PHP

PHP released 5.3.10

The PHP development team released 5.3.10, it contains a critical security update and I urge you to perform the update. I’ve successfully tested it on my servers without a noticeable problem.

  • Fixed arbitrary remote code execution vulnerability reported by
    Stefan Esser, CVE-2012-0830.

To see the buglist solved in this release, read them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

PHP released 5.3.9

The PHP development team released 5.3.9, it is an improvement on the stability and contains some security fixes. I’ve successfully tested it on my servers without a noticeable problem.

Security Enhancements and Fixes in PHP 5.3.9:

  • Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)
  • Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)

Key enhancements in PHP 5.3.9 include:

  • Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
  • Fixed bug #55609 (mysqlnd cannot be built shared)
  • Many changes to the FPM SAPI module

To see the buglist solved in this release, read them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

PHP released 5.3.8

The PHP development team just released 5.3.8. It’s an important bug fix release that solves two new bugs that were introduced in 5.3.7:

  • Fixed bug #55439 (crypt() returns only the salt for MD5)
  • Reverted a change in timeout handling restoring PHP 5.3.6 behavior, which caused mysqlnd SSL connections to hang (Bug #55283).

My advise is to upgrade as soon as possible. I haven’t found any problem with this version and I installed it on most of my test and production servers.

To see the buglist solved in this release, read them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

PHP released 5.3.7

The PHP development team just released 5.3.7. I haven’t found any problem with this version and I installed it on most of my test and production servers. I would advise you to upgrade as this version solves some security issues.

There are a lot of bugs solved in this release, you can read all about them in the ChangeLog.

For instructions on how to upgrade PHP please read: Upgrading PHP.

Problems after upgrading to Lion

After getting the MAMP stuff out of the way for Lion on my freshly installed VMware based virtual Mac it was time to upgrade my iMac (which I use as my main computer). It all went without any complications (also the blogosphere is quite silent on upgrading woes). First thing I noticed was that my local websites weren’t running and after some examination I found that none of my stuff was working. All the configuration and setup had been removed for MAMP and the mail-server.

So I started recompiling after solving problems with upgrading my version of Xcode. The installer asks you to stop iTunes but it forgets there is an iTunes Helper process still running and you have to quit it manually (e.g. using the Activity Monitor) before it finishes installing.

Everything went all right until I ran into compilation problems with PHP. Which was strange as everything went great on the fresh install of Lion. The error I encountered was:

/Users/richard/DIYMacServer/php-5.3.6/main/spprintf.c:186: error: static declaration of ‘strnlen’ follows non-static declaration
/usr/include/string.h:143: error: previous declaration of ‘strnlen’ was here
make: *** [main/spprintf.lo] Error 1

This is even a bug reported at PHP. To me it looked like there was some leftovers from the upgrade and I decided to wipe all the development stuff and install Xcode fresh. To do that you need to type in the following command:

sudo /Developer/Library/uninstall-devtools --mode=all

This will run for a while, when done re-install Xcode 4.1 and reboot. When your Mac is up and running again re-compile everything again and then it will work again. I’ve got my sites back in running mode again. Tomorrow I’ll start on getting my test mail server up and running again.

This proves again that a fresh install of the OS is much better then an upgrade to get rid of all the unwanted stuff.

« Previous PageNext Page »