[CentOS] advice on having php 5.2.x:

John R. Dennison jrd at gerdesas.com
Thu Feb 9 10:16:45 UTC 2012


On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
> Hi,
> 
> There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
> 
> http://dev.centos.org/centos/5/testing/SRPMS/

This should be avoided at all costs.  Those packages have not been
updated for ever and as a result have multiple known critical
vulnerabilities.  Additionally, as has been pointed out repeatedly,
these packages must be removed; the project is effectively pushing known
vulnerable packages.

Use the IUS repository and the php-5.2.17 packages they supply.  IUS is
known and vetted and they have a commercial stake in the stability and
integrity of the packages in that repo as they are what RackSpace makes
available to their own paying customers.

Please see http://wiki.centos.org/AdditionalResources/Repositories for
more information and a link to the IUS repo.





							John
-- 
Christmas creep (n):

The inexorable tendency for the commercial aspects of Christmas to appear
earlier every year

-- Wiktionary's word of the day, 20 November 2011
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20120209/d35545d4/attachment.sig>


More information about the CentOS mailing list