[CentOS] advice on having php 5.2.x:

Thu Feb 9 22:05:53 UTC 2012
fakessh @ <fakessh at fakessh.eu>

Le jeudi 09 février 2012 à 15:01 -0600, Johnny Hughes a écrit :
> On 02/09/2012 04:16 AM, John R. Dennison wrote:
> > On Thu, Feb 09, 2012 at 12:07:34PM +0200, Peter Peltonen wrote:
> >> Hi,
> >>
> >> There is a PHP 5.2 RPM for CentoOS5 in the testing repo:
> >>
> >> http://dev.centos.org/centos/5/testing/SRPMS/
> > This should be avoided at all costs.  Those packages have not been
> > updated for ever and as a result have multiple known critical
> > vulnerabilities.  Additionally, as has been pointed out repeatedly,
> > these packages must be removed; the project is effectively pushing known
> > vulnerable packages.
> >
> > Use the IUS repository and the php-5.2.17 packages they supply.  IUS is
> > known and vetted and they have a commercial stake in the stability and
> > integrity of the packages in that repo as they are what RackSpace makes
> > available to their own paying customers.
> >
> > Please see http://wiki.centos.org/AdditionalResources/Repositories for
> > more information and a link to the IUS repo.
> 
> For the record, those 5.2.10 php files are the latest released from here:
> 
> ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/
> 
> Those are from the Red Hat Web Application Stack for EL5.  It gets
> errata here:
> 
> https://rhn.redhat.com/errata/rhel-appstk-5-errata.html
> 
> As to whether or not you should use them, that is ... of course ... up
> to you.  It is the latest released, by upstream.


i build php rpm and other source in the style centos php53 with package
ius
http://ns.fakessh.eu/rpms


-- 
 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC2626742
 gpg --keyserver pgp.mit.edu --recv-key C2626742

 http://urlshort.eu fakessh @
 http://gplus.to/sshfake
 http://gplus.to/sshswilting
 http://gplus.to/john.swilting
 https://lists.fakessh.eu/mailman/
 This list is moderated by me, but all applications will be accepted
 provided they receive a note of presentation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://lists.centos.org/pipermail/centos/attachments/20120209/20972b70/attachment-0003.sig>