The PHP Group released PHP 5.2.8 this morning to fix the magic_quotes_gpc issue.
If you previously installed PHP 5.2.7-0.dotdeb.1 from Dotdeb and do not care about the version number displayed in your phpinfo(), save your bandwidth, your server is already secure ๐ Otherwise, just apt-get upgrade your LAMPย stack…
[update] The packages have been upgraded toย 5.2.8-0.dotdeb.1ย to fix an issue about pcre & utf8.
46 replies on “PHP 5.2.8 available [update]”
You are really fast, very good, thank you!
big thx for this next great release
It seems unicode support is turned off in the pcre build. I use Zend Lucene and am getting an Utf8Num analyzer needs PCRE unicode support to be enabled.
Is there any easy way to correct this?
Same preg_replace + utf8 problem here ๐
@badlllama @acid : Did it happen with previous packages from Dotdeb? Which version did work for you?
Guillaume Plessis, everything worked fine till this release
@Guillaume It worked up until this upgrade.
Also have the same issue with preg_* and utf8. Worked fine until the latest release. Same problem as: http://bugs.php.net/bug.php?id=46800
I verified that preg_*/utf8 works fine in dotdeb PHP 5.2.6-0, and does not work in 5.2.8-0.
Testing using:
$test = preg_match(‘/[\pL]+/ui’, ‘abc’);
var_dump($test);
Hello,
it shows that pcre unicode support is turned off, it was working fine before build 5.2.7,
any thoughts how to solve this?
thanks
I’m working on it, I just have some problem to reproduce the bug. I will provide updated packages this week-end.
@Guillaume, thanks a lot!
the new 5.2.8-0.dotdeb.1 packages should fix the issue. Please upgrade!
Thanks a bunch! I upgraded and everything works fine now. I know I speak for everyone when I say we really appreciate it.
great job, works perfectly, we really appreciate it. Thanks a lot!
Since the upgrade (and the upgrade to the upgrade) I get segfaults with xcache enabled. It might be me behind the wheel that’s the problem, but it worked before the upgrades…. I need some handholding to debug further.
Are you using PHP extensions that does not come from Dotdeb, such as Zend Optimizer?
Which extensions did you install?
Could you please provide a phpinfo() or some more debugging info (strace…)
phpinfo here: http://kioskkiosk.com/di.php
although note that right now I set xcache sizes to 0 to disable xcache (and it doesn’t segfault when disabled)….
The installed extensions:
dpkg-query -l php*|grep ii
ii php5-cgi 5.2.8-0.dotdeb.1 server-side, HTML-embedded scripting languag
ii php5-cli 5.2.8-0.dotdeb.1 command-line interpreter for the php5 script
ii php5-common 5.2.8-0.dotdeb.1 Common files for packages built from the php
ii php5-curl 5.2.8-0.dotdeb.1 CURL module for php5
ii php5-dev 5.2.8-0.dotdeb.1 Files for PHP5 module development
ii php5-gd 5.2.8-0.dotdeb.1 GD module for php5
ii php5-imap 5.2.8-0.dotdeb.1 IMAP module for php5
ii php5-mcrypt 5.2.8-0.dotdeb.1 MCrypt module for php5
ii php5-mhash 5.2.8-0.dotdeb.1 MHASH module for php5
ii php5-mysql 5.2.8-0.dotdeb.1 MySQL module for php5
ii php5-pear 5.1.4-1.dotdeb.3 PEAR – PHP Extension and Application Reposit
ii php5-xcache 5.2.8-0.dotdeb.1 xcache module for php5
I Have a problem setting the mbstring.func_overload value.
It doesn’t work by setting it within the apache virtualhost config anymore. Is this a problem of dotdeb’s version?
Thx
I just updated and realised that the mail() function adds the X-PHP-Script header to emails.
As discussed in http://www.hardened-php.net/advisory_142006.139.html it’s a security vunerability.
Will this be fixed sometime?
@Alex : This security issue has been fixed in november 2006, more than two years ago. The feature is still present, but is secure.
Anyway, if you prefer to avoid the X-PHP-Script header added with the mail() function, set mail_extra_headers to Off in your php.ini.
Hello,
nice job, but can you make a package for phar extension of php.
Thx
@Guillaume Thanks!
Hello,
I can not start eAccelerator 0.9.5.3.
I have rebuild it but this is not work.
Kind regards
Viktor
@Pierre : Phar will be available by default in my PHP >=5.3.0 packages. Waiting this, you can package phar using this tutorial : http://www.dotdeb.org/2008/09/25/how-to-package-php-extensions-by-yourself/
@Viktor : please ensure that eAccelerator os full compatible with PHP 5.2.8 and package it with this method : http://www.dotdeb.org/2008/09/25/how-to-package-php-extensions-by-yourself/
All should work fine.
