[atomic] php 5.3.9
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
[atomic] php 5.3.9
This is a High Impact security update to correct the recently announce hash collision vulnerability. It is highly recommended for all platforms running PHP to upgrade to this release.
This update also includes a new mysqlnd sub package. This is a native mysql client module that replaces dependencies on external mysql client libraries.
Changelog:
Core:
Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry).
Fixed bug #60205 (possible integer overflow in content_length). (Laruence)
Fixed bug #60139 (Anonymous functions create cycles not detected by the GC). (Dmitry)
Fixed bug #60138 (GC crash with referenced array in RecursiveArrayIterator) (Dmitry).
Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when the data exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli)
Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe)
Fixed bug #60019 (Function time_nanosleep() is undefined on OS X). (Ilia)
Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs). (klightspeed at netspace dot net dot au)
Fixed bug #55798 (serialize followed by unserialize with numeric object prop. gives integer prop). (Gustavo)
Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds). (Pierre)
Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux parisc). (Felipe)
Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some tab-separated records). (Laruence)
Fixed bug #55649 (Undefined function Bug()). (Laruence)
Fixed bug #55622 (memory corruption in parse_ini_string). (Pierre)
Fixed bug #55576 (Cannot conditionally move uploaded file without race condition). (Gustavo)
Fixed bug #55510: $_FILES 'name' missing first character after upload. (Arpad)
Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence)
Fixed bug #55504 (Content-Type header is not parsed correctly on HTTP POST request). (Hannes)
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). (alan_k)
Fixed bug #52461 (Incomplete doctype and missing xmlns). (virsacer at web dot de, Pierre)
Fixed bug #55366 (keys lost when using substr_replace an array). (Arpad)
Fixed bug #55273 (base64_decode() with strict rejects whitespace after pad). (Ilia)
Fixed bug #52624 (tempnam() by-pass open_basedir with nonnexistent directory). (Felipe)
Fixed bug #50982 (incorrect assumption of PAGE_SIZE size). (Dmitry)
Fixed invalid free in call_user_method() function. (Felipe)
Fixed bug #43200 (Interface implementation / inheritence not possible in abstract classes). (Felipe)
BCmath:
Fixed bug #60377 (bcscale related crashes on 64bits platforms). (shm)
Calendar:
Fixed bug #55797 (Integer overflow in SdnToGregorian leads to segfault (in optimized builds). (Gustavo)
cURL:
Fixed bug #60439 (curl_copy_handle segfault when used with CURLOPT_PROGRESSFUNCTION). (Pierrick)
Fixed bug #54798 (Segfault when CURLOPT_STDERR file pointer is closed before calling curl_exec). (Hannes)
Fixed issues were curl_copy_handle() would sometimes lose copied preferences. (Hannes)
DateTime:
Fixed bug #60373 (Startup errors with log_errors on cause segfault). (Derick)
Fixed bug #60236 (TLA timezone dates are not converted properly from timestamp). (Derick)
Fixed bug #55253 (DateTime::add() and sub() result -1 hour on objects with time zone type 2). (Derick)
Fixed bug #54851 (DateTime::createFromFormat() doesn't interpret "D"). (Derick)
Fixed bug #53502 (strtotime with timezone memory leak). (Derick)
Fixed bug #52062 (large timestamps with DateTime::getTimestamp and DateTime::setTimestamp). (Derick)
