Page MenuHomeDevCentral
Create Task
Maniphest T450

Upgrade PHP extensions package on Ysul to 5.6.10
Closed, ResolvedPublic
Actions

Description

pkg audit raised issues to some FTP extension still in PHP 5.6.8:

$ pkg audit
php56-gd-5.6.8 is vulnerable:
php5 -- multiple vulnerabilities
CVE: CVE-2015-4644
CVE: CVE-2015-4643
WWW: https://vuxml.FreeBSD.org/freebsd/cdff0af2-1492-11e5-a1cf-002590263bf5.html

php56-dom-5.6.8 is vulnerable:
php5 -- multiple vulnerabilities
CVE: CVE-2015-4644
CVE: CVE-2015-4643
WWW: https://vuxml.FreeBSD.org/freebsd/cdff0af2-1492-11e5-a1cf-002590263bf5.html

php56-ftp-5.6.8 is vulnerable:
php5 -- multiple vulnerabilities
CVE: CVE-2015-4644
CVE: CVE-2015-4643
WWW: https://vuxml.FreeBSD.org/freebsd/cdff0af2-1492-11e5-a1cf-002590263bf5.html

3 problem(s) in the installed packages found.

Event Timeline

dereckson created this task.Jul 5 2015, 12:10
dereckson claimed this task.
dereckson raised the priority of this task from to High.
dereckson updated the task description. (Show Details)
dereckson added projects: security, Servers.
dereckson moved this task to Working on on the security board.
dereckson updated the task description. (Show Details)
dereckson added a subscriber: dereckson.
dereckson closed this task as Resolved.Jul 5 2015, 12:21

Operation log

$ pkg upgrade php56-zlib php56-zip php56-xmlwriter php56-xmlreader php56-xml php56-wddx php56-tokenizer php56-tidy php56-sqlite3 php56-sockets php56-soap php56-simplexml php56-session php56-posix php56-phar php56-pgsql php56-pdo_sqlite php56-pdo_pgsql php56-pdo_mysql php56-pdo php56-openssl php56-opcache php56-mysqli php56-mysql php56-mcrypt php56-mbstring php56-ldap php56-json php56-iconv php56-hash php56-gettext php56-gd php56-ftp php56-filter php56-fileinfo php56-exif php56-dom php56-curl php56-ctype php56-calendar php56-bz2 php56-bcmath
[...]
$ pkg audit
0 problem(s) in the installed packages found.
$ service php-fpm-dev restart
Stopping php_fpm_dev.
Starting php_fpm_dev.
[05-Jul-2015 12:10:52] NOTICE: PHP message: PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20131226/memcache.so' - /usr/local/lib/php/20131226/memcache.so: Undefined symbol "php_session_create_id" in Unknown on line 0
<br />
<b>Warning</b>:  PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20131226/memcache.so' - /usr/local/lib/php/20131226/memcache.so: Undefined symbol &quot;php_session_create_id&quot; in <b>Unknown</b> on line <b>0</b><br />
$ pkg upgrade pecl-memcache-3.0.8
[...]
$ service php-fpm-dev restart
Stopping php_fpm_dev.
Waiting for PIDS: 92160.
Starting php_fpm_dev.
$ service php-fpm-prod restart                                                                                                                              
Stopping php_fpm_prod.
Waiting for PIDS: 91713.
Starting php_fpm_prod.

Dependencies

This triggered four other packages to upgrade:

  • libXpm
  • curl
  • openldap-client
  • postgresql93-client

Package upgrade log

Jul 5 12:07:12 ysul pkg: libXpm upgraded: 3.5.11_3 -> 3.5.11_4
Jul 5 12:07:12 ysul pkg: php56-xml upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:12 ysul pkg: php56-session upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:12 ysul pkg: php56-pdo upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:12 ysul pkg: php56-mysql upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:13 ysul pkg: php56-hash upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:13 ysul pkg: php56-dom upgraded: 5.6.8 -> 5.6.10
Jul 5 12:07:15 ysul pkg: curl upgraded: 7.43.0 -> 7.43.0_2
Jul 5 12:07:29 ysul pkg: openldap-client upgraded: 2.4.40_1 -> 2.4.41
Jul 5 12:08:10 ysul pkg: postgresql93-client upgraded: 9.3.6_1 -> 9.3.9
Jul 5 12:08:11 ysul pkg: php56-zlib upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-zip upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-xmlwriter upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-xmlreader upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-wddx upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-tokenizer upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-tidy upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-sqlite3 upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-sockets upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:11 ysul pkg: php56-soap upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-simplexml upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-posix upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-phar upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-pgsql upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-pdo_sqlite upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-pdo_pgsql upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:12 ysul pkg: php56-pdo_mysql upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:13 ysul pkg: php56-openssl upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:13 ysul pkg: php56-opcache upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:13 ysul pkg: php56-mysqli upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:13 ysul pkg: php56-mcrypt upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-mbstring upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-ldap upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-json upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-iconv upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-gettext upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-gd upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:17 ysul pkg: php56-ftp upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:18 ysul pkg: php56-filter upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-fileinfo upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-exif upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-curl upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-ctype upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-calendar upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-bz2 upgraded: 5.6.8 -> 5.6.10
Jul 5 12:08:20 ysul pkg: php56-bcmath upgraded: 5.6.8 -> 5.6.10
Jul 5 12:12:07 ysul pkg: pecl-memcache reinstalled: 3.0.8 -> 3.0.8

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator