robert mena
2010-Dec-01 11:54 UTC
[CentOS] Any news on an updated php 5.2 version in extras/testing?
Hi, I've being using the 5.2.10 that is in testing in a production environment for more than six months without any problem. I am wondering if/when we are going to see a 5.2.14 version there and if the recently disclosure of a 5.1.6 security update affects the 5.2.10 that is in testing. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20101201/38731284/attachment-0002.html>
Karanbir Singh
2010-Dec-01 12:17 UTC
[CentOS] Any news on an updated php 5.2 version in extras/testing?
On 12/01/2010 11:54 AM, robert mena wrote:> Hi, > > I've being using the 5.2.10 that is in testing in a production > environment for more than six months without any problem. I am > wondering if/when we are going to see a 5.2.14 version there and if the > recently disclosure of a 5.1.6 security update affects the 5.2.10 that > is in testing.If you file an issue request at bugs.centos.org; i'll investigate - KB
Leonard den Ottolander
2010-Dec-01 12:50 UTC
[CentOS] Any news on an updated php 5.2 version in extras/testing?
Hi, On Wed, 2010-12-01 at 07:54 -0400, robert mena wrote:> I am wondering if/when we are going to see a 5.2.14 version there and > if the recently disclosure of a 5.1.6 security update affects the > 5.2.10 that is in testing.Red Hat just put out this security alert concerning multiple PHP vulnerabilities, which is probably what you are speaking off: https://rhn.redhat.com/errata/RHSA-2010-0919.html All these vulnerabilities except for the last one (https://www.redhat.com/security/data/cve/CVE-2010-3870.html / http://bugs.php.net/bug.php?id=49687) are fixed in PHP-5.2.14. For this one issue you might need to use the patch from the latest upstream SRPM. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research