The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Php 5.2.7

Discussion in 'General Discussion' started by DjiXas, Dec 5, 2008.

  1. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    When can we expect it on easyapache?
     
  2. Ivan A

    Ivan A Well-Known Member

    Joined:
    Mar 7, 2007
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
  3. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
  4. TopOTheMorning

    TopOTheMorning Registered

    Joined:
    Sep 8, 2007
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    There are a number of very important security fixes in PHP 5.2.7, so hopefully we'll see it soon.
     
  5. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    If I'm right, it will be ready tomorrow or one day after.
     
  6. Henrik

    Henrik Member

    Joined:
    Feb 1, 2008
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sweden
    I think it just was set to "in progress" status :)
     
  7. rrwh

    rrwh Well-Known Member

    Joined:
    Oct 2, 2004
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    With the following on the 5.2.7 release page at php.net...

    Code:
    Due to unfortunate regressions installing 5.2.7 is highly discouraged
    ... I am a little confused as to the rush.

    Yes, it might introduce several security fixes, but it also introduces a known regression problem that needs a specific entry into the php.ini file.

    Now, for those who run suphp / suEXEC and happen to have php.ini files in user directories for any reason then "rushing" into this release and finding all the php.ini files on a system and adding the recommended config to the file is a fair bit f work - especially when it comes to the next upgrade and then going and subsequently stripping out the php.ini "fix" for this known problem.

    Do it once, do it right or do it wrong and do it often.....
     
  8. Henrik

    Henrik Member

    Joined:
    Feb 1, 2008
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sweden
    The bug in 5.2.7 can be worked around with a setting in php.ini apparently.

    Beside: There is absolutely nothing wrong with having security fixes pushed out as fast as possible, even if it in this case was a new bug presented with the release.

    Sometimes it can be wise to wait with updates if they are not security related. The latest MySQL release is such a case.
     
  9. TopOTheMorning

    TopOTheMorning Registered

    Joined:
    Sep 8, 2007
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    It looks like PHP 5.2.7, while patching a number of critical security holes, is itself broken in a potentially big way.

    http://www.suspekt.org/2008/12/07/php-527-beware-magic_quotes_gpc-broken/

    According to that source:
    So it looks like we won't have long to wait for PHP 5.2.8, at least.
     
  10. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    Irony. They've released like 6 or 5 release candidates and delayed it to make sure there are no bugs left...
     
  11. whplus

    whplus Well-Known Member

    Joined:
    Dec 8, 2007
    Messages:
    66
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Behind your business
    From http://php.net
    Susan,
     
  12. Ivan A

    Ivan A Well-Known Member

    Joined:
    Mar 7, 2007
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    PHP 5.2.8 Released

    PHP 5.2.8 Released!
    [08-Dec-2008]
    The PHP development team would like to announce the immediate availability of PHP 5.2.8. This release addresses a regression introduced by 5.2.7 inregard to the magic_quotes functionality, that was broken by an incorrect fix to the filter extension. All users who have upgraded to 5.2.7 are encouraged to upgrade to this release, alternatively you can apply a work-around for the bug by changing "filter.default_flags=0" in php.ini.


    Bug: 8277
    http://bugzilla.cpanel.net/show_bug.cgi?id=8277
     
    #12 Ivan A, Dec 8, 2008
    Last edited: Dec 8, 2008
  13. merlinpa1969

    merlinpa1969 Well-Known Member

    Joined:
    Dec 3, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    PA
    cPanel Access Level:
    Root Administrator
    Security Metrics is already screaming about php 5.2.8

    Solution: Upgrade to PHP version 5.2.8 or later. Note that 5.2.7 was been removed from distribution because of a regression in that version that results in the 'magic_quotes_gpc' setting remaining off even if it was set to on.
     
  14. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    By that you mean screaming how bad it is or how urgent you require to run php upgrade?

    EasyApache now has 5.2.8 by the way
     
Loading...

Share This Page