On Fri, Aug 21, 2009 at 5:17 PM, Ray Van Dolson<rayvd at bludgeon.org> wrote: > - Keep phpMyAdmin up to date. Best way to do this is to use a > package from a well known repository like EPEL that keeps the > package at the latest version for you. I've not beaten EPEL up too much on things like this, but here is one instance where it counts. EPEL relies on its packagers to keep things current, and in a startling number of cases, they do not. Case in point is the wiki software, moin. Moin is at something like 1.8.x or 1.9.x now, and has several posted security issues, which have been fixed in the most recent versions. EPEL however is still shipping 1.5.9 -> http://download.fedora.redhat.com/pub/epel/5/i386/repoview/moin.html Just because it's from a well known 3rd party repository doesn't mean it's fully patched. While your advice to use known repositories is good, please don't let it fool you into a false sense of security. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell