PHP 5.2.8 available [update]

December 9th, 2008 | by Guillaume Plessis |

The PHP Group released PHP 5.2.8 this morning to fix the magic_quotes_gpc issue.

If you previously installed PHP 5.2.7-0.dotdeb.1 from Dotdeb and do not care about the version number displayed in your phpinfo(), save your bandwidth, your server is already secure :) Otherwise, just apt-get upgrade your LAMP stack…

[update] The packages have been upgraded to 5.2.8-0.dotdeb.1 to fix an issue about pcre & utf8.

Tags: , ,

  1. 44 Responses to “PHP 5.2.8 available [update]”

  2. By phpBuddy on Dec 9, 2008 | Reply

    You are really fast, very good, thank you!

  3. By Christopher on Dec 9, 2008 | Reply

    big thx for this next great release

  4. By badlllama on Dec 10, 2008 | Reply

    It seems unicode support is turned off in the pcre build. I use Zend Lucene and am getting an Utf8Num analyzer needs PCRE unicode support to be enabled.
    Is there any easy way to correct this?

  5. By acid on Dec 10, 2008 | Reply

    Same preg_replace + utf8 problem here :(

  6. By Guillaume Plessis on Dec 10, 2008 | Reply

    @badlllama @acid : Did it happen with previous packages from Dotdeb? Which version did work for you?

  7. By acid on Dec 10, 2008 | Reply

    Guillaume Plessis, everything worked fine till this release

  8. By badlllama on Dec 10, 2008 | Reply

    @Guillaume It worked up until this upgrade.

  9. By AgentM on Dec 11, 2008 | Reply

    Also have the same issue with preg_* and utf8. Worked fine until the latest release. Same problem as: http://bugs.php.net/bug.php?id=46800

    I verified that preg_*/utf8 works fine in dotdeb PHP 5.2.6-0, and does not work in 5.2.8-0.
    Testing using:
    $test = preg_match(‘/[\pL]+/ui’, ‘abc’);
    var_dump($test);

  10. By code46 on Dec 11, 2008 | Reply

    Hello,

    it shows that pcre unicode support is turned off, it was working fine before build 5.2.7,
    any thoughts how to solve this?

    thanks

  11. By Guillaume Plessis on Dec 11, 2008 | Reply

    I’m working on it, I just have some problem to reproduce the bug. I will provide updated packages this week-end.

  12. By acid on Dec 11, 2008 | Reply

    @Guillaume, thanks a lot!

  13. By Guillaume Plessis on Dec 12, 2008 | Reply

    the new 5.2.8-0.dotdeb.1 packages should fix the issue. Please upgrade!

  14. By AgentM on Dec 12, 2008 | Reply

    Thanks a bunch! I upgraded and everything works fine now. I know I speak for everyone when I say we really appreciate it.

  15. By code46 on Dec 12, 2008 | Reply

    great job, works perfectly, we really appreciate it. Thanks a lot!

  16. By Marco on Dec 12, 2008 | Reply

    Since the upgrade (and the upgrade to the upgrade) I get segfaults with xcache enabled. It might be me behind the wheel that’s the problem, but it worked before the upgrades…. I need some handholding to debug further.

  17. By Guillaume Plessis on Dec 12, 2008 | Reply

    Are you using PHP extensions that does not come from Dotdeb, such as Zend Optimizer?
    Which extensions did you install?
    Could you please provide a phpinfo() or some more debugging info (strace…)

  18. By Marco on Dec 12, 2008 | Reply

    phpinfo here: http://kioskkiosk.com/di.php
    although note that right now I set xcache sizes to 0 to disable xcache (and it doesn’t segfault when disabled)….

    The installed extensions:
    dpkg-query -l php*|grep ii
    ii php5-cgi 5.2.8-0.dotdeb.1 server-side, HTML-embedded scripting languag
    ii php5-cli 5.2.8-0.dotdeb.1 command-line interpreter for the php5 script
    ii php5-common 5.2.8-0.dotdeb.1 Common files for packages built from the php
    ii php5-curl 5.2.8-0.dotdeb.1 CURL module for php5
    ii php5-dev 5.2.8-0.dotdeb.1 Files for PHP5 module development
    ii php5-gd 5.2.8-0.dotdeb.1 GD module for php5
    ii php5-imap 5.2.8-0.dotdeb.1 IMAP module for php5
    ii php5-mcrypt 5.2.8-0.dotdeb.1 MCrypt module for php5
    ii php5-mhash 5.2.8-0.dotdeb.1 MHASH module for php5
    ii php5-mysql 5.2.8-0.dotdeb.1 MySQL module for php5
    ii php5-pear 5.1.4-1.dotdeb.3 PEAR – PHP Extension and Application Reposit
    ii php5-xcache 5.2.8-0.dotdeb.1 xcache module for php5

  19. By Mathijs on Dec 24, 2008 | Reply

    I Have a problem setting the mbstring.func_overload value.

    It doesn’t work by setting it within the apache virtualhost config anymore. Is this a problem of dotdeb’s version?
    Thx

  20. By Alex on Dec 27, 2008 | Reply

    I just updated and realised that the mail() function adds the X-PHP-Script header to emails.

    As discussed in http://www.hardened-php.net/advisory_142006.139.html it’s a security vunerability.

    Will this be fixed sometime?

  21. By Guillaume Plessis on Dec 28, 2008 | Reply

    @Alex : This security issue has been fixed in november 2006, more than two years ago. The feature is still present, but is secure.

    Anyway, if you prefer to avoid the X-PHP-Script header added with the mail() function, set mail_extra_headers to Off in your php.ini.

  22. By Pierre on Dec 28, 2008 | Reply

    Hello,
    nice job, but can you make a package for phar extension of php.
    Thx

  23. By Alex on Dec 28, 2008 | Reply

    @Guillaume Thanks!

  24. By Viktor on Dec 28, 2008 | Reply

    Hello,

    I can not start eAccelerator 0.9.5.3.

    I have rebuild it but this is not work.

    Kind regards
    Viktor

  25. By Guillaume Plessis on Dec 28, 2008 | Reply

    @Pierre : Phar will be available by default in my PHP >=5.3.0 packages. Waiting this, you can package phar using this tutorial : http://www.dotdeb.org/2008/09/25/how-to-package-php-extensions-by-yourself/

    @Viktor : please ensure that eAccelerator os full compatible with PHP 5.2.8 and package it with this method : http://www.dotdeb.org/2008/09/25/how-to-package-php-extensions-by-yourself/
    All should work fine.

  26. By George on Feb 26, 2009 | Reply

    PHP5.2.8.0 is broken for Debian Etch 4.0:

    The following packages have unmet dependencies.
    php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    Depends: php5-common (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    E: Broken packages

  27. By Guillaume Plessis on Feb 26, 2009 | Reply

    @George : as Lenny is now stable and Etch oldstable, please update your sources.list :

    deb http://packages.dotdeb.org oldstable all

  28. By Guillaume Plessis on Feb 26, 2009 | Reply

    @George : Sorry, there is another problem with the Lenny PECL packages. I’ll fix it in a few minutes by uploading new packages. Sorry for this mess.

  29. By Carsten on Feb 26, 2009 | Reply

    I added your sources to my sources.list file (have currently etch with php-5.2.0-8″) and performed apt-get update and apt-get upgrade, but php was not updated, but have been kept back:

    host:~# apt-get upgrade
    Reading package lists… Done
    Building dependency tree… Done
    The following packages have been kept back:
    libapache2-mod-php5 mysql-server php5 php5-cli php5-common php5-curl php5-gd php5-imap php5-mcrypt php5-mysql
    php5-sqlite php5-xsl
    0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

    Does anybody have an idea how to solve this issue? If I type “apt-get install php5″, he says that dependencies could not be met:

    The following packages have unmet dependencies:
    php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed or
    libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    Depends: php5-common (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed
    E: Broken packages

  30. By Guillaume Plessis on Feb 26, 2009 | Reply

    @Carsten :
    Etch = oldstable , Lenny = stable

    Please take care about the Dotdeb sources.list entry. If you’re using Etch, it should be :

    deb http://packages.dotdeb.org oldstable all

    I’ll post a note about the Etch/Lenny switch very soon.