Fixed bug #51994 (date_parse_from_format is parsing invalid date using 'yz' format). (Derick)
Fixed bug #52113 (Seg fault while creating (by unserialization) DatePeriod). (Derick)
Fixed bug #48476 (cloning extended DateTime class without calling parent::__constr crashed PHP). (Hannes)
EXIF:
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (Stas, flolechaud at gmail dot com)
Fileinfo:
Fixed bug #60094 (C++ comment fails in c89). (Laruence)
Fixed possible memory leak in finfo_open(). (Felipe)
Fixed memory leak when calling the Finfo constructor twice. (Felipe)
Filter:
Fixed Bug #55478 (FILTER_VALIDATE_EMAIL fails with internationalized domain name addresses containing >1 -). (Ilia)
FTP:
Fixed bug #60183 (out of sync ftp responses). (bram at ebskamp dot me, rasmus)
Gd:
Fixed bug #60160 (imagefill() doesn't work correctly for small images). (Florian)
Intl:
Fixed bug #60192 (SegFault when Collator not constructed properly). (Florian)
Fixed memory leak in several Intl locale functions. (Felipe)
JSON:
Fixed bug #55543 (json_encode() with JSON_NUMERIC_CHECK fails on objects with numeric string properties). (Ilia, dchurch at sciencelogic dot com)
mbstring:
Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe)
MS SQL:
Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe)
MySQL:
Fixed bug #55550 (mysql.trace_mode miscounts result sets). (Johannes)
MySQLi extension:
Fixed bug #55859 (mysqli->stat property access gives error). (Andrey)
Fixed bug #55582 (mysqli_num_rows() returns always 0 for unbuffered, when mysqlnd is used). (Andrey)
Fixed bug #55703 (PHP crash when calling mysqli_fetch_fields). (eran at zend dot com, Laruence)
mysqlnd:
Fixed bug #55609 (mysqlnd cannot be built shared). (Johannes)
Fixed bug #55067 (MySQL doesn't support compression - wrong config option). (Andrey)
NSAPI SAPI:
Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403). (Uwe Schindler)
OpenSSL:
Fixed bug #60279 (Fixed NULL pointer dereference in stream_socket_enable_crypto, case when ssl_handle of session_stream is not initialized.) (shm)
Fix segfault with older versions of OpenSSL. (Scott)
Oracle Database extension (OCI8):
Fixed bug #59985 (show normal warning text for OCI_NO_DATA). (Chris Jones)
Increased maximum Oracle error message buffer length for new 11.2.0.3 size. (Chris Jones)
Improve internal initalization failure error messages. (Chris Jones)
PDO
Fixed bug #55776 (PDORow to session bug). (Johannes)
PDO Firebird:
Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird). (Mariuz)
Fixed bug #47415 (PDO_Firebird segfaults when passing lowercased column name to bindColumn).
Fixed bug #53280 (PDO_Firebird segfaults if query column count less than param count). (Mariuz)
PDO MySQL driver:
Fixed bug #60155 (pdo_mysql.default_socket ignored). (Johannes)
Fixed bug #55870 (PDO ignores all SSL parameters when used with mysql native driver). (Pierre)
Fixed bug #54158 (MYSQLND+PDO MySQL requires #define MYSQL_OPT_LOCAL_INFILE). (Andrey)
PDO OCI driver:
Fixed bug #55768 (PDO_OCI can't resume Oracle session after it's been killed). (mikhail dot v dot gavrilov at gmail dot com, Chris Jones, Tony)
Phar:
Fixed bug #60261 (NULL pointer dereference in phar). (Felipe)
Fixed bug #60164 (Stubs of a specific length break phar_open_from_fp scanning for __HALT_COMPILER). (Ralph Schindler)
Fixed bug #53872 (internal corruption of phar). (Hannes)
Fixed bug #52013 (Unable to decompress files in a compressed phar). (Hannes)
PHP-FPM SAPI:
