Because of hijacking problems with my fedora8 and php 5.2.6 I was suggested to upgrade to a new server with a new OS and latest stable software
From Virtualmin install.sh in my new server I have
Well, I don’t understand it very much.
I was suggested to have updated software to avoid intruders and I am going backwards with php.
I suppose that new versions not necessarily mean better security, it would be new holes.
Let’s say I keep quiet in 5.1.6 php version. I don’t need the latest version of phpMyAdmin, an older one according to 5.1.6 would be fine.
Anyway I am worrying about some commands I am using in 5.2.6 that doesn’t exist in 5.1.6
Do you know where to find that information?
I couldn’t find anything about the history of the commands, on which version were they created.
Thank you
Well, I don’t understand it very much.
I was suggested to have updated software to avoid intruders and I am going backwards with php.
The packages provided by Red Hat or CentOS have security and bugfix patches backported from the mainline PHP version. The benefit RHEL and CentOS provides is a stable platform for building upon. They commit to not changing the version in incompatible ways. So, the version that was the latest on the day when RHEL 5.0 went “gold” is the version that will always be in all versions of RHEL/CentOS 5.x. It will only get security and stability fixes, and always in backward compatible ways.
I suppose that new versions not necessarily mean better security, it would be new holes.
Not really. That isn’t the point. PHP generally gets more secure over time (as most Open Source software does), but new exploits are being discovered all the time, as well. RHEL/CentOS backport the fixes to those problems, without bringing along a whole new PHP version.
The RHEL packaging policy is pretty well-documented (as well as a lot of other useful stuff) at Red Hat’s site; likewise CentOS at the CentOS site.
If you need the latest version, we provide it in our bleeding edge repo. It is the version shipped from php.net, with a few patches to make it fit the RHEL/CentOS packaging guidelines.
Okay, thanks Joe.
I’ve seen new functions in 5.2 versions and seems I would not have problems using 5.1.6 so I suppose it would be better to be quiet. I was afraid about mbstring functions but happily none of those new am I or my programs using.