The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP 5.2.10 Released!

Discussion in 'General Discussion' started by DReade83, Jun 19, 2009.

Thread Status:
Not open for further replies.
  1. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
  2. PlatinumServerM

    PlatinumServerM Well-Known Member
    PartnerNOC

    Joined:
    Jul 10, 2005
    Messages:
    397
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    New Jersey, USA
    cPanel Access Level:
    Root Administrator
  3. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Are there any updates on this? Just it's been nearly a week but despite there being security fixes, nothing has been added to EA3 yet.
     
  4. bctrainers

    bctrainers Member

    Joined:
    Jul 9, 2008
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I'm awaiting a response myself on this, would like to upgrade from 5.2.9 to 5.2.10. :)
     
  5. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    Same here :)
     
  6. BrianDHall

    BrianDHall Registered

    Joined:
    Jun 24, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    PCI Compliance issue

    Hi, I registered on the forums just to add my request to this as well. The lack of update to PHP 5.2.10 is a PCI Compliance violation according to the Approved Scanning Vendor, so anyone who needs to be PCI compliant will either need to manually build apache with the new PHP (which I would really like to avoid) or try to convince their processors/ASV that 'no, really, its not a big deal...it'll be patched within 30 days, surely...'.

    So much appreciation if this can be patched, even in the Edge version would at least provide an option other than DIY Apache.

    Thanks so much!

    -Brian
    Web Developer and System Administrator
     
  7. tristanperry

    tristanperry Member

    Joined:
    Nov 20, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Yes, any update on this?

    A full week without applying a security fix that also is necessary for PCI compliance seems pretty long?
     
  8. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    Any updates?
     
  9. tristanperry

    tristanperry Member

    Joined:
    Nov 20, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    I contacted cPanel customer service about this yesterday.

    They said that they have to test this a lot due to the various combinations etc, *however* there's a good possibility that PHP 5.2.10 will be released onto the test EasyApache branch within the next 24-48 hours (they said maybe sometime today, 25th June, although obviously with development numerous errors could delay that).

    So later today I'll run the EDGE build and try out the test EasyApache branch ("To use the test branch, on the first screen of EasyApache in WHM click on the small "Help" link at the top of the page. Then check the option "Use test branch" and click the submit button at the bottom of the screen.")
     
  10. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Shouldn't cPanel be telling their customers this themselves? I'm a bit surprised that a week after the release and it's still not available to us yet. Why?

    There are security fixes in this update - I hope they're setting aside their project work and working solely on getting PHP upgraded - because it feels like to me that's just not happening!
     
  11. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Update: Bug 9321 - PHP 5.2.10 Released

    However I'm a little confused regarding Kenneth's quick fix. Disabling Exif support isn't a workaround - what if the application you're running requires it? Surely that would break it??
     
  12. tristanperry

    tristanperry Member

    Joined:
    Nov 20, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    I'm just resigned to waiting this out at the moment.

    Annoyingly, I needed to become PCI compliant (well, get the scan certificate) yesterday. But all the scans now auto-fail you for running PHP 5.2.10. Doh!

    I'm just hoping that they get it on the test branch today :)
     
  13. Specks

    Specks Well-Known Member

    Joined:
    Jul 3, 2004
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Don't you mean that you're failed for not running 5.2.10? I'm getting failed for not running 5.2.10 and I needed to make the upgrade yesterday. My client is coming down on me to get this fixed.
     
  14. tristanperry

    tristanperry Member

    Joined:
    Nov 20, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Doh sorry, yes I meant to add a "not" in there :) ("For not running"..)
     
  15. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Only one security fix mentioned that I noticed.

    ■Security Fixes
    ■Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). (Pierre)

    PHP: PHP 5 ChangeLog


    Like a gallery? What harm will it cause to disable exif to get past PCI compliance?
     
  16. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Any update on this?
     
  17. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Oh good grief, we already upgraded all of our servers to 5.2.10 more than a week ago when the new PHP version was originally announced! :eek:

    (And this thread would be precisely the reason, that we manually compile PHP!)

    Incidentally, 5.2.10 is a minor update and seamlessly drop in replaceable
    to 5.2.9 without any troubles whatsoever and we even have SuHosin
    patch and module for 5.2.10 loaded in the new PHP already.

    For those who haven't compile PHP before, it's pretty straightforward ...

    1. wget the source (find link on php.net download site)

    2. unpack the archive you downloaded (tar zxvf php-5.2.10.tgz, etc)

    3. Run ./configure in your PHP source with whatever options you find
    in your current phpinfo() screen and whatever additional options
    you may want to append to that (See ./configure --help for a list).

    4. Run "make" to compile and then "make test" to test your build.

    5. Run "make install" to install

    That is pretty much the extent of it in a nutshell.
     
  18. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    For those who want to check if new version was already pushed:

    Code:
    /scripts/easyapache --latest-versions
     
  19. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Still says 5.2.9.

    Any update on this cPanel?
     
  20. DReade83

    DReade83 Well-Known Member

    Joined:
    Oct 20, 2006
    Messages:
    196
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cheshire, UK
    Still no word?!
     
Loading...
Thread Status:
Not open for further replies.

Share This Page