Fixed bug #60659 (FPM does not clear auth_user on request accept). (bonbons at linux-vserver dot org)
Fixed bug #60629 (memory corruption when web server closed the fcgi fd). (fat)
Fixed bug #60179 (php_flag and php_value does not work properly). (fat)
Fixed bug #55526 (Heartbeat causes a lot of unnecessary events). (fat)
Fixed bug #55533 (The -d parameter doesn't work). (fat)
Implemented FR #52569 (Add the "ondemand" process-manager to allow zero children). (fat)
Fixed bug #55486 (status show BIG processes number). (fat)
Fixed bug #55577 (status.html does not install). (fat)
Backported from 5.4 branch (Dropped restriction of not setting the same value multiple times, the last one holds). (giovanni at giacobbi dot net, fat)
Backported FR #55166 from 5.4 branch (Added process.max to control the number of process FPM can fork). (fat)
Backported FR #55181 from 5.4 branch (Enhance security by limiting access to user defined extensions). (fat)
Backported FR #54098 from 5.4 branch (Lowered process manager default value). (fat)
Backported FR #52052 from 5.4 branch (Added partial syslog support). (fat)
Implemented FR #54577 (Enhanced status page with full status and details about each processes. Also provide a web page (status.html) for real-time FPM status. (fat)
Enhance error log when the primary script can't be open. FR #60199. (fat)
Added .phar to default authorized extensions. (fat)
Postgres:
Fixed bug #60244 (pg_fetch_* functions do not validate that row param is >0). (Ilia)
Reflection:
Fixed bug #60367 (Reflection and Late Static Binding). (Laruence)
Session:
Fixed bug #55267 (session_regenerate_id fails after header sent). (Hannes)
SimpleXML:
Reverted the SimpleXML->query() behaviour to returning empty arrays instead of false when no nodes are found as it was since 5.3.3 (bug #48601). (chregu, rrichards)
SOAP
Fixed bug #54911 (Access to a undefined member in inherit SoapClient may cause Segmentation Fault). (Dmitry)
Fixed bug #48216 (PHP Fatal error: SOAP-ERROR: Parsing WSDL: Extra content at the end of the doc, when server uses chunked transfer encoding with spaces after chunk size). (Dmitry)
Fixed bug #44686 (SOAP-ERROR: Parsing WSDL with references). (Dmitry)
Sockets:
Fixed bug #60048 (sa_len a #define on IRIX). (china at thewrittenword dot com)
SPL:
Fixed bug #60082 (Crash in ArrayObject() when using recursive references). (Tony)
Fixed bug #55807 (Wrong value for splFileObject::SKIP_EMPTY). (jgotti at modedemploi dot fr, Hannes)
Fixed bug #54304 (RegexIterator::accept() doesn't work with scalar values). (Hannes)
Streams:
Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together with the last read). (Gustavo)
Tidy:
Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). (Maksymilian Arciemowicz, Felipe)
XSL:
Added xsl.security_prefs ini option to define forbidden operations within XSLT stylesheets, default is not to enable write operations. This option won't be in 5.4, since there's a new method. Fixes Bug #54446. (Chregu, Nicolas Gregoire)
To Upgrade:
yum upgrade php
This update also includes a new mysqlnd sub package. This is a native mysql client module that replaces dependencies on external mysql client libraries.
Changelog:
Core:
Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry).
Fixed bug #60205 (possible integer overflow in content_length). (Laruence)
Fixed bug #60139 (Anonymous functions create cycles not detected by the GC). (Dmitry)
Fixed bug #60138 (GC crash with referenced array in RecursiveArrayIterator) (Dmitry).
Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when the data exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli)
Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe)
Fixed bug #60019 (Function time_nanosleep() is undefined on OS X). (Ilia)
Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs). (klightspeed at netspace dot net dot au)
Fixed bug #55798 (serialize followed by unserialize with numeric object prop. gives integer prop). (Gustavo)
Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds). (Pierre)
Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux parisc). (Felipe)
Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some tab-separated records). (Laruence)
Fixed bug #55649 (Undefined function Bug()). (Laruence)
Fixed bug #55622 (memory corruption in parse_ini_string). (Pierre)
Fixed bug #55576 (Cannot conditionally move uploaded file without race condition). (Gustavo)
Fixed bug #55510: $_FILES 'name' missing first character after upload. (Arpad)
Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence)
Fixed bug #55504 (Content-Type header is not parsed correctly on HTTP POST request). (Hannes)
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). (alan_k)
Fixed bug #52461 (Incomplete doctype and missing xmlns). (virsacer at web dot de, Pierre)
Fixed bug #55366 (keys lost when using substr_replace an array). (Arpad)
Fixed bug #55273 (base64_decode() with strict rejects whitespace after pad). (Ilia)
Fixed bug #52624 (tempnam() by-pass open_basedir with nonnexistent directory). (Felipe)
Fixed bug #50982 (incorrect assumption of PAGE_SIZE size). (Dmitry)
Fixed invalid free in call_user_method() function. (Felipe)
Fixed bug #43200 (Interface implementation / inheritence not possible in abstract classes). (Felipe)
BCmath:
Fixed bug #60377 (bcscale related crashes on 64bits platforms). (shm)
Calendar:
Fixed bug #55797 (Integer overflow in SdnToGregorian leads to segfault (in optimized builds). (Gustavo)
cURL:
Fixed bug #60439 (curl_copy_handle segfault when used with CURLOPT_PROGRESSFUNCTION). (Pierrick)
Fixed bug #54798 (Segfault when CURLOPT_STDERR file pointer is closed before calling curl_exec). (Hannes)
Fixed issues were curl_copy_handle() would sometimes lose copied preferences. (Hannes)
DateTime:
Fixed bug #60373 (Startup errors with log_errors on cause segfault). (Derick)
Fixed bug #60236 (TLA timezone dates are not converted properly from timestamp). (Derick)
Fixed bug #55253 (DateTime::add() and sub() result -1 hour on objects with time zone type 2). (Derick)
Fixed bug #54851 (DateTime::createFromFormat() doesn't interpret "D"). (Derick)
Fixed bug #53502 (strtotime with timezone memory leak). (Derick)
Fixed bug #52062 (large timestamps with DateTime::getTimestamp and DateTime::setTimestamp). (Derick)
Fixed bug #51994 (date_parse_from_format is parsing invalid date using 'yz' format). (Derick)
Fixed bug #52113 (Seg fault while creating (by unserialization) DatePeriod). (Derick)
Fixed bug #48476 (cloning extended DateTime class without calling parent::__constr crashed PHP). (Hannes)
EXIF:
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (Stas, flolechaud at gmail dot com)
Fileinfo:
Fixed bug #60094 (C++ comment fails in c89). (Laruence)
Fixed possible memory leak in finfo_open(). (Felipe)
Fixed memory leak when calling the Finfo constructor twice. (Felipe)
Filter:
Fixed Bug #55478 (FILTER_VALIDATE_EMAIL fails with internationalized domain name addresses containing >1 -). (Ilia)
FTP:
Fixed bug #60183 (out of sync ftp responses). (bram at ebskamp dot me, rasmus)
Gd:
Fixed bug #60160 (imagefill() doesn't work correctly for small images). (Florian)
Intl:
Fixed bug #60192 (SegFault when Collator not constructed properly). (Florian)
Fixed memory leak in several Intl locale functions. (Felipe)
JSON:
Fixed bug #55543 (json_encode() with JSON_NUMERIC_CHECK fails on objects with numeric string properties). (Ilia, dchurch at sciencelogic dot com)
mbstring:
Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe)
MS SQL:
Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe)
MySQL:
Fixed bug #55550 (mysql.trace_mode miscounts result sets). (Johannes)
MySQLi extension:
Fixed bug #55859 (mysqli->stat property access gives error). (Andrey)
Fixed bug #55582 (mysqli_num_rows() returns always 0 for unbuffered, when mysqlnd is used). (Andrey)
Fixed bug #55703 (PHP crash when calling mysqli_fetch_fields). (eran at zend dot com, Laruence)
mysqlnd:
Fixed bug #55609 (mysqlnd cannot be built shared). (Johannes)
Fixed bug #55067 (MySQL doesn't support compression - wrong config option). (Andrey)
NSAPI SAPI:
Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403). (Uwe Schindler)
OpenSSL:
Fixed bug #60279 (Fixed NULL pointer dereference in stream_socket_enable_crypto, case when ssl_handle of session_stream is not initialized.) (shm)
Fix segfault with older versions of OpenSSL. (Scott)
Oracle Database extension (OCI8):
Fixed bug #59985 (show normal warning text for OCI_NO_DATA). (Chris Jones)
Increased maximum Oracle error message buffer length for new 11.2.0.3 size. (Chris Jones)
Improve internal initalization failure error messages. (Chris Jones)
PDO
Fixed bug #55776 (PDORow to session bug). (Johannes)
PDO Firebird:
Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird). (Mariuz)
Fixed bug #47415 (PDO_Firebird segfaults when passing lowercased column name to bindColumn).
Fixed bug #53280 (PDO_Firebird segfaults if query column count less than param count). (Mariuz)
PDO MySQL driver:
Fixed bug #60155 (pdo_mysql.default_socket ignored). (Johannes)
Fixed bug #55870 (PDO ignores all SSL parameters when used with mysql native driver). (Pierre)
Fixed bug #54158 (MYSQLND+PDO MySQL requires #define MYSQL_OPT_LOCAL_INFILE). (Andrey)
PDO OCI driver:
Fixed bug #55768 (PDO_OCI can't resume Oracle session after it's been killed). (mikhail dot v dot gavrilov at gmail dot com, Chris Jones, Tony)
Phar:
Fixed bug #60261 (NULL pointer dereference in phar). (Felipe)
Fixed bug #60164 (Stubs of a specific length break phar_open_from_fp scanning for __HALT_COMPILER). (Ralph Schindler)
Fixed bug #53872 (internal corruption of phar). (Hannes)
Fixed bug #52013 (Unable to decompress files in a compressed phar). (Hannes)
PHP-FPM SAPI:
Fixed bug #60659 (FPM does not clear auth_user on request accept). (bonbons at linux-vserver dot org)
Fixed bug #60629 (memory corruption when web server closed the fcgi fd). (fat)
Fixed bug #60179 (php_flag and php_value does not work properly). (fat)
Fixed bug #55526 (Heartbeat causes a lot of unnecessary events). (fat)
Fixed bug #55533 (The -d parameter doesn't work). (fat)
Implemented FR #52569 (Add the "ondemand" process-manager to allow zero children). (fat)
Fixed bug #55486 (status show BIG processes number). (fat)
Fixed bug #55577 (status.html does not install). (fat)
Backported from 5.4 branch (Dropped restriction of not setting the same value multiple times, the last one holds). (giovanni at giacobbi dot net, fat)
Backported FR #55166 from 5.4 branch (Added process.max to control the number of process FPM can fork). (fat)
Backported FR #55181 from 5.4 branch (Enhance security by limiting access to user defined extensions). (fat)
Backported FR #54098 from 5.4 branch (Lowered process manager default value). (fat)
Backported FR #52052 from 5.4 branch (Added partial syslog support). (fat)
Implemented FR #54577 (Enhanced status page with full status and details about each processes. Also provide a web page (status.html) for real-time FPM status. (fat)
Enhance error log when the primary script can't be open. FR #60199. (fat)
Added .phar to default authorized extensions. (fat)
Postgres:
Fixed bug #60244 (pg_fetch_* functions do not validate that row param is >0). (Ilia)
Reflection:
Fixed bug #60367 (Reflection and Late Static Binding). (Laruence)
Session:
Fixed bug #55267 (session_regenerate_id fails after header sent). (Hannes)
SimpleXML:
Reverted the SimpleXML->query() behaviour to returning empty arrays instead of false when no nodes are found as it was since 5.3.3 (bug #48601). (chregu, rrichards)
SOAP
Fixed bug #54911 (Access to a undefined member in inherit SoapClient may cause Segmentation Fault). (Dmitry)
Fixed bug #48216 (PHP Fatal error: SOAP-ERROR: Parsing WSDL: Extra content at the end of the doc, when server uses chunked transfer encoding with spaces after chunk size). (Dmitry)
Fixed bug #44686 (SOAP-ERROR: Parsing WSDL with references). (Dmitry)
Sockets:
Fixed bug #60048 (sa_len a #define on IRIX). (china at thewrittenword dot com)
SPL:
Fixed bug #60082 (Crash in ArrayObject() when using recursive references). (Tony)
Fixed bug #55807 (Wrong value for splFileObject::SKIP_EMPTY). (jgotti at modedemploi dot fr, Hannes)
Fixed bug #54304 (RegexIterator::accept() doesn't work with scalar values). (Hannes)
Streams:
Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together with the last read). (Gustavo)
Tidy:
Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). (Maksymilian Arciemowicz, Felipe)
XSL:
Added xsl.security_prefs ini option to define forbidden operations within XSLT stylesheets, default is not to enable write operations. This option won't be in 5.4, since there's a new method. Fixes Bug #54446. (Chregu, Nicolas Gregoire)
To Upgrade:
yum upgrade php
Re: [atomic] php 5.3.9
Helle scott,
Can i upgrade to this new php version and still using mysql-5.1.59-1.el5.art?
