On Sun, Jul 03, 2011 at 02:29:12PM +0200, Alain Péan wrote: > > > So 5.1.6 is the current package on CentOS, at least in base repo, I > don't know for CentOSPlus, and your question is totally valid. The php in base, for both C4 and C5, gets updates. I've not seen an update for the C4 plus package since, well, 2008. This also brings up the question what stack this package was part of upstream; I'm not able to locate it in Redhat's mirrors. > I am not using PHP, so I am not aware of the last vulnerabilities, but > you should know that RedHat backports security fixes, and features, from > further releases, so the version number is not that informative. See for > example this rather old thread (2010) : They only backport for supported packages. It appears that this package may have been orphaned upstream. > http://forums.whirlpool.net.au/archive/1424743 Returns a 404. John -- When there are too many policemen, there can be no liberty. When there are too many soldiers, there can be no peace. When there are too many lawyers, there can be no justice. -- Lin Yutang (10 October 1895 - 26 March 1976), Chinese writer and translator, as quoted in Alexander, James (2005). The World's Funniest Laws. Cheam: Crombie Jardine. pp. page 6 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20110703/0bc68a56/attachment-0005.sig>