PHP 5.4 is dead - Remi's RPM repository

PHP 5.4 is dead

Par Remi le lundi 5 octobre 2015, 08:24 - HowTo - Lien permanent

As announced, PHP version 5.4.45 is the last official release of PHP 5.4

Which means that since version 5.5.30 and version 5.6.14 have been released, some security vulnerabilities are not, and won't be, fixed by the PHP project.

To keep a secure installation, the upgrade to a maintained version is strongly recommended:

PHP 5.5 is in security support mode only (no other bug will be fixed) until July 2016.
PHP 5.6 is in active support mode, and will be maintained until ~~August 2017~~ December 2018.
PHP 7.0 is in under development, in stabilization phase (Release Candidate) and should be released as stable quite soon.

Read :

However, given the very important number of downloads by the users of my repository (~47%) the version is still available in remi repository for Enterprise Linux (RHEL, CentOS...) and Fedora (Software Collections) and includes the latest security fix.

Warning : this is a best effort action, depending of my spare time, without any warranty, only to give users more time to migrate. This can only be temporary, and upgrade must be the priority.

Commentaires

1. Le lundi 5 octobre 2015, 07:50 par Remi

Version 5.4.45-1 is still 47% of downloads (5.5.29: 21%, 5.6.13: 31%).

Version 5.4.45-2 includes fix for bugs #70433 and #69720 (backported from 5.5.30).

Base packages (php)

Software Collections (php54)

2. Le jeudi 7 janvier 2016, 06:50 par Remi

Version 5.4.45-3 includes fix for bugs #70755, #70728, #70741 and #70661 (backported from 5.5.31).

3. Le mardi 16 février 2016, 22:26 par Remi

Version 5.4.45-4 includes security fix for bugs #71354 #71335 #71391 #71323 #71459 #71039 #71720 et #71488 (backported from 5.5.32).

4. Le jeudi 3 mars 2016, 07:56 par Remi

Version 5.4.45-5 includes security fix for bugs #71498 and #71587 (backported from 5.5.33).

5. Le jeudi 31 mars 2016, 05:47 par Remi

Version 5.4.45-5 is still 33% of downloads (5.5.33: 19%, 5.6.19: 41%, 7.0.4: 7%). Still too much.

Version 5.4.45-7 includes security fix for bugs #71906, #71798, #71860, #71704 and #71527 (backported from 5.5.34).

6. Le vendredi 29 avril 2016, 06:50 par Remi

Version 5.4.45-8 includes security fix for bugs #649.8, #71912, #72061, #72093, #72094 and #72099 (backported from 5.5.35).

7. Le dimanche 29 mai 2016, 08:38 par Remi

Version 5.4.45-8 is still 30% of downloads (5.5.35: 21%, 5.6.21: 40%, 7.0.4: 9%). Still too much.

Version 5.4.45-9 includes security fix for bugs #72241, #72114, #72135 and #71331 (backported from 5.5.36).

8. Le jeudi 23 juin 2016, 14:58 par Remi

Version 5.4.45-9 is still 35.5% of downloads (5.5.35:17.8%, 5.6.21:37.2%, 7.0.6:9.4%). Still really too much.

Version 5.4.45-10 includes security fix for bugs #72241, #72241, #72241, #72241, #72241, #72241, #72241, #72241, #72241, #72241, #72114, #72135 and #71331 (backported from 5.5.37).

9. Le vendredi 22 juillet 2016, 18:09 par Remi

Version 5.4.45-10 is still 38.2% of downloads (5.5.35:16.1%, 5.6.21:34.5%, 7.0.6:11.2%). Still really too much.

Version 5.4.45-10 includes security fix for bugs #72613, #70480, #72513, #72562, #72573, #72603, #72618, #72519, #72533, #69975, #72479, #72606 and #72520 (backported from 5.5.38).

10. Le lundi 19 septembre 2016, 14:46 par Remi

Version 5.4.45-12 includes "some" security fix backported from 5.6.26.

11. Le samedi 15 octobre 2016, 09:45 par Remi

The security patches in 5.6.27 don't worth to be backported, as they only involved big strings (2GB) and so a decent memory_limit is enough to be safe.

12. Le samedi 18 février 2017, 15:19 par Remi