[imp] All my PGP signed messages marked as BAD
Simon Wilson
simon at simonandkate.net
Sun Jun 9 12:48:35 UTC 2013
>> Quoting simon at simonandkate.net:
>>
>>>> You wouldn't happen to be using an old version of PHP, are you?
>>>> Like PHP 5.3.3?
>>>>
>>>> stream_get_contents() is buggy in older versions of PHP, IIRC.
>>>>
>>>> michael
>>>>
>>>
>>> Centos 6.4, PHP 5.3.3.
>>>
>>> I'd imagine there would be quite a few still running 5.3.3?
>>> Particularly as it is the packaged version on RH and derivatives...
>>
>> See the previous discussion on this topic in the list archives.
>> Namely: just because your distribution uses a certain version of a
>> code interpreter (i.e. PHP), that does not mean you are locked to
>> that version. There are all sorts of 3rd party options.
>>
>> At this point, if you are still running something like PHP 5.3.3
>> almost 3 years after its release, that is a security risk. (Vendor
>> specific "security patches" do NOT provide adequate support.)
>> There have now been **23** additional bug/security fixes since
>> 5.3.3, and that doesn't account for the fact that PHP 5.4 was long
>> ago released and is stable, and PHP 5.5 is now in the RC stages.
>>
>> Additionally, as mentioned before, we support the PHP 5.3 **API**,
>> not the actual distributed version of PHP 5.3.0 itself. Our
>> documentation doesn't make this distinction because it would be
>> confusing to most users.
>>
>> So obviously there is something wrong with the way
>> stream_get_contents() works on these ancient releases. I'll have
>> to find a workaround, but this is not a high priority since there
>> is nothing wrong with the code itself.
>>
>> michael
>>
>
> Thanks Michael, and understood.
>
> Your git commit at
> https://github.com/horde/horde/commit/6a108ab40cbabbbf9a9b7e77d7fee21554c2784d seems to resolve
> btw.
>
> Simon.
>
Using the IUS repo I can fairly simply upgrade to 5.3.25, or to
5.4.15, and still be within a repo-based RPM environment. Both
versions were released May 2013.
Question though, what effect does that have on all the pear and pecl
modules that are installed? I imagine if I stick within php 5.3
probably not much? But what about if I go to php 5.4?
I don't want to break things just because I don't understand the
relationship between installed pear and pecl modules, with the
system's version of PHP.
Simon.
--
Simon Wilson
M: 0400 12 11 16
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 1339 bytes
Desc: PGP Public Key
URL: <http://lists.horde.org/archives/imp/attachments/20130609/52e01d5d/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: PGP Digital Signature
URL: <http://lists.horde.org/archives/imp/attachments/20130609/52e01d5d/attachment-0001.bin>
More information about the imp
mailing list