Topic: ANNOUNCE: Patched PHP 4.1.2 RPMs available

[Dan Brown]

I've built RPMs of PHP 4.1.2 incorporating Mitel's security patch; they are now available for download at my contrib directory at

ftp://ftp.e-smith.org/pub/e-smith/contrib/DanBrown/RPMS/

   IMPORTANT:  If you are using my PHP 4.1.1 RPMs, or any version other than that provided by Mitel's latest update blades, you should upgrade to this version to fix a security vulnerability.

   My HOWTO has been updated to reflect the new versions.

NOTE:

   Mitel's Update1 blade specifically requires their version of PHP.  Since I didn't hear any better suggestions on how to handle this fact, these RPMs have an Obsoletes: tag that obsoletes 5.1.2 Update1, 5.1.1 Update1, and 5.0 Update4.  This will, I expect, result in those blades showing as "Not Installed" in your blades panel.  However, it should also allow my updates to be installed without using the --force or --nodeps flags to RPM.

   These RPMs were built by taking the stock PHP 4.1.2 tarball, and applying Mitel's (Charlie's) patch to it without modification.  It "works" in that it builds without errors, and the resulting RPMs install and seem to run, but I can't vouch for the effectiveness of the patch in this application.  Charlie's written that he doesn't know of any reason that it wouldn't work, but I'm sure he's not willing to guarantee it either.  It'd be good if somebody who knew what s/he's doing would take a look at it; that would not be me.

   As always, any feedback on these RPMs is appreciated.

[Dean Mumby]

Hi Dan
I was just wondering how your rpms where built. I followed your original howto upgrade php to 4.0.6 on essg4.1.2 and that was great since you used the arvin rpms which where complied with bcmath and pdflib support. Are your new 4.1.2 prms compiled with bcmath and / or pdflib support, I have a php web app that builds pdf documents from a mysql database and have not been able to set it up since upgrading to sme5.1.2.

[Confucius]

Dan,

I ran into troubles with your good efforts, I have NO php activities anymore on my server.

1st I ran into the trouble that lines like

   php_value include_path     '.:/home/httpd/horde-phplib'
   php_value auto_prepend_file /home/httpd/horde-phplib/prepend.php3
   php_flag  magic_quotes_gpc off
   php_flag  track_vars       on

are not accepted from the httpd.conf anymore...

2nd... When I wanna open a php file it goes into download mode.

I hope you can investigate this problem a little

Harro

[Dan Brown]

They have bcmath; don't know about pdflib.  Doesn't look like it, though.  They were built by taking RedHat's source RPM from their rawhide release and re-building it under RH 7.1.

Harro, what happens when you restart httpd-e-smith?

[Confucius]

Dan,

It stays the same. I tried the commandline u mentioned in the HowTo and offcourse the most thinkable 'service httpd restart'

I GOT error messages. I decided to go back to what I had and FORCE it over the rpm's I had from you when I suddenly discovered that Arvin's rpm's also are patched and I had to work quick so I was very happy. Now I have a working Apache again and they are patched. So in the worst case you can drop investigating this if nobody else comes with the same problem.

Harro

[Dan Brown]

Harro, without the error messages, I have no way to investigate this.

[guestHH]

Just to let you know Dan: Worked like a charm.

SME 5.1.2, IMP3.0 with your 4.11 update.

Regards,
guestHH

[Dan G.]

Worked on my test box, so I put it onto 2 production servers today.  No problems. Smooth sailing for 20 live users on webmail.

Thanks for the contribution.

Dan

[Jean-Philippe]

No problem at all for me too : thanks for your good work (as usual), Dan !!!

[DINCLAUX Laurent]

Problem with the mysql ext:

In phpinfo, can't see mysql ext ...

[DINCLAUX Laurent]

Please help ... (SMEServer-5.1.2_Update1)

I've done exactelly what is described in the How to but mysql, imap and ldap don't appear in phpinfo page !

[Dan Brown]

Take a look at /etc/php.ini, and make sure that you have lines that say:

extension=mysql.so
extension=imap.so
extension=ldap.so

If you don't, add them.  If they appear like this:

;extension=mysql.so

...then remove the semicolon.  Restart httpd-e-smith, and you should be ready to go.

[DINCLAUX Laurent]

I've lokked at it already....

Found it:
extension_dir = ./

Have to change it to:
extension_dir = /usr/lib/php4/


Now PHP works well.......

What does './' means ? Is it where php.ini reside (/etc) ?

[DINCLAUX Laurent]

I've looked at it already....

Found it:
extension_dir = ./

Have to change it to:
extension_dir = /usr/lib/php4/


Now PHP works well.......

What does './' means ? Is it where php.ini reside (/etc) ?

[Confucius]

Dan,

In reply to my first mentioning that it didn't work I like to make my personal apologies to you.

I read the part about Expat & MM before doing the upgrade. My system had the Expat & MM already BUT.. they were done by Roels Arvin and that caused a NO GO on the system. Simply forced them over the ones from Roels and worked on down to the bottom, did the install of IMP 3.0 and even that went smooth.

My excuses again... great job you did...

Harro