paying customers.
Please see http://wiki.centos.org/AdditionalResources/Repositories for more information and a link to the IUS repo.
For the record, those 5.2.10 php files are the latest released from here:
ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/
Those are from the Red Hat Web Application Stack for EL5. It gets errata here:
https://rhn.redhat.com/errata/rhel-appstk-5-errata.html
As to whether or not you should use them, that is ... of course ... up to you. It is the latest released, by upstream.
i build php rpm and other source in the style centos php53 with package ius http://ns.fakessh.eu/rpms
-
fakessh @ -
John R. Dennison -
Johnny Hughes -
Mihamina Rakotomandimby -
Peter Peltonen