Grokbase
x

Re: PHP 5.2.5 when ?

View PostFlat  Thread  Threaded | < Prev - Next >
c...@imntv.com Re: [CentOS] PHP 5.2.5 when ?
| +1 vote
[ Profile | Reply to group ] [ Flat  Thread  Threaded ]
Mark Weaver wrote:

"The only other apps that were on the system at the time was a php web site and forum."

---

Heh.  Yep, those PHP web forums have a squeaky clean track record.

*rolling eyes*




_______________________________________________
CentOS mailing list
[email protected: C...@centos.org]
http://lists.centos.org/mailman/listinfo/centos

Thread : PHP 5.2.5 when ?
1)
Santa Claus Hi When (some) expected rpm package for the upgrade php to version 5.2.5(CentOS4) ? Who knows?
2)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============65479515=Content-Type:...
3)
Mark Weaver My question would be, "good god...why?" There are a ton of security holes in php5. From experience...
4)
Joshua Baker-LePain Even an exteremely brief search of the archives of this list would turn up tons of similar...
5)
Mark Weaver those patches didn't do much for keeping one of my systems from being breached via php. from the...
6)
Karanbir Singh I am still waiting for you to post some demonstrate-able exploit in the distro supplied php...
7)
Mark Weaver while I understand why you'd like proof of concept for the exploit it's not something I'd post on a...
8)
Karanbir Singh security@centos.org is where I'd expect you to post that to. Also, if you dont know what you are...
9)
Mark Weaver ah, yes... SELinux... Well, that was actually on the system at the time of the "second" breach....
10)
Ray Van Dolson I'd be willing to bet it was an application-specific hole that was utilized to breach your system....
11)
Mark Weaver That's always a possibility, but to my knowledge it wasn't anything I was aware of at the time, and...
12)
c...@imntv.com "The only other apps that were on the system at the time was a php web site and forum." Heh. Yep,...
13)
Mark Weaver yeah... and the one that was possibly part of the problem is now gone. I never restored it from...
14)
Karanbir Singh now would also be a good time to plumb in remotelogging :D I recommend rsyslog!
15)
Mark Weaver Indeed! hadn't thought of that before, but the packages have just finished downloading. :)
16)
Jim Perrin Well okay, now you've drawn me out! I've been playing with rsyslog recently in the hopes of...
17)
Mark Weaver <grin> already downloaded. going to transfer to the web server and start reading through the setup...
18)
Karanbir Singh am in the process of bringing that into centosplus :D
19)
Ralph Angenendt php-pear needs it. Why php itself depends on it isn't clear to me either. Cheers, Ralph Version:...
20)
Mark Weaver that in and of itself bothers me.
21)
Barry Brimer Red Hat now supports RHEL for 7 years after the release of each version.
22)
Santa Claus Hi 5.2.5(CentOS4) It is not clear why Red Hat (and CentOS too), so weak responds to changes of...
23)
John R Pierce If its really not clear, you're totally missing the whole *point* of RHEL.
24)
Santa Claus Hi Thanks to all who responded. But I repeat the question: how to upgrade CentOS4 to PHP 5.2.5...
25)
Jim Perrin There is no "correct" method for this, there are only "less wrong" ways to do it. No. This method...
26)
Anup Shukla I think 'make' to something like '/opt/php-5.2.5' would be "less wrong". Suggestions?...
27)
John R Pierce apache has php dependencies, so you'll be replacing that too? and, in turn, php has dependencies on...
28)
Anup Shukla Yes, i have been bitten by this. But at times you are left with no option. I *needed* 5.2.x and so...
29)
Mark Weaver you can get what you want with this repo info: name=Dag RPM Repository for *Red Hat Enterprise...
30)
Tom G. Christensen dag/rpmforge does *NOT* provide php 5.2.x. For php 5.2.x on CentOS 4 and 5 I would recommend the...
31)
Michael A. Peters I've got them here - but absolutely no support whatsoever....
32)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============05052379=Content-Type:...
33)
Scott Silva on 1/15/2008 8:20 AM Johnny Hughes spake the following: |> Hi |> Thanks to all who responded. |>...
34)
Steven Vishoot iD8DBQFHjN/tRADw9lziUqQRAqhqAJ91kHl7OqzaxJ7VY+kCLQEDagCOkwCfRXNh Does Having your cake and eating...
35)
Morten Torstensen No, because in this case your cake disappears in thin air as soon as you try to eat it. Replacing...
36)
Mark Weaver it's a case of update-itis. In general the Linux community is partially responsible due to...
37)
Centos This is a multi-part message in MIME format. Content-Type: multipart/alternative;...
38)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============78330843=Content-Type:...
39)
Centos No, we did not ;) We opened a Service Request at RHEL, and asked them if php bug #37620 will be...
40)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============08823883=Content-Type:...
41)
Centos Thanks! I'll get back on this tomorrow (time for sleep now!).. Do you mind if I mail the details...
42)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============36708429=Content-Type:...
43)
David Hrbáč Johnny Hughes napsal(a): Johnny, it doesn't work the way you say. I can name two bugs I consider...
44)
Michael A. Peters php is not a major component of RHEL/CentOS. Upgrading PHP is not going to break the system. Worst...
45)
Johnny Hughes This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --==============54547521=Content-Type:...
46)
Michael A. Peters Apache and MySQL probably are major components. Lots of CentOS packages depend upon them. PHP is a...
47)
Morten Torstensen PHP is the programming language that drives a large chunk of web applications out there. It is not...
48)
Michael A. Peters Granted. It's most common use is as an apache module, it can be used for several other things. PHP...
49)
Michael A. Peters I need to make a correction - the zend abi (not api) has changed - but modules built against the...
spacer
View PostFlat  Thread  Threaded | < Prev - Next >
Home > Groups > CentOS > PHP 5.2.5 when ? (49 posts) > View Post
Grokbase | Groups | Tags | People | Add a group | FAQ | About

Provide feedback | del.icio.us