My php version is atm:
php-5.3.8-1.el5.art
Thanx in advanced
Can i upgrade to this new php version and still using mysql-5.1.59-1.el5.art?
My php version is atm:
php-5.3.8-1.el5.art
Thanx in advanced
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
No, 5.3.8-2 and up in Atomic have dependencies on MySQL 5.5.
Lemonbit Internet Dedicated Server Management
Re: [atomic] php 5.3.9
Is there any particular reason why you want to stick with the earlier version?
I've not noticed any incompatibilities between older scripts and 5.5.x *so far*. Plesk 8.6 is very happy with it as well, which is vital for me for the next few weeks (10.4.4 upgrade coming soon!).
I've not noticed any incompatibilities between older scripts and 5.5.x *so far*. Plesk 8.6 is very happy with it as well, which is vital for me for the next few weeks (10.4.4 upgrade coming soon!).
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] php 5.3.9
There is a mysql 5.5 client package you can install that would let you run it with 5.0 or 5.1 environments. Its called mysqlclient18
Also there is now the mysqlnd (Native Driver) subpackage in 5.3.9 that eliminates the need for using php-mysql all together.
Also there is now the mysqlnd (Native Driver) subpackage in 5.3.9 that eliminates the need for using php-mysql all together.
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
Ah, that's really good to know.scott wrote:There is a mysql 5.5 client package you can install that would let you run it with 5.0 or 5.1 environments. Its called mysqlclient18
Lemonbit Internet Dedicated Server Management
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
It looks like mysqlclient18 wasn't built for EL4. Any chance you could add that one, Scott?
(Yes, I know EL4 will be EOL in a month, but some clients like to squeeze every day out of the supported lifetime of their OS.)
(Yes, I know EL4 will be EOL in a month, but some clients like to squeeze every day out of the supported lifetime of their OS.)
Lemonbit Internet Dedicated Server Management
Re: [atomic] php 5.3.9
That might be the most awesome thing about this release. To give you an idea why, take breun's postAlso there is now the mysqlnd (Native Driver) subpackage in 5.3.9 that eliminates the need for using php-mysql all together.
I don't think you need the whole mysqlclient mess (which contains libmysql) when using mysqlnd. Instead, mysqlnd uses code entirely written by Zend and works natively with MySQL to eliminate the need for any other libraries.It looks like mysqlclient18 wasn't built for EL4.
http://www.php.net/manual/en/mysqlnd.overview.phpAlso, in the past, you needed to build the MySQL database extensions against a copy of the MySQL Client Library. This typically meant you needed to have MySQL installed on a machine where you were building the PHP source code. Also, when your PHP application was running, the MySQL database extensions would call down to the MySQL Client library file at run time, so the file needed to be installed on your system. With MySQL Native Driver that is no longer the case as it is included as part of the standard distribution. So you do not need MySQL installed in order to build PHP or run PHP database applications.
