On july, 22nd, the PHP Group released PHP 5.2.14 :
The PHP development team would like to announce the immediate availability of PHP 5.2.14. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related.
This release marks the end of the active support for PHP 5.2. Following this release the PHP 5.2 series will receive no further active bug maintenance. Security fixes for PHP 5.2 might be published on a case by cases basis. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
The packages for Debian “Lenny” are now available on Dotdeb.
Of course, you’re advised to read the full announcement andย the Changelog before upgrading.
Thanks (again) to Stefan Esser and the Month of PHP security for improving PHP.
24 replies on “PHP 5.2.14 is available too”
My installation got broken after upgrade. When I’m trying to start php-fpm:
sudo /etc/init.d/php5-fpm start
Starting php5-fpm Jul 25 23:46:56.263293 [ALERT] [pool www] pm.min_spare_servers(0) must be a positive value
Jul 25 23:46:56.263355 [ERROR] failed to post process the configuration
failed
I read something about that the configuration had changed from ini to xml I think, but mine is still in “.ini”-style.
@Jimps : the config switched xml => ini. Read the right post on Dotdeb : http://localhost:8080/2010/07/25/php-5-3-3-packages-are-available/
There are links in it explaining the ini syntax and the meaning of each directive. In your case, just read the error message : using the dynamic process management, you have to set pm.min_spare_servers to a positive and non-zero value.
Hi,
I have small problem, before upgrade – 5.2.13 WP or phpBB was generated pages in eyeblink – now after upgrade it’s slow… Eg. before 1s now 3s…
Didn’t changed anything in config – have some advice?
//Jarek
hi,
is it possible to get 5.2.14 packages for debian
squeeze?
thanks,
raoul
@Raoul Bhatia : as soon as Squeeze has been released.
Can you please compile with –enable-zend-multibyte ?
http://bugs.php.net/bug.php?id=22108
@Marek : I’ll try to enable it in my next upload.
@ Guillaume Plessis : i would suggest providing some packages for testing purposes before the actual release – just to be on the safe side ๐
@Marek : regarding the thread about zend-multibyte on php-internals, I don’t think I’ll compile PHP with its support. Sorry.
@Guillaume Plessis: why? Lack of multibyte causes the problems when php files are saved as UTF with BOM.. As web hosting company we cannot force our customers to use UTF without BOM..
@Marek : did you take a look at this thread? http://news.php.net/php.internals/49175
–enable-zend-multibyte could break more things that is solves.:(
I did what instruction told us… change the repository,
but then I unable to
execute
apt-get install php5
because its dependencies are unresolved.
How could we do solving out dependency at one time?
mine was error caught at:
libapache2-mod-php5
-libdb4.6
-libkrb53
@g : are you using a stock Debian Lenny or another distribution?
What is the exact error message returned by real packages managers (such as dselect, aptitude or synaptic)?
ya, Guillaume Plessis
I resolved the case already, few days ago.
At the time I done entering the source list pointed
to dotdeb.org repository, and trying to apt-get
through Debian Lenny stock…
It didn’t found some of the packages dependencies.
That’s the case.
But thanks to another repository which I add ’em to the source list… which make it works now.
Great thanks 4all.
thanks. what is with the php5-apc extension?
I believe there’s a bug with the sohusin patch/extension.
My code is broken when sohusin is enabled. Before, I can use
suhosin.simulation=On
to disabled it. But with this 5.2.14 dotdeb php any settings in php.ini or suhosin.ini will not take effect. I have to uninstall dotdeb and revert to Ubuntu Karmic’s built-in PHP packages to be able to disable suhosin via config.
Following Gimler comment above… it would be really great to get the php5-apc package updated to 3.1.4 (security + bug fixes).
TIA and ciao ๐
@yi : suhosin may break some applications with its default settings. Browse the documentation on http://www.suhosin.org/ . For example, suhosin.cookie.encrypt is known to be problematic.
@stronk7 : an update is coming, please be patient.
Thanks Guillaume! Not pressure at all!
Can this be compiled with cgi and fastcgi support?
@seanieb : php5-cgi is.
hello
i have upgrade php to 2.2.16 but mysql-common is too upgraded from mysql-common_5.0.51a to the version : mysql-common_5.1.54-0
so if this affecte my current version mysql 5.0.51a ??
@bros : please stop spamming different posts with the same non-issue.
5.0.51a is the libmysqlclient15off version PHP is built against. It is safe, it does not affect the interactions between PHP and MySQL and it does not refer to the MySQL server version. This message is an abusive warning from PHP. Ignore it!
Of course I could have built PHP against a more recent libmysqlclient16 or something but it would have led to duplicate symbols, segmentation faults and an unusable Apache. Your choice ๐
Merry Xmas.
@bros : and of course, you can upgrade your MySQL-related packages safely.