Red Hat Bugzilla – Bug 665773
Cacti bundles php-adodb
Last modified: 2016-02-29 09:55:16 EST
Description of problem: Cacti bundled php-adodb (contrary to the no bundled libraries policy.)
Version-Release number of selected component (if applicable) cacti-0.8.7g-1.fc14.noarch
Also, I'll note that this is a comparatively ancient version of php-adodb (4.54) from 2005 - with at least one security flaw.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
Please test this update. It's built for F-14, but I'd like it tested before I put it in rawhide or older.
Patch sent upstream at http://bugs.cacti.net/view.php?id=2091
I'll commit to Rawhide in a bit. I'd like to get 0.8.7h out to all branches first, plus do some more testing.
I've been running this patch on my EL5 Cacti system for a week now, using php-adodb-4.95-1.a.el5 . No problems noted.
David, in your experience with zikula, did you experience any bugs as a result of using Fedora's system version of php-adodb? Obviously this is an unscientific test; I'm just trying to get a feel for how (un)stable this change would be.
*** Bug 463859 has been marked as a duplicate of this bug. ***
David: another ping to please let us know how (un)stable this sort of change would be. I've tested it on one of my EL5 Cacti systems for a while now, but confirmation from another maintainer is always nice.
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.
(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)
More information and reason for this action is here:
The package has been retired in Rawhide for a while. See http://forums.cacti.net/viewtopic.php?f=2&t=53607 and https://lists.fedoraproject.org/pipermail/devel/2014-October/203695.html
Today I've removed myself from the package in pkgdb.
Jon, please feel free to orphan or retire this package in EPEL.