The PHP development team released a new version of the 5.3.x release. Before you upgrade to a 5.3.x release on a production machine, please check if all PHP based apps are supporting 5.3.x as there are some compatibility problems and you might get some strange results. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. This version introduces a new incompatible change with older versions of 5.3.x which affect the use of namespaces.

During compilations tests I’ve discovered some problems which made it impossible to use it with the mysqli module. The error you would get is:

In file included from /Users/richard/php-5.3.3/ext/mysqli/php_mysqli_structs.h:57,
from /Users/richard/php-5.3.3/ext/mysqli/mysqli.c:33:
/usr/local/mysql/include/mysql/my_global.h:1008: error: duplicate ‘unsigned’
/usr/local/mysql/include/mysql/my_global.h:1008: warning: useless type name in empty declaration
make: *** [ext/mysqli/mysqli.lo] Error 1

I’d twittered about it and got a prompt response from Rasmus Lerdorf with a patch which resolves the problem. if you apply the patch before compiling everything will be fine. I would expect that the people at PHP will release an update within a few days.

The problems, bugs and security enhancements which were introduced in 5.3.3 you can read about them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

The PHP development team have released PHP 5.2.14. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. All users of the PHP 5.2.x branch are encouraged to upgrade to this release. I’ve tested this on my test servers and it works without a problem. The biggest security enhancements and fixes in PHP 5.2.14 are:

Security Enhancements and Fixes in PHP 5.2.14:

• Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs.
• Fixed a possible interruption array leak in strrchr().(CVE-2010-2484)
• Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim().
• Fixed a possible memory corruption in substr_replace().
• Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
• Fixed a possible stack exaustion inside fnmatch().
• Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288).
• Fixed handling of session variable serialization on certain prefix characters.
• Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski.

Key enhancements in PHP 5.2.14 include:

• Upgraded bundled PCRE to version 8.02.
• Updated timezone database to version 2010.5.
• Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
• Fixed bug #52237 (Crash when passing the reference of the property of a non-object).
• Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function).
• Fixed bug #51822 (Segfault with strange __destruct() for static class variables).
• Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory issues).
• Fixed bug #49267 (Linking fails for iconv on MacOS: “Undefined symbols: _libiconv”).

For a full list of changes in PHP 5.2.14 see the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

Sorry, I missed this completely. The PHP announcement mailing list isn’t as reliable as I would like to have seen.

The PHP team released 5.2.13 on the 25th of feb 2010 as a security release. Some of the bigger items where:

• Fixed safe_mode validation inside tempnam() when the directory path does not end with a /).
• Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak.
• Improved LCG entropy.

Read everything on this release in the 5.2.13 Release notes. I’ve tested it on one of my test machines without any issues.

The other release was 5.3.2 on the 4th of march 2010 as a regular maintenance release. It includes the fixes from 5.2.13 as described above. Read the 5.3.2 Release notes for everything that is covered in this release. Again tested this on one of my test machines without any problem.

For instructions on how to upgrade your PHP installation please read: Upgrading PHP.

The PHP development team have released PHP 5.2.12. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release. The security enhancements and fixes in PHP 5.2.12 are:

• Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
• Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
• Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia)
• Added protection for $_SESSION from interrupt corruption and improved “session.save_path” check, identified by Stefan Esser. (CVE-2009-4143, Stas)
• Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

For instructions on how to upgrade PHP please read: Upgrading PHP.

This is a small write-up of the installation I was asked to do for a client on his mini with OS X Server (Leopard). It took me a while to get this working because of the various issiues that I encountered and while googling for a sollution found that there are many people looking for an answer, hence the write-up. Please note that these instructions are not part of the normal documentation set, these instructions only work on OS X Server Leopard and not on the regular OS X Workstation.

First make a copy of the original php module for safekeeping:

sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.apple

Then we need to make some preparations. First of them is get the MySQL include source files and the client libraries as documented in this knowledge base article. Remeber this is only tested on 10.5.x of OS X Server.

Please download http://www.opensource.apple.com/darwinsource/other/MySQL-49.binaries.tar.gz

Unpack and copy the following directories using the following commands:

tar -zxvf MySQL-49.binaries.tar.gz
cd usr/include/
sudo cp -R usr/include/mysql /usr/include/
sudo cp -R usr/lib/mysql /usr/lib/

Next we need to get the iconv library and compile it to get it properly working with PHP. The default iconv library on OS X gives linking errors. You can download it from: http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz and unpack it.

Use the following commands to compile and install it:

export MACOSX_DEPLOYMENT_TARGET=10.6 \
CFLAGS=”-arch x86_64″ \
CXXFLAGS=”-arch x86_64″
./configure –prefix=/usr/local
 
make
 
sudo make install

Next download the source code for the JPEG library from the Freshmeat libjpeg project. I’ve used the source file jpegsrc.v7.tar.gz.

First unpack the source code and then go into the folder “jpeg-7″ for the source and execute the following commands:

cp /usr/share/libtool/config.sub .
cp /usr/share/libtool/config.guess .

