Categories
PHP

PHP 5.3.11

On april 26th 2012, the PHP group has released PHP 5.3.11, that brings over 60 bug fixes, some of which are security related :

Security Enhancements and Fixes in PHP 5.3.11:

  • Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).
  • Add open_basedir checks to readline_write_history and readline_read_history.
  • Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).

Key enhancements in PHP 5.3.11 include:

  • Added debug info handler to DOM objects.
  • Fixed bug #61172 (Add Apache 2.4 support).

Packages of PHP 5.3.11 are now available on Dotdeb for Debian 6.0 “Squeeze” on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

17 replies on “PHP 5.3.11”

Please, build package of PHP 5.4.1.
Thank you very much for your work. It’s very important work for lot of people.

It looks like the php5-fpm is somewhat not working [at all]. Failing to start after this update.

@Guillaume @Eugene
Sorry, I didn’t see your comments until now. Thank you for a quick response.

That’s the point – no change has been done, except for updating the packages, and no logs are there, when trying to start php5-fpm… :-\

After hours of trying to find the issue, it crossed my mind to remove APC (pecl uninstall APC), and everything started working again.

So, it looks like there is incompatibility between the latest PHP 5.3.11 and the latest APC. Beware!

APC needed to be rebuilt after the above hassle, but it is working fine now.

I am getting the following error
The following packages have unmet dependencies:
php5-intl : Depends: libicu44 (>= 4.4.1-1) but it is not installable

When installing php-intl from your repository

The following packages have unmet dependencies:
php5-intl : Depends: libicu44 (>= 4.4.1-1) but it is not installable

Please note the operating system is ubuntu 12.04 64 bit edition i have set dot deb in repository

@gavin : as said before, Dotdeb is made for Debian, not for Ubuntu. Such dependency problem can occur, especially with the latest 12.04 release.

My advice : stick to the PHP 5.3.10 Ubuntu packages. Remove Dotdeb from your sources.list.

5.3.11 security update is out for CGI -> IMPOTANT. You can get the source of a website, like config and passwords.

Comments are closed.