News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Greg Beaver's Blog:
Why it is very important to upgrade to PEAR 1.4.6 from PEAR 1.3.x
January 09, 2006 @ 06:41:18

Greg Beaver has an advisory message posted on his blog today about why it's imporatant to upgrade PEAR from 1.3.x to the latest, 1.4.6.

PEAR 1.4.6 was just released at pear.php.net (http://pear.php.net/PEAR). This is a minor bugfix release and complete details are available at pear.php.net, but I must stress two points with extreme seriousness:

  • PEAR 1.4.6 fixes make install-pear INSTALL_ROOT=/rpm/packaging and introduces the --packagingroot option to install, which works like --installroot worked in PEAR 1.3.x
  • PEAR 1.3.x has several serious bugs and at least 2 serious security vulnerabilities. Using PEAR 1.3.x on a production machine is EXTREMELY dangerous

He goes on to discuss further why that second point is particularly dangerous, including several unpublished serious bugs. You can download the latest PEAR packages from the main PEAR site...

0 comments voice your opinion now!
important upgrade PEAR 1.3.x 1.4.6 latest version security bugs important upgrade PEAR 1.3.x 1.4.6 latest version security bugs


blog comments powered by Disqus

Similar Posts

Pádraic Brady's Blog: XSS in PHP (Part 1): How Not to Use Htmlspecialchars

Devshed: Putting Apache in Jail (including PHP)

WebResourcesDepot.com: 19 Promising PHP Template Engines

Community News: Latest PEAR Releases for 09.18.2006

Zend Developer Zone: Paging and Sorting Data with Zend Framework, Doctrine and PEAR (part 1)


Community Events





Don't see your event here?
Let us know!


update laravel podcast composer package framework symfony interview language voicesoftheelephpant security mvc community introduction series release opinion version tool library

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework