Re: Failing Autotests / Bugs
Am 22.08.2011 11:33, schrieb Lester Caine:
> Pierre Joye wrote:
>> but does it work with 5.3.6? On the servers where 5.3.7 fails?
>
> While switching back should simply be a matter of telling the package manager to use the older
> version
with full disclosed security-bugs they are open and known for months
before even a new version is released
> there should perhaps be a little less 'rush' to automatically update systems,
> allowing us to make a choice when we do upgrade?
we have the choice but we have not because it takes months before a new php-version
is available and the whole time before security-bugs are well known everywhere
there should be placed diff-files for security fixes directly on the download-page
they could be easily included in rpmbuild/spec-file if they are matching to the latest
tar.bz2, but the current release process does not support this and forces users
if they wanting their machines as secure as possible to grab in the VCS manually
and hoping make no mistake by making this on their own - it is a hughe difference
for a administrator innclude provided patches in a spec-file or deal with the
whole php-source
Patch8: php-5.3.7-aconf259.patch
Patch20: php-4.3.11-shutdown.patch
Patch21: php-5.3.3-macropen.patch
Patch22: php-5.3.7-crypt.patch
Patch40: php-5.0.4-dlopen.patch
Patch41: php-5.3.0-easter.patch
Patch42: php-5.3.1-systzdata-v7.patch
Patch43: php-5.3.4-phpize.patch
Patch61: php-5.0.4-tests-wddx.patch
Patch62: php-5.3.3-tests.patch
Patch91: php-5.3.7-oci8conf.patch
Patch92: php-5.3.7-readline.patch
Patch93: php-5.3.6-mysqli.patch
Attachment: [application/pgp-signature] OpenPGP digital signature signature.asc
Thread (30 messages)