Johnny Hughes wrote: > Bart wrote: >> Well, life is not that black and white, luckily ;) >> >> Try authenticating with PHP to MySQL using certificates. That won't >> work with the current PHP release shipped with RHEL/CentOS. There's a >> bug in PHP 5.1 and it's fixed in 5.2. Since this is not a security >> bug, but just missing (of wrongly implemented) functionality, it's >> probably not going to be back ported. >> >> Since certificates (and PKI) are a pretty hot item these days, an >> upgrade can be very useful. >> >> Just an idea that upgrading is not always about having the latest and >> greatest.. ;) > > Did you file a bug that says, hey ... your php is broken like this, > here is what it will not do ? > > If so, what is the upstream bug so I can track it ... if not, why not :D > No, we did not ;) We opened a Service Request at RHEL, and asked them if php bug #37620 will be fixed, or if they will upgrade to php 5.2. The response we got was that RH is selling RH Application Stack v2, which does include php 5.2. And they asked us if there is an CVEs related to this bug.. Bottom line was.. either buy the application stack, or hand over the CVEs. Since this bug is not security related, there is no CVEs. Cheers, Bart