ISPConfig 2.2.28 released

Discussion in 'General' started by till, Dec 5, 2008.

  1. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig 2.2.28 is available for download.

    This ISPConfig release updates ClamAV to 0.94.2 and PHP to 5.2.7.

    Detailed Changelog

    - Updated PHP to 5.2.7.
    - Updated ClamAV to 0.94.2.



    Installation Instructions

    Download the ISPConfig-2.2.28.tar.gz from

    Installation on the shell as root user:

    tar xvfz ISPConfig-2.2.28.tar.gz
    cd install_ispconfig

    The installer automatically detects the installed ISPConfig version and
    performs an update.
  2. edge

    edge Active Member Moderator

    Once again thank you. I'm installing it as I type this :)

    All servers (Debian Etch) updated withoud any problems.
    Last edited: Dec 5, 2008
  3. lubos

    lubos New Member

    Thanks a lot, two servers on Deb-Etch updated flawlessly.
  4. vicboy

    vicboy New Member

    PHP not updated after install?

    Thank you again for your efforts!

    I just have a little question: I've downloaded the file, ISPConfig-2.2.28.tar.gz, uncompressed, ran the ./setup; and everything's OK. But when it finished, I've tried running a file with phpinfo() and it still tells "PHP Version 2.5.4" in the title.

    Running a php -v tells me:
    PHP 5.2.4 (cli) (built: Sep 18 2007 08:50:58)
    Copyright (c) 1997-2007 The PHP Group
    Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

    The same happens if I reboot.

    Is it normal or should I look for something inusual?

    Thank you!

    (It's on a Fedora 7 server)
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats normal. The PHP that comes with ISPConfig is only for the controlpanel, waht you tested is the php that comes with your linux distributiion which is not altered by ispconfig.
  6. vicboy

    vicboy New Member

    Should I...?

    Ok, thank you very much for your quick reply!:) Then, should I update the system's PHP manually then? Is there any way to do it without having any kind of problems? ;)
  7. edge

    edge Active Member Moderator

    Please do not ask in this thread!
    This thread is only for the new ISPconfig release.
    If you do a search on the forum you will find more info about your question.

    Thank you for understanding.
  8. talar

    talar New Member


    Thanks for the update.

    Unfortunately my antivirus (f-prot) goes a little crazy when I download it to my desktop.
    Here's some of the complaints:
    Found file, C:\Documents and Settings\talar\Desktop\ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-upack.exeaa, infected with W32/SuspPack.C.gen!Eldorado

    For more information please visit
    and other errors:
    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-mew.exeaa, infected with W32/Heuristic-CO3!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-wwpack.exeaa, infected with W32/Malware.D.dam!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-aspack.exeaa, infected with W32/Malware.D.dam!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam.ea05.exeaa, infected with W32/Malware.D.dam!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam.ea06.exeaa, infected with W32/Malware.D.dam!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-upx.exeaa, infected with W32/Malware.D.dam!Eldorado

    ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/clamav-0.94.2.tar.gz->(packed)->clamav-0.94.2/test/.split/split.clam-pespin.exeaa->(PESpin), infected with W32/NewUnknownMalware-OC05!Maximus

    An unknown error occured while scanning file C:\Documents and Settings\talar\Desktop\ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/php-5.2.7.tar.gz->php-5.2.7.tar->php-5.2.7/ext/bz2/tests/004_2.txt.bz2

    An unknown error occured while scanning file C:\Documents and Settings\talar\Desktop\ISPConfig-2.2.28.tar.gz->(packed)->install_ispconfig/compile_aps/php-5.2.7.tar.gz->php-5.2.7.tar

    My suspicion is that there's nothing wrong with the update and that it is all because of the heuristics engine making a mistake.
    However it doesn't complain on earlier updates and I found no way to examine that we are downloading the original file. (There's no md5sum or SHA1 hash to be seen anywhere)

    I also tried to upload the update to, but the file is too big for them to accept it.

    Anyways, figured this would be interesting to know.
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    This are false positives. Antivirus scanners have often problems when they scan another antivirus software.
  10. talar

    talar New Member

    Hi Till,

    Thank you for your quick reply.
    Yes I guess so, but it would help if there was an md5 sum somewhere around so that we know the code is not tampered with. Have I overlooked that?

    When antivirus starts to complain it always does raise a bit of suspicion even if the files are fine.

  11. t-mug

    t-mug New Member

    Update was fine - but ...

    Thanks for your effort - the update went fine as usual.

    But would you you mind adding an older problem fix of the thread: to the bug tracker?

    I please you because unfortunately the old behaviour described there remains sticky: after updating I have got spread out again hundreds of chroot files and folders over my customers webspace, despite they have SSH enabled or not. (The only condition for this is to create or to update an user.)

    Last edited: Dec 8, 2008
  12. jnsc

    jnsc rotaredoM Moderator

  13. till

    till Super Moderator Staff Member ISPConfig Developer

    As far as I can see, ISPConfig is not affected by this bug, as magic_quotes_gpc is not used by ISPConfig and is always off in the ispconfig php.
  14. jnsc

    jnsc rotaredoM Moderator

    Of course, but you never know what people do with the bundled php. So I just reported it here in case someone changed the default value.
  15. rsip

    rsip New Member


    PHP 5.2.7 has been removed from distribution
    Due to a security bug found in the PHP 5.2.7 release, it has been removed from distribution. The bug affects configurations where magic_quotes_gpc is enabled, because it remains off even when set to on. In the meantime, use PHP 5.2.6 until PHP 5.2.8 is later released.
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    Please see my post #13 in this thread. ISPConfig is not affected by this and so there is no reason to go back to an older php version in ispconfig.
  17. edge

    edge Active Member Moderator

    Not sure what caused this, but I just tried to update a VMware running Debian Etch, and now it's haning on:
    The update was from ISPconfig 2.2.27, and till now I've never had any problems updating this VMware server.

    UPDATE. I lost the screen connection, and this was the problem
    As soon as I reconnected to the screen (screen -R) the install was still going on as it should.
    Last edited: Dec 9, 2008

Share This Page