PHP5.2.8.0 is broken for Debian Etch 4.0:
The following packages have unmet dependencies.
php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
Depends: php5-common (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
E: Broken packages
@George : as Lenny is now stable and Etch oldstable, please update your sources.list :
deb http://packages.dotdeb.org oldstable all
@George : Sorry, there is another problem with the Lenny PECL packages. I’ll fix it in a few minutes by uploading new packages. Sorry for this mess.
I added your sources to my sources.list file (have currently etch with php-5.2.0-8″) and performed apt-get update and apt-get upgrade, but php was not updated, but have been kept back:
host:~# apt-get upgrade
Reading package lists… Done
Building dependency tree… Done
The following packages have been kept back:
libapache2-mod-php5 mysql-server php5 php5-cli php5-common php5-curl php5-gd php5-imap php5-mcrypt php5-mysql
php5-sqlite php5-xsl
0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.
Does anybody have an idea how to solve this issue? If I type “apt-get install php5”, he says that dependencies could not be met:
The following packages have unmet dependencies:
php5: Depends: libapache2-mod-php5 (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed or
libapache2-mod-php5filter (>= 5.2.8-0.dotdeb.2) but it is not going to be installed or
php5-cgi (>= 5.2.8-0.dotdeb.2) but it is not going to be installed
Depends: php5-common (>= 5.2.8-0.dotdeb.2) but 5.2.0-8+etch13 is to be installed
E: Broken packages
@Carsten :
Etch = oldstable , Lenny = stable
Please take care about the Dotdeb sources.list entry. If you’re using Etch, it should be :
deb http://packages.dotdeb.org oldstable all
I’ll post a note about the Etch/Lenny switch very soon.
Forget my last post. Of course, I have to add the sources with “etch” and not stable after Feb, 14th ๐
Now everything worked perfectly. Thanks!
What about php 5.2.9, with all the security fixes? ๐
@Allessandro : PHP 5.2.9 will be packaged as soon as the suhosin patch is available : http://www.hardened-php.net/suhosin/download.html
you should add also apache2-mpm-itk to the dependences as alternative for apache2-mpm-prefork.
Hi Guillaume,
unfortunately, the PHP 5.2.8-2 PHP-Pear Package does not work on ubuntu 8.0.4 – server. The pear command just downloads the tgz file, but does not initialize the installation process. Same thing for pecl.
Can somebody double-check this? The original ubuntu 8.0.4 PHP 5.2.4 packs are working fine.
Regards!
Mario
Suhosin patch for PHP 5.2.9 is available :)..
Upgrade php5-dev to 5.2.8
then make clean, ./configure make install
๐
@dd : apache2-mpm-itk is an alternative dependency to apache2-mpm-prefork in the PHP5 Dotdeb packages. No problem.
@Mario : Dotdeb is built for Debian Etch or Lenny. Ubuntu is not officially supported. Sorry.
@schpinn : I was skiing for the last few days, sorry for the delay ๐ PHP 5.2.9 will be available on Dotdeb in the next few hours…
@Guillaume: Excellent, thanks, no problem for the delay.. Hope you had a nice time skiing :)..
Help me pliase to resolve…
Thanks …
apt-get -f install
dpkg –configure -a
apt-get update
apt-get install
apt-get upgrade
apt-get dist-upgrade
apt-get -f install
apt-get autoclean
apt-get clean
apt-get upgrade
Reading package lists… Done
Building dependency tree… Done
The following packages have been kept back:
libapache2-mod-php5 libmysqlclient16 mysql-client-5.1 mysql-server-5.1
php-pear php5 php5-cgi php5-cli php5-common php5-curl php5-gd php5-mysql
0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.
@askmetoo : as written in my post about Lenny, take care of the Dotdeb entries in your sources.list :
It should refer to stable or lenny if you want to make the switch and take benefits from the brand new Debian distribution :
deb http://your.mirror/ stable all
deb-src http://your.mirror/ stable all
It should refer to oldstable or etch if you want to stick to the good old Etch and to take your time to upgrade.
deb http://your.mirror/ oldstable all
deb-src http://your.mirror/ oldstable all
I am use Debian 4 (not lenny)
Thanks, Now all fine!
I have PHP 5.2.4-2ubuntu5.7 with Suhosin-Patch 0.9.6.2 (cli) on Ubuntu 8.04.2, is it possible to add dotdeb repo and upgrade PHP5 ?
I need to install x-php-script mail patch …
Can i try other solution ?
Thank you!
PHP 5.2.8 with xcache 1.2.1 does not work – after 2 or 3 days it ends up with segmentation fault and serve reboot is needed. What a shame – speed improvement is really huge on high load machines…
@Tixik.com : please consider upgrading to PHP 5.2.14 or PHP 5.3.3. 5.2.8 suffers from some bugs and security issues.