Posted by & filed under PHP.

The PHP Group released PHP 5.2.8 this morning to fix the magic_quotes_gpc issue.

If you previously installed PHP 5.2.7-0.dotdeb.1 from Dotdeb and do not care about the version number displayed in your phpinfo(), save your bandwidth, your server is already secure ๐Ÿ™‚ Otherwise, just apt-get upgrade your LAMPย stack…

[update] The packages have been upgraded toย 5.2.8-0.dotdeb.1ย to fix an issue about pcre & utf8.

46 Responses to “PHP 5.2.8 available [update]”

  1. badlllama

    It seems unicode support is turned off in the pcre build. I use Zend Lucene and am getting an Utf8Num analyzer needs PCRE unicode support to be enabled.
    Is there any easy way to correct this?

  2. AgentM

    Also have the same issue with preg_* and utf8. Worked fine until the latest release. Same problem as: http://bugs.php.net/bug.php?id=46800

    I verified that preg_*/utf8 works fine in dotdeb PHP 5.2.6-0, and does not work in 5.2.8-0.
    Testing using:
    $test = preg_match(‘/[\pL]+/ui’, ‘abc’);
    var_dump($test);

  3. code46

    Hello,

    it shows that pcre unicode support is turned off, it was working fine before build 5.2.7,
    any thoughts how to solve this?

    thanks

  4. AgentM

    Thanks a bunch! I upgraded and everything works fine now. I know I speak for everyone when I say we really appreciate it.

  5. Marco

    Since the upgrade (and the upgrade to the upgrade) I get segfaults with xcache enabled. It might be me behind the wheel that’s the problem, but it worked before the upgrades…. I need some handholding to debug further.

  6. Guillaume Plessis

    Are you using PHP extensions that does not come from Dotdeb, such as Zend Optimizer?
    Which extensions did you install?
    Could you please provide a phpinfo() or some more debugging info (strace…)

  7. Marco

    phpinfo here: http://kioskkiosk.com/di.php
    although note that right now I set xcache sizes to 0 to disable xcache (and it doesn’t segfault when disabled)….

    The installed extensions:
    dpkg-query -l php*|grep ii
    ii php5-cgi 5.2.8-0.dotdeb.1 server-side, HTML-embedded scripting languag
    ii php5-cli 5.2.8-0.dotdeb.1 command-line interpreter for the php5 script
    ii php5-common 5.2.8-0.dotdeb.1 Common files for packages built from the php
    ii php5-curl 5.2.8-0.dotdeb.1 CURL module for php5
    ii php5-dev 5.2.8-0.dotdeb.1 Files for PHP5 module development
    ii php5-gd 5.2.8-0.dotdeb.1 GD module for php5
    ii php5-imap 5.2.8-0.dotdeb.1 IMAP module for php5
    ii php5-mcrypt 5.2.8-0.dotdeb.1 MCrypt module for php5
    ii php5-mhash 5.2.8-0.dotdeb.1 MHASH module for php5
    ii php5-mysql 5.2.8-0.dotdeb.1 MySQL module for php5
    ii php5-pear 5.1.4-1.dotdeb.3 PEAR – PHP Extension and Application Reposit
    ii php5-xcache 5.2.8-0.dotdeb.1 xcache module for php5

  8. Mathijs

    I Have a problem setting the mbstring.func_overload value.

    It doesn’t work by setting it within the apache virtualhost config anymore. Is this a problem of dotdeb’s version?
    Thx

  9. Guillaume Plessis

    @Alex : This security issue has been fixed in november 2006, more than two years ago. The feature is still present, but is secure.

    Anyway, if you prefer to avoid the X-PHP-Script header added with the mail() function, set mail_extra_headers to Off in your php.ini.

  10. Pierre

    Hello,
    nice job, but can you make a package for phar extension of php.
    Thx

  11. Viktor

    Hello,

    I can not start eAccelerator 0.9.5.3.

    I have rebuild it but this is not work.

    Kind regards
    Viktor

  12. George

    PHP5.2.8.0 is broken for Debian Etch 4.0:

    The following packages have unmet dependencies.
    php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    Depends: php5-common (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    E: Broken packages

  13. Guillaume Plessis

    @George : Sorry, there is another problem with the Lenny PECL packages. I’ll fix it in a few minutes by uploading new packages. Sorry for this mess.

  14. Carsten

    I added your sources to my sources.list file (have currently etch with php-5.2.0-8″) and performed apt-get update and apt-get upgrade, but php was not updated, but have been kept back:

    host:~# apt-get upgrade
    Reading package lists… Done
    Building dependency tree… Done
    The following packages have been kept back:
    libapache2-mod-php5 mysql-server php5 php5-cli php5-common php5-curl php5-gd php5-imap php5-mcrypt php5-mysql
    php5-sqlite php5-xsl
    0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

    Does anybody have an idea how to solve this issue? If I type “apt-get install php5”, he says that dependencies could not be met:

    The following packages have unmet dependencies:
    php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed or
    libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
    php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
    Depends: php5-common (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed
    E: Broken packages

  15. Carsten

    Forget my last post. Of course, I have to add the sources with “etch” and not stable after Feb, 14th ๐Ÿ™‚

    Now everything worked perfectly. Thanks!

  16. Alessandro

    What about php 5.2.9, with all the security fixes? ๐Ÿ™‚

  17. dd

    you should add also apache2-mpm-itk to the dependences as alternative for apache2-mpm-prefork.

  18. Mario

    Hi Guillaume,

    unfortunately, the PHP 5.2.8-2 PHP-Pear Package does not work on ubuntu 8.0.4 – server. The pear command just downloads the tgz file, but does not initialize the installation process. Same thing for pecl.

    Can somebody double-check this? The original ubuntu 8.0.4 PHP 5.2.4 packs are working fine.

    Regards!
    Mario

  19. Guillaume Plessis

    @schpinn : I was skiing for the last few days, sorry for the delay ๐Ÿ™‚ PHP 5.2.9 will be available on Dotdeb in the next few hours…

  20. schpinn

    @Guillaume: Excellent, thanks, no problem for the delay.. Hope you had a nice time skiing :)..

  21. askmetoo

    Help me pliase to resolve…
    Thanks …
    apt-get -f install
    dpkg –configure -a

    apt-get update
    apt-get install
    apt-get upgrade
    apt-get dist-upgrade
    apt-get -f install

    apt-get autoclean
    apt-get clean

    apt-get upgrade
    Reading package lists… Done
    Building dependency tree… Done
    The following packages have been kept back:
    libapache2-mod-php5 libmysqlclient16 mysql-client-5.1 mysql-server-5.1
    php-pear php5 php5-cgi php5-cli php5-common php5-curl php5-gd php5-mysql
    0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

  22. Guillaume Plessis

    @askmetoo : as written in my post about Lenny, take care of the Dotdeb entries in your sources.list :

    It should refer to stable or lenny if you want to make the switch and take benefits from the brand new Debian distribution :

    deb http://your.mirror/ stable all
    deb-src http://your.mirror/ stable all

    It should refer to oldstable or etch if you want to stick to the good old Etch and to take your time to upgrade.

    deb http://your.mirror/ oldstable all
    deb-src http://your.mirror/ oldstable all

  23. Cesco

    I have PHP 5.2.4-2ubuntu5.7 with Suhosin-Patch 0.9.6.2 (cli) on Ubuntu 8.04.2, is it possible to add dotdeb repo and upgrade PHP5 ?
    I need to install x-php-script mail patch …
    Can i try other solution ?
    Thank you!

  24. Tixik.com

    PHP 5.2.8 with xcache 1.2.1 does not work – after 2 or 3 days it ends up with segmentation fault and serve reboot is needed. What a shame – speed improvement is really huge on high load machines…