  31. By Carsten on Feb 26, 2009 | Reply

    Forget my last post. Of course, I have to add the sources with “etch” and not stable after Feb, 14th :-)

    Now everything worked perfectly. Thanks!

  32. By Alessandro on Mar 3, 2009 | Reply

    What about php 5.2.9, with all the security fixes? :)

  33. By Guillaume Plessis on Mar 3, 2009 | Reply

    @Allessandro : PHP 5.2.9 will be packaged as soon as the suhosin patch is available : http://www.hardened-php.net/suhosin/download.html

  34. By dd on Mar 5, 2009 | Reply

    you should add also apache2-mpm-itk to the dependences as alternative for apache2-mpm-prefork.

  35. By Mario on Mar 5, 2009 | Reply

    Hi Guillaume,

    unfortunately, the PHP 5.2.8-2 PHP-Pear Package does not work on ubuntu 8.0.4 – server. The pear command just downloads the tgz file, but does not initialize the installation process. Same thing for pecl.

    Can somebody double-check this? The original ubuntu 8.0.4 PHP 5.2.4 packs are working fine.

    Regards!
    Mario

  36. By schpinn on Mar 7, 2009 | Reply

    Suhosin patch for PHP 5.2.9 is available :) ..

  37. By Thomas R. Bailey on Mar 7, 2009 | Reply

    Upgrade php5-dev to 5.2.8
    then make clean, ./configure make install

    :)

  38. By Guillaume Plessis on Mar 8, 2009 | Reply

    @dd : apache2-mpm-itk is an alternative dependency to apache2-mpm-prefork in the PHP5 Dotdeb packages. No problem.

  39. By Guillaume Plessis on Mar 8, 2009 | Reply

    @Mario : Dotdeb is built for Debian Etch or Lenny. Ubuntu is not officially supported. Sorry.

  40. By Guillaume Plessis on Mar 8, 2009 | Reply

    @schpinn : I was skiing for the last few days, sorry for the delay :) PHP 5.2.9 will be available on Dotdeb in the next few hours…

  41. By schpinn on Mar 8, 2009 | Reply

    @Guillaume: Excellent, thanks, no problem for the delay.. Hope you had a nice time skiing :) ..

  42. By askmetoo on Mar 16, 2009 | Reply

    Help me pliase to resolve…
    Thanks …
    apt-get -f install
    dpkg –configure -a

    apt-get update
    apt-get install
    apt-get upgrade
    apt-get dist-upgrade
    apt-get -f install

    apt-get autoclean
    apt-get clean

    apt-get upgrade
    Reading package lists… Done
    Building dependency tree… Done
    The following packages have been kept back:
    libapache2-mod-php5 libmysqlclient16 mysql-client-5.1 mysql-server-5.1
    php-pear php5 php5-cgi php5-cli php5-common php5-curl php5-gd php5-mysql
    0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

  43. By Guillaume Plessis on Mar 16, 2009 | Reply

    @askmetoo : as written in my post about Lenny, take care of the Dotdeb entries in your sources.list :

    It should refer to stable or lenny if you want to make the switch and take benefits from the brand new Debian distribution :

    deb http://your.mirror/ stable all
    deb-src http://your.mirror/ stable all

    It should refer to oldstable or etch if you want to stick to the good old Etch and to take your time to upgrade.

    deb http://your.mirror/ oldstable all
    deb-src http://your.mirror/ oldstable all

  44. By askmetoo on Mar 17, 2009 | Reply

    I am use Debian 4 (not lenny)
    Thanks, Now all fine!

  45. By Cesco on Aug 27, 2009 | Reply

    I have PHP 5.2.4-2ubuntu5.7 with Suhosin-Patch 0.9.6.2 (cli) on Ubuntu 8.04.2, is it possible to add dotdeb repo and upgrade PHP5 ?
    I need to install x-php-script mail patch …
    Can i try other solution ?
    Thank you!

Post a Comment