Which will copy these files to the current directory. They are required for the configuration fase of this installation.

export MACOSX_DEPLOYMENT_TARGET=10.6
CFLAGS="-arch x86_64" \
CXXFLAGS="-arch x86_64" \
LDFLAGS="-arch x86_64" \
./configure --enable-shared
 
make
 
sudo make install

Next download PHP version 5.2.11 (this is the version installed on OS X Server 10.5.x) unpack it and use the following commands to configure, compile and install it:

export MACOSX_DEPLOYMENT_TARGET=10.6 \
CFLAGS=”-arch x86_64″ \
CXXFLAGS=”-arch x86_64″
./configure –prefix=/usr \
  --mandir=/usr/share/man \
  --infodir=/usr/share/info \
  --disable-dependency-tracking \
  --with-apxs2=/usr/sbin/apxs \
  --with-ldap=/usr \
  --with-kerberos=/usr \
  --enable-cli \
  --with-zlib-dir=/usr \
  --enable-trans-sid \
  --with-xml \
  --enable-exif \
  --enable-ftp \
  --enable-mbstring \
  --enable-mbregex \
  --enable-dbx \
  --enable-sockets \
  --with-iodbc=/usr \
  --with-curl=/usr \
  --with-config-file-path=/etc \
  --sysconfdir=/private/etc \
  --with-openssl \
  --with-xmlrpc \
  --with-xsl=/usr \
  --with-mysql-sock=/var/mysql \
  --with-mysqli=/usr/bin/mysql_config \
  --with-mysql=/usr \
  --with-gd \
  --with-jpeg-dir=/usr/local/lib \
  --with-png-dir=/usr/X11R6 \
  --with-freetype-dir=/usr/X11R6 \
  --with-xpm-dir=/usr/X11R6 \
  --with-iconv=/usr/local \
  --without-pear

Next do not start compiling but we need to edit the Makefile.

Find the line that starts with:

GDLIB_CFLAGS =

and add at the end of the line:

-arch x86_64

The nfind the line that starts with:

EXTRA_LIBS =

and add at the end of this multiline:

-lresolv

Next replace the line:

$(CC) $(MH_BUNDLE_FLAGS) $(CFLAGS_CLEAN) $(EXTRA_CFLAGS) $(LDFLAGS) $(EXTRA_LDFLAGS) $(PHP_GLOBAL_OBJS:.lo=.o) $(PHP_SAPI_OBJS:.lo=.o) $(PHP_FRAMEWORKS) $(EXTRA_LIBS) $(ZEND_EXTRA_LIBS) -o $@ && cp $@ libs/libphp$(PHP_MAJOR_VERSION).so

with:

$(CC) $(CFLAGS_CLEAN) $(EXTRA_CFLAGS) $(LDFLAGS) $(EXTRA_LDFLAGS) $(PHP_GLOBAL_OBJS:.lo=.o) $(PHP_SAPI_OBJS:.lo=.o) $(PHP_FRAMEWORKS) $(EXTRA_LIBS) $(ZEND_EXTRA_LIBS) $(MH_BUNDLE_FLAGS) -o $@ && cp $@ libs/libphp$(PHP_MAJOR_VERSION).so

Save the file and when your done you can start compiling and installing with:

make
 
sudo make install

This means it’s ready.

Now restart apache and check your site. Now you have a new PHP version with GD on your server.

The PHP development team released a new version of the 5.3.x release. Before you upgrade to a 5.3.x release on a production machine, please check if all PHP based apps are supporting 5.3.x as there are some compatibility problems and you might get some strange results. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. I’ve tested it on a test server with Snow Leopard without any problems.

Security Enhancements and Fixes in PHP 5.3.1:

• Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. (Ilia)
• Added missing sanity checks around exif processing. (CVE-2009-3292, Ilia)
• Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
• Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
• Fixed bug #50063 (safe_mode_include_dir fails). (CVE-2009-3559, Johannes, christian at elmerot dot se)
• Fixed bug #44683 (popen crashes when an invalid mode is passed). (CVE-2009-3294, Pierre)

Key Enhancements in PHP 5.3.1 include:

• Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
• Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
• Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe)
• Fixed bug #49910 (no support for ././@LongLink for long filenames in phar tar support). (Greg)
• Fixed bug #49908 (throwing exception in __autoload crashes when interface is not defined). (Felipe)
• Around 100 other bug fixes

For instructions on how to upgrade PHP please read: Upgrading PHP.

PHP have released an update to the 5.2.x version. Many people still have problems with the backwards compatibility of 5.3 and are still using 5.2.10. In this release which is a security bug-fix and if you are running 5.2.10 I would urge you to upgrade.

Security Enhancements and Fixes in PHP 5.2.11:

• Fixed certificate validation inside php_openssl_apply_verification_policy.
• Fixed sanity check for the color index in imagecolortransparent().
• Added missing sanity checks around exif processing.
• Fixed bug #44683 (popen crashes when an invalid mode is passed).

