Atomicorp

Or perhaps postgresql is a dependency of the postgresql-devel package as the postgresql package shows up as 'Installing for dependencies'. The exim package shows up as a dependency itself though.

I'm sure that ol' yellowdog knows better than I.

geez, three posts in a row - sorry about that.

I ran
# yum-builddep php-5.2.4-1.art.src.rpm

and all packages installed without error. so then I ran
# rpmbuild -ba php-5.2.4-1.art.src.rpm and got the error
error: File /root/downloads/rpms/php-5.2.4-1.art.src.rpm does not appear to be a specfile.

So I checked the man page for rpmbuild and it appears that I should run
# rpmbuild --rebuild php-5.2.4-1.art.src.rpm

and aside from some users not existing so using root messages at the beginning it appears to have built me an rpm...

I would just like to check that this was correct and this rpm will be safe to install.

Thanks again and sorry for so many sequential posts.

I must be close to breaking some kind of record here... sorry again, but last post I swear!

So after actually listing the files in /usr/src/redhat/RPMS/x86_64 I answered my own questions and resumed the downgrade process... successfully!! It was too easy - all that fuss.

Thanks again breun - hope I didn't flood anyone's inbox too much
and thank you scott for keeping all these resources available so reliably

It needs postgresql to be able to build php-pgsql. You may not use postgresql, but in order to build all of the rpms that that source rpm is going to yield when running rpmbuild you do need those installed. You could make a list of the packages that yum-builddep installs and remove them again after running rpmbuild.

A cleaner way to build packages and not mess with your system is to setup a build environment that uses a chroot, but that might be overkill if you just want to rebuild PHP.

There is no way you'd get me to build an rpm on a production box due to the dependency hell you are looking at. I'd personally fire up VMWare, build up a guest box with the same OS and kernel, and then build and test. If something goes wrong it is easier to click on "revert to snapshot" then restore a live server.

Just my $.02

In regards to build environments, I use mock. That creates the build chroots on demand, and resolves all the dependencies automatically at build time.

Hey those sound like good tips, thanks guys.

I just got a virtual guest going so I'll be much better off.

This might be slightly ot, but I wondered what asl is/has/will be going to have done;) about the vulns in php <5.2.5?

Here are a couple links, I'm not too worried about the php_sprintf_appendstring as it's not used in any of my apps (unless plesk makes use of it). But the multiple vulns in php <5.2.5 seem worrisome, is this a needless concern?

http://www.securityfocus.com/bid/29009/info

http://www.securityfocus.com/bid/28392/info

Thanks again.

Ive got 5.2.6 in atomic-testing now. Its ready to go I'm sure, I just need to finish up the suhosin update for it.

If you're using the ASL kernel, 28392 does not effect you.

Cool, thanks for the update!

I installed 5.2.6 from updates-testing and its running perfectly

How do you guys upgrade to PHP 5.2.6, someone keep on hacking me from a bug in 5.2.5 and I really need to upgrade. I tried yum update php but it doesn't bring it. Can you tell me how to do it step by step? I already use yum and it's set up and all.

You have to enable the testing repository if you want it now, because PHP 5.2.6 hasn't been pushed to the stable atomic channel yet.

Thanks, but it seems 5.2.6 has a local memory explit bug or something like that. Which means now back to the safer 5.2.5. How would i go about downgrading back to 5.2.5 from 5.2.6 ? Exact commands would be greatly appreciated.

http://www.milw0rm.com/exploits/5679

Are you sure 5.2.5 isnt also effected by this?