https://bugs.contribs.org/show_bug.cgi?id=10622
Terry Fage <[email protected]> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|IN_PROGRESS |RESOLVED
Resolution|--- |FIXED
--- Comment #52 from Terry Fage <[email protected]> ---
That was a marathon:
VERIFICATION
= Environment:
SME 9.2 x64 VM updates as at 17 Nov 18
= ORIGINAL PROBLEM:
Bug 10622 - php warnings on phpki web pages
= RESOLUTION:
Fixed in phpki-0.82-17.el6.sme
Fixed in phpki-0.82-18.el6.sme
Fixed in phpki-0.82-19.el6.sme
* Mon Oct 8 2018 Daniel B. <[email protected]> 0.82-18.sme
- Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]
* Thu Sep 6 2018 brian r. <[email protected]> 0.82-17.sme
- Replace use of ereg by preg_replace as per deprecated in php 5.3 and removed
in 7.0 [SME: Bug 10622]
* Sat Nov 17 2018 Terry Fage <[email protected]> 0.82-19.sme
- Fix preg_match warnings [SME:10622]
= CURRENT VERSION INSTALLED:
[root@sme92 ~]# cat /etc/e-smith-release
SME Server release 9.2
[[root@sme92x64 ~]# uname -r
2.6.32-754.6.3.el6.x86_64
Install and configure current smecontrib smeserver-phpki which also pulls phpki
# yum --enablerepo=smecontribs,epel install smeserver-phpki
[root@sme92x64 ~]# rpm -qa smeserver-phpki
smeserver-phpki-0.2-3.el6.sme.noarch
[root@sme92x64 ~]# rpm -qa phpki
phpki-0.82-16.el6.sme.noarch
= TESTING:
[root@sme92x64 ~]# uname -r
2.6.32-754.6.3.el6.x86_64
https://192.168.2.93/phpki
https://192.168.2.93/phpki/ca/index.php
as expected, found in logs
Nov 17 15:55:29 sme92x64 httpd: PHP Deprecated: Function ereg() is deprecated
in /opt/phpki/html/include/openssl_functions.php on line 215
Nov 17 15:55:29 sme92x64 httpd: PHP Deprecated: Function ereg() is deprecated
in /opt/phpki/html/include/openssl_functions.php on line 218
Nov 17 15:55:29 sme92x64 httpd: PHP Deprecated: Function ereg() is deprecated
in /opt/phpki/html/include/openssl_functions.php on line 220
Nov 17 15:55:29 sme92x64 httpd: PHP Deprecated: Function ereg() is deprecated
in /opt/phpki/html/include/openssl_functions.php on line 222
Nov 17 15:55:29 sme92x64 httpd: PHP Deprecated: Function ereg_replace() is
deprecated in /opt/phpki/html/include/openssl_functions.php on line 226
Nov 17 15:57:07 sme92x64 httpd: PHP Deprecated: Function eregi() is deprecated
in /opt/phpki/html/include/my_functions.php on line 184
= Updated version installed:
Multilple updates
[root@sme92x64 ~]# yum update-to --enablerepo=smetest
phpki-0.82-17.el6.sme.noarch.rpm
Verifying : phpki-0.82-17.el6.sme.noarch
1/2
Verifying : phpki-0.82-16.el6.sme.noarch
2/2
Updated:
phpki.noarch 0:0.82-17.el6.sme
Complete!
[root@sme92x64 ~]# signal-event post-upgrade; signal-event reboot
[root@sme92x64 ~]# rpm -qa smeserver-phpki
smeserver-phpki-0.2-3.el6.sme.noarch
[root@sme92x64 ~]# rpm -qa phpki
phpki-0.82-17.el6.sme.noarch
No issues detected
Error message not evident
Update with phpki-0.82-18.el6.sme.noarch.rpm
* Mon Oct 8 2018 Daniel B. <[email protected]> 0.82-18.sme
- Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]
Verification of phpki-0.82-17.el6.sme.noarch and phpki-0.82-18.el6.sme.noarch
failed with following in log when a revoked cert is resurected
Nov 18 13:27:35 sme92x64 yum[2495]: Updated: phpki-0.82-18.el6.sme.noarch
Nov 18 13:27:36 sme92x64 /sbin/e-smith/db[2513]:
/home/e-smith/db/configuration: OLD UnsavedChanges=no
Nov 18 13:27:36 sme92x64 /sbin/e-smith/db[2513]:
/home/e-smith/db/configuration: NEW UnsavedChanges=yes
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 804
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 808
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 812
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 816
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 820
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backslash in /opt/phpki/html/include/openssl_functions.php on
line 824
Nov 18 13:31:48 sme92x64 httpd: PHP Warning: preg_match() [<a
href='function.preg-match'>function.preg-match</a>]: Delimiter must not be
alphanumeric or backsla
Update with phpki-0.82-19.el6.sme.noarch.rpm
* Sat Nov 17 2018 Terry Fage <[email protected]> 0.82-19.sme
- Fix preg_match warnings [SME:10622]
[root@sme92x64 ~]# yum update --enablerepo=smetest phpki
Verifying : phpki-0.82-19.el6.sme.noarch
1/2
Verifying : phpki-0.82-18.el6.sme.noarch
2/2
Updated:
phpki.noarch 0:0.82-19.el6.sme
Complete!
[root@sme92x64 ~]# signal-event post-upgrade; signal-event reboot
[root@sme92x64 ~]# rpm -qa phpki
phpki-0.82-19.el6.sme.noarch
No further error or warning messages evident, certificate creation and
management and revication appears to be error free
= UPDATED VERSION INSTALLED:
phpki-0.82-19.el6.sme.noarch
= PROBLEM FIXED:
Multiple errors,
= VERIFIED OR REOPEN:
Verified
= DOCUMENTATION IMPACT:
N/A
= SUGGESTED RELEASE NOTES:
* Mon Oct 8 2018 Daniel B. <[email protected]> 0.82-18.sme
- Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]
* Thu Sep 6 2018 brian r. <[email protected]> 0.82-17.sme
- Replace use of ereg by preg_replace as per deprecated in php 5.3 and removed
in 7.0 [SME: Bug 10622]
* Sat Nov 17 2018 Terry Fage <[email protected]> 0.82-19.sme
- Fix preg_match warnings [SME:10622]
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
