[CentOS] Any news on an updated php 5.2 version in extras/testing?
Hi, I've being using the 5.2.10 that is in testing in a production environment for more than six months without any problem. I am wondering if/when we are going to see a 5.2.14 version there and if the recently disclosure of a 5.1.6 security update affects the 5.2.10 that is in testing. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any news on an updated php 5.2 version in extras/testing?
On 12/01/2010 11:54 AM, robert mena wrote: > Hi, > > I've being using the 5.2.10 that is in testing in a production > environment for more than six months without any problem. I am > wondering if/when we are going to see a 5.2.14 version there and if the > recently disclosure of a 5.1.6 security update affects the 5.2.10 that > is in testing. If you file an issue request at bugs.centos.org; i'll investigate - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any news on an updated php 5.2 version in extras/testing?
Hi, On Wed, 2010-12-01 at 07:54 -0400, robert mena wrote: > I am wondering if/when we are going to see a 5.2.14 version there and > if the recently disclosure of a 5.1.6 security update affects the > 5.2.10 that is in testing. Red Hat just put out this security alert concerning multiple PHP vulnerabilities, which is probably what you are speaking off: https://rhn.redhat.com/errata/RHSA-2010-0919.html All these vulnerabilities except for the last one (https://www.redhat.com/security/data/cve/CVE-2010-3870.html / http://bugs.php.net/bug.php?id=49687) are fixed in PHP-5.2.14. For this one issue you might need to use the patch from the latest upstream SRPM. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any news on an updated php 5.2 version in extras/testing?
Dne 1.12.2010 13:17, Karanbir Singh napsal(a): > If you file an issue request at bugs.centos.org; i'll investigate > > - KB I'd say the bigger issue is 5.1.6 C4Plus php, which is not maintained together with C4Plus pecl/pear modules. C4Plus php is installed on many boxes over the world. DH ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any news on an updated php 5.2 version in extras/testing?
On Wed, 2010-12-01 at 13:50 +0100, Leonard den Ottolander wrote: > All these vulnerabilities except for the last one > (https://www.redhat.com/security/data/cve/CVE-2010-3870.html / > http://bugs.php.net/bug.php?id=49687) are fixed in PHP-5.2.14. For this > one issue you might need to use the patch from the latest upstream SRPM. http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/xml/xml.c?r1=293146&r2=305055 is the fix for the 5.2 branch which is not yet in the released 5.2.14. -- mount -t life -o ro /dev/dna /genetic/research ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any news on an updated php 5.2 version in extras/testing?
Thanks. I'll do it later tonight. On Wed, Dec 1, 2010 at 8:17 AM, Karanbir Singh wrote: > On 12/01/2010 11:54 AM, robert mena wrote: > > Hi, > > > > I've being using the 5.2.10 that is in testing in a production > > environment for more than six months without any problem. I am > > wondering if/when we are going to see a 5.2.14 version there and if the > > recently disclosure of a 5.1.6 security update affects the 5.2.10 that > > is in testing. > > If you file an issue request at bugs.centos.org; i'll investigate > > - KB > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos