[CentOS] Re: PHP 5.2.5 when ?

Tue Jan 15 22:09:45 UTC 2008
Bart <centos at bartbaars.nl>


Johnny Hughes wrote:
> Bart wrote:
>>
>>
>> Johnny Hughes wrote:
>>> Bart wrote:
>>>> Well, life is not that black and white, luckily ;)
>>>>
>>>> Try authenticating with PHP to MySQL using certificates. That won't 
>>>> work with the current PHP release shipped with RHEL/CentOS. There's 
>>>> a bug in PHP 5.1 and it's fixed in 5.2. Since this is not a 
>>>> security bug, but just missing (of wrongly implemented) 
>>>> functionality, it's probably not going to be back ported.
>>>>
>>>> Since certificates (and PKI) are a pretty hot item these days, an 
>>>> upgrade can be very useful.
>>>>
>>>> Just an idea that upgrading is not always about having the latest 
>>>> and greatest.. ;)
>>>
>>> Did you file a bug that says, hey ... your php is broken like this, 
>>> here is what it will not do ?
>>>
>>> If so, what is the upstream bug so I can track it ... if not, why 
>>> not :D
>>>
>> No, we did not ;) We opened a Service Request at RHEL, and asked them 
>> if php bug #37620 will be fixed, or if they will upgrade to php 5.2. 
>> The response we got was that RH is selling RH Application Stack v2, 
>> which does include php 5.2. And they asked us if there is an CVEs 
>> related to this bug..
>>
>> Bottom line was.. either buy the application stack, or hand over the 
>> CVEs. Since this bug is not security related, there is no  CVEs.
>
> Is this what you are talking about???
>
> http://bugs.php.net/bug.php?id=37620
>
> and if so, explain how that affects PKI authorization and I will be 
> glad to file a bug and make lots of community noise ...
>
> Or if you would, file a bug on bugs.centos.org that explains exactly 
> how pki cna not be used with php and I will file an upstream bug to 
> see if they will fix it.
>
> Now, they will not fix every bug, but non-functional PKI is one I 
> think that they will address.
>

Thanks! I'll get back on this tomorrow (time for sleep now!)..

Do you mind if I mail the details directly to you?

Cheers,

Bart