The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP 5.2.1 Released

Discussion in 'General Discussion' started by Bulent Tekcan, Feb 9, 2007.

  1. Bulent Tekcan

    Bulent Tekcan Well-Known Member

    Joined:
    May 11, 2004
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    The PHP development team would like to announce the immediate availability of PHP 5.2.1 This release is a major stability and security enhancement of the 5.X branch, and all users are strongly encouraged to upgrade to it as soon as possible. Further details about this release can be found in the release announcement 5.2.1, the full list of changes is available in the ChangeLog PHP 5.

    Security Enhancements and Fixes in PHP 5.2.1:

    Fixed possible safe_mode & open_basedir bypasses inside the session extension.
    Prevent search engines from indexing the phpinfo() page.
    Fixed a number of input processing bugs inside the filter extension.
    Fixed unserialize() abuse on 64 bit systems with certain input strings.
    Fixed possible overflows and stack corruptions in the session extension.
    Fixed an underflow inside the internal sapi_header_op() function.
    Fixed allocation bugs caused by attempts to allocate negative values in some code paths.
    Fixed possible stack overflows inside zip, imap & sqlite extensions.
    Fixed several possible buffer overflows inside the stream filters.
    Fixed non-validated resource destruction inside the shmop extension.
    Fixed a possible overflow in the str_replace() function.
    Fixed possible clobbering of super-globals in several code paths.
    Fixed a possible information disclosure inside the wddx extension.
    Fixed a possible string format vulnerability in *print() functions on 64 bit systems.
    Fixed a possible buffer overflow inside mail() and ibase_{delete,add,modify}_user() functions.
    Fixed a string format vulnerability inside the odbc_result_all() function.
    Memory limit is now enabled by default.
    Added internal heap protection.
    Extended filter extension support for $_SERVER in CGI and apache2 SAPIs.
    The majority of the security vulnerabilities discovered and resolved can in most cases be only abused by local users and cannot be triggered remotely. However, some of the above issues can be triggered remotely in certain situations, or exploited by malicious local users on shared hosting setups utilizing PHP as an Apache module. Therefore, we strongly advise all users of PHP, regardless of the version to upgrade to 5.2.1 release as soon as possible. PHP 4.4.5 with equivalent security corrections will be available shortly.

    For users upgrading from PHP 5.0 and PHP 5.1, an upgrade guide is available here, detailing the changes between those releases and PHP 5.2.1.
     
  2. viptexting

    viptexting Well-Known Member

    Joined:
    Sep 19, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    And still no cPanel support ;)
     
  3. fusioncroc

    fusioncroc Well-Known Member

    Joined:
    Sep 28, 2004
    Messages:
    261
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    U.K.
    I just compile PHP my self now, a lot faster than waiting on other people :)
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Viptexting, PHP is one of those things that you don't need to wait for Cpanel to add
    because manually upgrading PHP is brainlessly easy and actually is much easier to
    do it yourself than do it with Cpanel's easyapache or easyphp scripts.
     
  5. gundamz

    gundamz Well-Known Member

    Joined:
    Mar 27, 2002
    Messages:
    245
    Likes Received:
    0
    Trophy Points:
    16
    we don't have to wait for cpanel to release it's own php5 ?

    will it break the system if we compile using the source at php.net?
     
  6. viptexting

    viptexting Well-Known Member

    Joined:
    Sep 19, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    Oh yer I'm well aware of that, but when I've got several production servers that use PHP it's less time consuming to wait and click upgrade apache, load previous config then tick the correct PHP box and the go button :)

    cPanel usually have the latest PHP versions added to easyapache within a few days anyway, we have to wait on Zend Platform updates which are a bit slow!
     
  7. MN-Robert

    MN-Robert Well-Known Member

    Joined:
    Feb 19, 2003
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    While we do our own upgrades, and this is very much the case please note cpanel will not assist you in any way with their control panel or any other software that cpanel installs if your running anything custom ie PHP
     
  8. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Are you insane? That takes at least 10 times the time to upgrade than just simply
    compiling yourself which only takes a few seconds and is simple enough that it
    can even be totally automated by cronjob (as we do).

    Don't make me laugh! 99 times out of 100, I know what's wrong when Cpanel support staff doesn't and I generally
    have things resolved in a matter of seconds while they continue to work on the same issue for weeks or even months.

    Thanks but no thanks .... not interested in "cpanel support". ;)
     
    #8 Spiral, Feb 11, 2007
    Last edited: Feb 11, 2007
  9. Nhojohl

    Nhojohl Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    How-to: update PHP (5.x.x => 5.2.1)

    Download PHP 5.2.1 and put it on your server...

    # tar -xfvz php-5.2.1.tar.gz
    # cd php-5.2.1

    Open a PHP Info page on your server and copy the Configure Command box..

    Past it in SSH and hit enter... When it's done, do:

    # make
    # make install
    # service httpd restart


    I followed these exact steps to do 5.2.0 => 5.2.1 and it worked well. The only thing I had to do was get rid of xCache to get apache to start.
     
  10. Bulent Tekcan

    Bulent Tekcan Well-Known Member

    Joined:
    May 11, 2004
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    Still wait cpanel update....
     
  11. BamaStangGuy

    BamaStangGuy Member

    Joined:
    Feb 15, 2007
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    As do I..........
     
  12. gdns

    gdns Active Member

    Joined:
    Feb 12, 2007
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    so does many of us.
     
  13. Fernis

    Fernis Well-Known Member

    Joined:
    Oct 28, 2006
    Messages:
    192
    Likes Received:
    1
    Trophy Points:
    18
    Is eAccelerator compatible with 5.2.1?
     
  14. allanh

    allanh Member

    Joined:
    May 22, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    yes , eccelerator is compatible with php 5.2.1
     
Loading...

Share This Page