Sorry, the EPEL repos serve PHP v5.3.3 (Zend v2.3.0), not 3.2.8, of course!
My point way that only security fixes are provided for that version at the moment, for the next 3 months, that is.

Gei

On Mon, 14/04/14 16:42, 83185F1A@galaxymail.org wrote:
> Hi all,
> 
> I tried searching the archives and asking around in the #kolab channel but still have some doubts in regards to the following:
> Following the official guide to install the latest stable version (3.2) of the free edition of Kolab on CentOS 6.5, some of the dependencies pulled from the EPEL repositories are quite old, e.g. PHP=3.2.8. In an attempt to harden the security of the installed instance, one considers upgrading the runtime, e.g. PHP to >5.5, to take advantage of the latest security fixes.
> 
> My actual questions are:
> - Just how (in)secure are Kolab's web services when run on 3.2.8, i.e. the runtime provided by the reference EPEL repos? (sorry, not familiar w/ PHP security/maintenance at all)
> - How compatible is Kolab with new PHP versions (i.e. >5.5)? Is any such testing performed/documented?
> - What is the recommended approach to updating runtime/dependencies? Which repos should one generally use to keep the runtime up-to-date, EPEL or 3rd party ones (e.g. http://rpms.famillecollet.com/enterprise/6/php55 for PHP)?
> 
> Sorry for the amateurish questions and thanks for your answers. I hope to contribute to this list in a more useful manner in the near future.
> 
> Gei