PHP 5.2.4 Released

S

Sc0uT

Verified User
Joined
Feb 14, 2006
Messages
38
Location
Bosnia and Herzegovina
The PHP development team would like to announce the immediate availability of PHP 5.2.4. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.4
- ----------------------------------------------------------------
* Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson)
* Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson)
* Fixed size calculation in chunk_split() (Reported by Gerhard Wagner)
* Fixed integer overflow in str[c]spn(). (Reported by Stanislav Malyshev)
* Fixed money_format() not to accept multiple %i or %n tokens. (Reported by Stanislav Malyshev)
* Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)
* Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Stanislav Malyshev)
* Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz)
* Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai)
* Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com)
* Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk)
* Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)
* Improved fix for MOPB-03-2007.
* Corrected fix for CVE-2007-2872.


The Key Improvements of PHP 5.2.4 Include
- ------------------------------------------------------------

* Upgraded PCRE to version 7.2
* Added persistent connection status checker to pdo_pgsql.
* Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client libraries.
* Fixed bug #41831 (pdo_sqlite prepared statements convert resources to strings).
* Fixed bug #41770 (SSL: fatal protocol error due to buffer issues)
* Fixed bug #41713 (Persistent memory consumption on win32 since 5.2)

For users upgrading from PHP 5.0 and PHP 5.1, an upgrade guide is
available here (http://www.php.net/migration52), detailing the
changes between those releases and PHP 5.2.4.

For a full list of changes in PHP 5.2.4, see the ChangeLog (http://
www.php.net/ChangeLog-5.php#5.2.4).

Ilia Alshanetsky
5.2 Release Master
 
Thanks, I've updated it now. Doesn't seem to fix the path_info though like it said it would.
 
Just looked, PHP5_VER is set to 5.2.3, it will be changed to 5.2.4 soon, you can do:
Code: 
cd /usr/local/directadmin/custombuild
perl -pi -e 's/5.2.3/5.2.4/' build
./build update_data
./build php n
 
smtalk said:
Just looked, PHP5_VER is set to 5.2.3, it will be changed to 5.2.4 soon, you can do:
Code: 
cd /usr/local/directadmin/custombuild
perl -pi -e 's/5.2.3/5.2.4/' build
./build update_data
./build php n
Click to expand...

configure: error: Please reinstall the iconv library.

*** There was an error while trying to configure php. Check the configure/ap2/configure.php5 file

how to fix?
 
Last edited:
Code: 
./build iconv

And it's recommended to use "./build all" for the first time, and not "./build php".
 
solution

/build php_ap2 n this didnt work also because i use Apache 2.

What i did to make it work is the following:


1. cd /usr/local/directadmin/customapache

2. Download PHP 5.2.4: wget http://files.directadmin.com/services/customapache/php-5.2.4.tar.gz

3. Edit the 'build' file: nano build
change: PHP_VER=5.2.x to PHP_VER=5.2.4

4. ./build clean

5. Apache 1.x = ./build php n
Apache 2.x = ./build php_ap2 n

This worked for me only i dont know if this is the official way to do it by DirectAdmin support? Maybe they can answer on this post.
 
Samplex said:
/build php_ap2 n this didnt work also because i use Apache 2.

What i did to make it work is the following:


1. cd /usr/local/directadmin/customapache

2. Download PHP 5.2.4: wget http://files.directadmin.com/services/customapache/php-5.2.4.tar.gz

3. Edit the 'build' file: nano build
change: PHP_VER=5.2.x to PHP_VER=5.2.4

4. ./build clean

5. Apache 1.x = ./build php n
Apache 2.x = ./build php_ap2 n

This worked for me only i dont know if this is the official way to do it by DirectAdmin support? Maybe they can answer on this post.
Click to expand...

is it all necessary to ONLY UPDATE php5.2.2 to 5.2.4?? or should I do something less/more?

thanks in advance

BR
YacentY

ps. I've got:
Code: 
Installing PHP SAPI module:       apache2handler
/var/www/build/instdso.sh SH_LIBTOOL='/var/www/build/libtool' libphp5.la /usr/lib/apache
/var/www/build/libtool --mode=install cp libphp5.la /usr/lib/apache/
cp .libs/libphp5.so /usr/lib/apache/libphp5.so
cp .libs/libphp5.lai /usr/lib/apache/libphp5.la
libtool: install: warning: remember to run `libtool --finish /usr/local/directadmin/customapache/php-5.2.4/libs'
chmod 755 /usr/lib/apache/libphp5.so
[activating module `php5' in /etc/httpd/conf/httpd.conf]
Installing PHP CLI binary:        /usr/local/bin/
Installing PHP CLI man page:      /usr/local/man/man1/
Installing build environment:     /usr/local/lib/php/build/
Installing header files:          /usr/local/include/php/
Installing helper programs:       /usr/local/bin/
  program: phpize
  program: php-config
Installing man pages:             /usr/local/man/man1/
  page: phpize.1
  page: php-config.1
Installing PEAR environment:      /usr/local/lib/php/
make[1]: *** [install-pear-installer] Error 254
make: *** [install-pear] Error 2

what is going wrong?

I've found such thing:
Code: 
Thank you for using PHP.

