[CentOS] PHP 5.2.5 when ?
Joshua Baker-LePain
jlb17 at duke.edu
Sun Jan 13 19:25:36 UTC 2008
On Sun, 13 Jan 2008 at 8:03am, Mark Weaver wrote
> On Fri, 11 Jan 2008 04:05:56 -0600
> Johnny Hughes <johnny at centos.org> wrote:
>> ummm ... the answer is probably never.
>>
>> Red Hat offers a RHWAS ... that has a php5 for EL4. The version of
>> php in there (and in our CentOSPlus repo) is php-5.1.6 ... it might
>> go higher than that, but I doubt it will go to 5.2.x. If it does go
>> there in RHWAS, it will also go there in CentOSPlus, but I would not
>> hold my breath :-D
>
> My question would be, "good god...why?" There are a ton of security
> holes in php5. From experience one of the holes I'm painfully aware of
> is php-cli which installs by default with the rest of php5.
Even an exteremely brief search of the archives of this list would turn up
tons of similar questions, and the same answer every time -- Red Hat
backports security fixes to the stable version of packages in their
Enterprise distro. That's why, e.g., for it's entire 5 year supported
life, RHEL5 will be based on kernel 2.6.18. However the base kernel will
be heavily patched for security, driver upgrades, and new hardware
support. They treat all packages (including PHP) similarly.
--
Joshua Baker-LePain
QB3 Shared Cluster Sysadmin
UCSF
More information about the CentOS
mailing list