Categories
PHP

PHP 5.3.14

On june 14th 2012, the PHP group has released PHP 5.3.14, that brings over 30 bug fixes, some of which are security related : A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. Please also note that the use of php://fd streams is now restricted to the CLI SAPI (php5-cli).

Packages of PHP 5.3.14 are now available on Dotdeb for Debian 6.0 “Squeeze” on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

19 replies on “PHP 5.3.14”

Hey Guillaume,

is there any alternative to suhosin for 5.4?

I really want to use 5.4, but i dont want to have security issues. :S

Hi Guillaume,

I just update one of my servers from php v5.3.12 to v5.3.14 dotdeb package’s, but with CLI I’ve bug with CLI. In my php.ini for CLI, I’ve set “memory_limit” to “128MB”, if I use php command, the prompt return this :

mutu02:~# php -v
PHP Fatal error: Allowed memory size of 262144 bytes exhausted (tried to allocate 261900 bytes) in Unknown on line 0

If I set “memory_limit” to “-1”, the command work. Do you know where is the problem ? Before this upgrade, the CLI command was OK.

Thank you in advance for your answer 🙂

PS : mutu02:~# cat /etc/debian_version
6.0.5


Gimly – French dotdeb user

@Gimly : first of all, there wasn’t any 5.3.12 version from Dotdeb 🙂

Does “php -v” really try to allocate 256MB of memory? ô_O

What is the result of these commands?
which php
/usr/bin/php5 -v
$(which php) -v
/usr/bin/php5 -i|grep ‘^Loaded Configuration File’
$(which php) -i|grep ‘^Loaded Configuration File’
/usr/bin/php5 -i|grep ‘^memory_limit’
$(which php) -i|grep ‘^memory_limit’

Oh, yep exactly, not 5.3.12 but 5.3.13, sorry :s.

Does “php -v” really try to allocate 256MB of memory? ô_O

You want to say 256KB not MB ? 🙂

So, after research with your command, I found the problem.

I set memory_limit with “128MB” instead of “128M”. Change memory setting to “128M” and now it work.
It’s all my fault, after configure php since 8 years, I think this is a very noob error of my part! :p

Thank you for your help Guillaume

Thank you very much for your excellent Nginx, MySQL and PHP repo’! 🙂
Merci beaucoup pour tes excellents dépôts Nginx, MySQL et PHP ! 🙂

Gimly – French dotdeb user

PHP 5.3.14-1~dotdeb.0 with Suhosin-Patch (cli) (built: Jun 21 2012 00:51:58)

php5-memcached appears to be broken.
in terminal run php -v

PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib/php5/20090626+lfs/memcached.so’ – /usr/lib/php5/20090626+lfs/memcached.so: undefined symbol: zend_new_interned_string in Unknown on line 0

Also cannot uninstall using aptitude as it is trying execute php5dismod, which is not available.

I also reproduce Greg’s issue.

All these packages are from dotdeb if I try to upgrade, on a Debian Squeeze machine, see below:

The following packages will be REMOVED:
libmemcached9
The following NEW packages will be installed:
libmemcached10
The following packages will be upgraded:
php5-cgi php5-cli php5-common php5-curl php5-fpm php5-gd php5-ldap php5-mcrypt php5-memcached php5-mysql php5-suhosin

root@xxxx:~# dpkg –get-selections | grep php5-
php5-cgi install
php5-cli install
php5-common install
php5-curl install
php5-fpm install
php5-gd install
php5-ldap install
php5-mcrypt install
php5-memcached install
php5-mysql install
php5-suhosin install

I have had to work around it by installing php5-memcache. I also have problems trying to remove php5-memcached: it tries to run ‘php5dismod memcached’ which returns ‘command not found’. Feels like some PHP 5.4 stuff has slipped into PHP 5.3

First of all thank you very much for your attention to this.

Here is the output you requested.

➜ ~ dpkg -l ‘php5-*’
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-===========================-===========================-======================================================================
ii php5-apc 5.3.14-1~dotdeb.0 apc module for php5
un php5-cgi (no description available)
ii php5-cli 5.3.14-1~dotdeb.0 command-line interpreter for the php5 scripting language
ii php5-common 5.3.14-1~dotdeb.0 Common files for packages built from the php5 source
ii php5-curl 5.3.14-1~dotdeb.0 CURL module for php5
ii php5-dev 5.3.14-1~dotdeb.0 Files for PHP5 module development
un php5-fpm (no description available)
ii php5-gd 5.3.14-1~dotdeb.0 GD module for php5
un php5-json (no description available)
ii php5-mcrypt 5.3.14-1~dotdeb.0 MCrypt module for php5
ii php5-memcache 5.3.14-1~dotdeb.0 memcache module for php5
pi php5-memcached 5.3.14-1~dotdeb.0 memcached module for php5
un php5-mhash (no description available)
ii php5-mysql 5.3.14-1~dotdeb.0 MySQL module for php5
un php5-mysqli (no description available)
ii php5-suhosin 5.3.14-1~dotdeb.0 suhosin module for php5
ii php5-xdebug 5.3.14-1~dotdeb.0 xdebug module for php5

Actually php5-memcache from dotdeb works fine for me. It’s php5-memcached (with the d at the end) that appears broken.
I am pretty interested in knowing about that php5dismod (I assume there is also a php5enmod) that has sneaked in from php 5.4. That’s a cool thing; is it php5.4-specific or could it be made available for the 5.3 crowd?

@Greg & mig5 : I silently updated the php5-memcached for PHP 5.3.14. I am now sure that they have nothing from the PHP 5.4 installation process. Could you please try to install those new packages and tell me if it fixes your issues?

Hi Guillaume,
It works great now! I tried to remove the package php5-memcached first and got the same error, so I just updated it and it works fine.
Thanks for your help, Microsoft could learn a lesson or two from you.
¡Viva Dotdeb!

Comments are closed.