Last week, a security bullet was released about security problems with
php5 prior to version 5.2.7.
Yesterday, a major regression testing problem was fixed in 5.2.7, with
the removal of the 5.2.7 binaries, and the emergency release of 5.2.8.
(so, if you tried to upgrade, or are freebsd users trying to upgrade to
5.2.7 last night, it failed)
Further, 5.2.7 (and 5.2.8) included php5-pcre libraries, so removal of
pcre.so in ../php/extensions.ini is necessary to remove the cli error.
Last issue, for those using spamassassin sa-compile, a warning is output
when compiling php5 5.2.8, requiring re2c version at least 13.4.
so, bottom line: if you upgraded to 5.2.7, you need to upgrade to 5.2.8,
clean the extensions.ini file, and upgrade re2c.
for freebsd users, just sync your ports tree, and run:
pkg_delete -f php5-pcre\* (as per /usr/ports/UPDATING)
portupgrade php5 re2c
you might also want to run pkgdb -F and portupgrade php5-imap php5-zlib.
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* King of Spam Filters, SC Magazine 2008
* Information Security Award 2008, Info Security Products Guide
* CRN Magazine Top 40 Emerging Security Vendors
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
_________________________________________________________________________
