[CentOS] advice on having php 5.2.x:
John R. Dennison
jrd at gerdesas.com
Thu Feb 9 10:16:45 UTC 2012
On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
> Hi,
>
> There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
>
> http://dev.centos.org/centos/5/testing/SRPMS/
This should be avoided at all costs. Those packages have not been
updated for ever and as a result have multiple known critical
vulnerabilities. Additionally, as has been pointed out repeatedly,
these packages must be removed; the project is effectively pushing known
vulnerable packages.
Use the IUS repository and the php-5.2.17 packages they supply. IUS is
known and vetted and they have a commercial stake in the stability and
integrity of the packages in that repo as they are what RackSpace makes
available to their own paying customers.
Please see http://wiki.centos.org/AdditionalResources/Repositories for
more information and a link to the IUS repo.
John
--
Christmas creep (n):
The inexorable tendency for the commercial aspects of Christmas to appear
earlier every year
-- Wiktionary's word of the day, 20 November 2011
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20120209/d35545d4/attachment.sig>
More information about the CentOS
mailing list