Key enhancements in PHP 5.2.11 include:

• Fixed regression in cURL extension that prevented flush of data to output defined as a file handle.
• A number of fixes for the FILTER_VALIDATE_EMAIL validation rule
• Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
• Fixed bug #48696 (ldap_read() segfaults with invalid parameters)
• Fixed bug #48645 (mb_convert_encoding() doesn’t understand hexadecimal html-entities).
• Fixed bug #48619 (imap_search ALL segfaults).
• Fixed bug #48400 (imap crashes when closing stream opened with OP_PROTOTYPE flag).
• Fixed bug #47351 (Memory leak in DateTime).
• Over 60 bug fixes.

For instructions on how to upgrade PHP please read: Upgrading PHP.

Here is a quick update on getting Apache, PHP and MySQL installations working again after the Snow Leopard upgrade.

For Apache I did a recompile and install because the config was completely lost (and I had no backup!) and this was the quickest way for me. The normal 64 bit Leopard instructions did the job for now, will look later at possible enhancements.

MySQL I could just startup with the System Preferences MySQL panel. Will do a recompile later today and will update this post with the findings. This as MySQL is updated to 5.1.38

PHP gave the most issues, but a comment from Nico helped out. This problem is valid for 5.2.9 and 5.3.0 but it should be solved in 5.3.1 as the bug was listed as solved in 5.3.1.dev

To solve the problem, follow the normal instructions on this site but after the configure statement you need to edit the Makefile which is created by ./configure

You need to add ‘-lresolv‘ at the end of the line which starts with ‘EXTRA_LIBS‘ like:

EXTRA_LIBS = -lmysqlclient -lssl -lcrypto -lz -lssl -lcrypto -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lmysqlclient -lz -lm -lmysqlclient -lz -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lxml2 -lz -licucore -lm -lresolv

As noted earlier, I will keep updating this blogpost till most issues are resolved or properly documented elsewhere on the site.

Update 1: MySQL compiled without a problem using the 64 bits Leopard instructions.

Update 2: Finished some of the PHP documentation on Snow Leopard:

• Compiling PHP in 64 bits mode on Snow Leopard
• Adding the GD module to PHP on Snow Leopard
• Adding the mcrypt module to PHP on Snow Leopard

Update 3: Added Apache install instructions:

• Compiling Apache in 64 bits mode on Snow Leopard

Update 4: Made a new page with all related Snow Leopard instructions. MAMP stack documented, mailserver will follow!

Last update: Mailserver instructions.

Recently I got some remarks from a user who asked why he was not able to compile 64 bits on the PowerPC platform. My notes and instructions did not mention this and I must confess that I had forgotten this as I could not see a PowerMac or iMac G5 as your basic mailserver.

But I’m wrong, as my basic goal was to provide you with a complete mailserver solution, I have to acknowledge that the most polular pages are on installing Apache, PHP and third MySQL. The popularity of the mailserver instructions comes way lower then these three subjects.

So therefore I’ve updated all the 64 bit instructions with how to compile on a 64 bit PowerPC platform. You have to forgive me for not being able to test this (no G5 at my place!) I’m using the input of someone else who told me this. It was a very simple change as you only need to change the ‘x86_64‘ bit into ‘ppc64‘ and that’s it.

If someone else could verify that this works it would be grand!

The people from PHP have released a new version. I’ve downloaded it right away and installed and tested it on all my test machines and haven’t found any problem yet. This release is a major improvement in the 5.X series, which includes a large number of new features and bug fixes.

• Support for namespaces
• Late static binding
• Lambda Functions and Closures
• Syntax additions: NOWDOC, ternary short cut “?:” and jump label (limited goto), __callStatic()
• Under the hood performance improvements
• Optional garbage collection for cyclic references
• Optional mysqlnd PHP native replacement for libmysql
• Improved Windows support including VC9 and experimental X64 binaries as well as portability to other supported platforms
• More consistent float rounding
• Deprecation notices are now handled via E_DEPRECATED (part of E_ALL) instead of the E_STRICT error level
• Several enhancements to enable more flexiblity in php.ini (and ini parsing in general)
• New bundled extensions: ext/phar, ext/intl, ext/fileinfo, ext/sqlite3, ext/enchant
• Over 140 bug fixes and improvements to PHP, in particular to: ext/openssl, ext/spl and ext/date

This release also drops several extensions and unifies the usage of internal APIs. Users should be aware of the following known backwards compatibility breaks:

• Parameter parsing API unification will cause some functions to behave more or less strict when it comes to type juggling
• Removed the following extensions: ext/mhash (see ext/hash), ext/msql, ext/pspell (see ext/enchant), ext/sybase (see ext/sybase_ct)
• Moved the following extensions to PECL: ext/ming, ext/fbsql, ext/ncurses, ext/fdf
• Removed zend.ze1_compatibility_mode

For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3.0.

For a full list of changes in PHP 5.3.0, see the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.