[CentOS-devel] RPMS and REPOS and REPO-Linkages

Sun Nov 19 02:23:38 UTC 2006
Karanbir Singh <mail-lists at karan.org>

Hi Greg,

Greg Swallow wrote:
> My only concern with php-5.1.6 in centosplus is that RHEL5-beta1 is
> currently using 5.1.4.  Sure it's just beta1 and it may change, but if
> it doesn't that will make for a slightly trickier upgrade for some
> people at some point in the future.  For example the RHWAS php rpm is
> newer than the RHEL5-beta1 rpm but has a lower version# (5.1.4-1 vs
> 5.1.4-8).  I am sure that is intentional so an upgrade to RHEL5 upgrades
> php.

There is a php-5.1.6 in el5b2...

also, the decision was made within CentOS to move to 5.1.6 over 5.1.4, 
mainly due to the fact that the 5.1.4 we had access to has known 
security issues. And I know lots of people have concerns about leaving 
vulnerable packages out there. We did do some testing internally to 
ensure the 5.1.6 published on dev. didnt break anything ( within reason ).

once/if rhwas is published, we will definitely look into sync'ing the 
setup with what we can provide ( might mean an ugly (Epoc)++, but if its 
required, then so be it ). For the time being, we need to make the best 
decision, based on what we have available to and what the users of the 
repo are already using. 5.1.6 seemed to be the best fit.

Hope this clears up the situation a bit.

- KB
-- 
Karanbir Singh : http://www.karan.org/ : 2522219 at icq