If you're going to install it, be sure to check out this PECL project for query caching that compliments it
http://pecl.php.net/package/mysqlnd_qc
http://blog.ulf-wendel.de/2012/php-mysq ... is-online/
The easiest way to get mysqlnd (until Scott makes one obsolete the other)
Code: Select all
yum remove php-mysql
yum install php-mysqlnd
"Its not a mac. I run linux... I'm actually cool." - scott
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
Please note that 'yum remove php-mysql' will also uninstall Plesk. I suggest using the following instead:
Just tried this on a test server and it seems to work fine so far. Cool stuff.
Code: Select all
rpm -e --nodeps php-mysql && yum install php-mysqlnd && service httpd reload
Lemonbit Internet Dedicated Server Management
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
Does ASL protect against the PHP hash collision attacks?scott wrote:Added max_input_vars directive to prevent attacks based on hash collisions (Dmitry).
A client on EL4 won't to upgrade to MySQL 5.5 yet, so upgrading PHP 5.3.8-1 to 5.3.9 using the Atomic repository is also not possible yet. A mysqlclient18 package for EL4 would make this problem easy. Could mysqlclient18 be built for EL4?
I guess the only other option for staying on MySQL 5.1 for now would be switching from php-mysql to php-mysqlnd, but I haven't found out yet if that's really 100% backwards compatible. Does anyone know?
Lemonbit Internet Dedicated Server Management
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] php 5.3.9
Doesnt look like the 5.5 compat package wants to build for el4 environments. You're welcome to take a crack at it to see if you can sort out whats going on there. Unfortunately I wont have the time to look into it for a bit.
Blows up here:
In file included from /builddir/build/BUILD/mysql-5.5.17/sql/lex_hash.h:17,
from /builddir/build/BUILD/mysql-5.5.17/sql/sql_lex.cc:113:
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:114: error: `CLIENT_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:261: error: `INDEX_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:552: error: `TABLE_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:559: error: `THREAD_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:595: error: `USER_STATS_SYM' was not declared in this scope
make[2]: *** [sql/CMakeFiles/sql.dir/sql_lex.cc.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: Leaving directory `/builddir/build/BUILD/mysql-5.5.17'
make[1]: *** [sql/CMakeFiles/sql.dir/all] Error 2
make[1]: Leaving directory `/builddir/build/BUILD/mysql-5.5.17'
Blows up here:
In file included from /builddir/build/BUILD/mysql-5.5.17/sql/lex_hash.h:17,
from /builddir/build/BUILD/mysql-5.5.17/sql/sql_lex.cc:113:
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:114: error: `CLIENT_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:261: error: `INDEX_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:552: error: `TABLE_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:559: error: `THREAD_STATS_SYM' was not declared in this scope
/builddir/build/BUILD/mysql-5.5.17/sql/lex.h:595: error: `USER_STATS_SYM' was not declared in this scope
make[2]: *** [sql/CMakeFiles/sql.dir/sql_lex.cc.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: Leaving directory `/builddir/build/BUILD/mysql-5.5.17'
make[1]: *** [sql/CMakeFiles/sql.dir/all] Error 2
make[1]: Leaving directory `/builddir/build/BUILD/mysql-5.5.17'
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: [atomic] php 5.3.9
Yes, by limiting the maximum number of arguments and/or cookies in a request to 1000 (thats the default). If your application needs to use more than 1000 for either in a request, and you disable either or both of those limits in ASL, then no it can't. You will need to upgrade PHP. If your customer isn't experiencing any issues with the default limits, then you are protected.Does ASL protect against the PHP hash collision attacks?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: [atomic] php 5.3.9
The only incompatibility I've run into so far is that mysqlnd doesn't support the old style of MySQL auth: http://stackoverflow.com/questions/1575 ... enticationbreun wrote:I guess the only other option for staying on MySQL 5.1 for now would be switching from php-mysql to php-mysqlnd, but I haven't found out yet if that's really 100% backwards compatible. Does anyone know?
Lemonbit Internet Dedicated Server Management