Notice: Following unknown configure options were used:

--with-curl-dir=/usr/local/lib
--with-gd-dir=/usr/local/lib
--with-xml
--with-zip
--enable-track-vars
--enable-memory-limit

Check './configure --help' for available options
 
Last edited:
yacenty said:
is it all necessary to ONLY UPDATE php5.2.2 to 5.2.4?? or should I do something less/more?

thanks in advance

BR
YacentY

ps. I've got:
Code: 
Installing PHP SAPI module:       apache2handler
/var/www/build/instdso.sh SH_LIBTOOL='/var/www/build/libtool' libphp5.la /usr/lib/apache
/var/www/build/libtool --mode=install cp libphp5.la /usr/lib/apache/
cp .libs/libphp5.so /usr/lib/apache/libphp5.so
cp .libs/libphp5.lai /usr/lib/apache/libphp5.la
libtool: install: warning: remember to run `libtool --finish /usr/local/directadmin/customapache/php-5.2.4/libs'
chmod 755 /usr/lib/apache/libphp5.so
[activating module `php5' in /etc/httpd/conf/httpd.conf]
Installing PHP CLI binary:        /usr/local/bin/
Installing PHP CLI man page:      /usr/local/man/man1/
Installing build environment:     /usr/local/lib/php/build/
Installing header files:          /usr/local/include/php/
Installing helper programs:       /usr/local/bin/
  program: phpize
  program: php-config
Installing man pages:             /usr/local/man/man1/
  page: phpize.1
  page: php-config.1
Installing PEAR environment:      /usr/local/lib/php/
make[1]: *** [install-pear-installer] Error 254
make: *** [install-pear] Error 2

what is going wrong?

I've found such thing:
Code: 
Thank you for using PHP.

Notice: Following unknown configure options were used:

--with-curl-dir=/usr/local/lib
--with-gd-dir=/usr/local/lib
--with-xml
--with-zip
--enable-track-vars
--enable-memory-limit

Check './configure --help' for available options
Click to expand...
New configure script:

./configure \
--with-apxs \
--enable-force-cgi-redirect \
--with-curl \
--with-gd \
--with-freetype-dir=/usr/local/lib \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-kerberos \
--with-iconv \
--with-mcrypt \
--with-mhash \
--with-mysql=/usr \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--with-zlib-dir=/usr/local/lib \
--with-openssl \
--enable-zip \
--enable-bcmath \
--enable-calendar \
--enable-ftp \
--enable-magic-quotes \
--enable-sockets \
--enable-mbstring

----------------------------------------

--with-curl-dir=/usr/local/lib => --with-curl
--with-gd-dir=/usr/local/lib => --with-gd
--with-xml => --with-libxml-dir=/usr/local/lib
--with-zip => --enable-zip
--enable-track-vars => php 5.2.4 track-vars is always enabled (--enable-track-vars removed)
--enable-memory-limit => php 5.2.4 memory-limit is always enabled (--enable-memory-limit removed)
 
Last edited:
why this script wasn't updated in custombuild?
why other people haven't complain on it?
I will check it little bit later

unfortunately 0 there is still sth wrong:

Code: 
checking for png_write_image in -lpng... yes
If configure fails try --with-xpm-dir=<DIR>
configure: error: freetype.h not found.

*** There was an error while trying to configure php. Check the configure.php file
any hint?
 
Last edited:
yacenty said:
why this script wasn't updated in custombuild?
why other people haven't complain on it?
I will check it little bit later

unfortunately 0 there is still sth wrong:

Code: 
checking for png_write_image in -lpng... yes
If configure fails try --with-xpm-dir=<DIR>
configure: error: freetype.h not found.

*** There was an error while trying to configure php. Check the configure.php file
any hint?
Click to expand...

1. http://directadmin.com/forum/showthread.php?t=12099
2. ssh run the file: "./update.script FREETYPE"
3. install php 5.2.4
 
it compiles with Your hint, but at the end I get still the same error
Code: 
[activating module `php5' in /etc/httpd/conf/httpd.conf]
Installing PHP CLI binary:        /usr/local/bin/
Installing PHP CLI man page:      /usr/local/man/man1/
Installing build environment:     /usr/local/lib/php/build/
Installing header files:          /usr/local/include/php/
Installing helper programs:       /usr/local/bin/
  program: phpize
  program: php-config
Installing man pages:             /usr/local/man/man1/
  page: phpize.1
  page: php-config.1
Installing PEAR environment:      /usr/local/lib/php/
make[1]: *** [install-pear-installer] Error 254
make: *** [install-pear] Error 2
 
ok freetype is ok now, but the problem is with PEAR as I guess
everything is compiling but the problem is at the end of installation

thats crazy for me
 
yacenty said:
it compiles with Your hint, but at the end I get still the same error
Code: 
[activating module `php5' in /etc/httpd/conf/httpd.conf]
Installing PHP CLI binary:        /usr/local/bin/
Installing PHP CLI man page:      /usr/local/man/man1/
Installing build environment:     /usr/local/lib/php/build/
Installing header files:          /usr/local/include/php/
Installing helper programs:       /usr/local/bin/
  program: phpize
  program: php-config
Installing man pages:             /usr/local/man/man1/
  page: phpize.1
  page: php-config.1
Installing PEAR environment:      /usr/local/lib/php/
make[1]: *** [install-pear-installer] Error 254
make: *** [install-pear] Error 2
Click to expand...

No "PHP Fatal error" at all? What's in your compilation logs? (you can find them in PHP 5.2.4 folder)
 
You must log in or register to reply here.
Back
Top