Results 1 to 9 of 9

Thread: Zarafa on Red Hat Fedora Core 7

  1. #1
    Junior Member
    Join Date
    Jan 2008

    Zarafa on Red Hat Fedora Core 7

    Hi guys! I'am getting stuck on this. After installing Zarafa on a fresh installed FC7 system, Apache wouldn't start. The problem is that de module wil not match with the PHP version (5.2.2). See bellow:

    I couldn't find a way to compile the module by myself (is it possible to do so?).
    I start to downgrade PHP to version 5.1.2. but that's almost impossible because al those dependencies.

    It would be nice to get Zarafa working with the latest versions. Can this be done with RPMs or must i build anything from scratch?
    Are there people out there who have the same experience?

    Any help would be appreciated!


  2. #2
    Senior Member
    Join Date
    May 2006

    Re: Zarafa on Red Hat Fedora Core 7

    Hi Martijn,

    It's not possible to compile the php-mapi extension by yourself, because it's not an opensource component of Zarafa.

    Unfortunately I think the only way to get it working, is to have native packages compiled on FC7.
    I will put it on the featurelist, so can have these packages in a new release of Zarafa.


    Milo Oostergo

  3. #3
    Junior Member
    Join Date
    Feb 2008

    Re: Zarafa on Red Hat Fedora Core 7

    We are experiencing the exact same problem while trying to install the demo.

    Any idea when this will be fixed?
    Is there a workaround?

    I really want to try Zarafa, but now I am completely stuck :-|

    CNOC Informatiesystemen

  4. #4
    Zarafa Developer

    Join Date
    May 2006

    Re: Zarafa on Red Hat Fedora Core 7

    Zarafa is compiled for a predefined set of Linux distributions, mostly the stable trees, like Redhat Enterprise, Suse Enterprise, Debian stable and Ubutunu LTS versions. We also have some builds for other distributions, like FC4 and 5 (and lucky for us 6 is compatible with FC5) and OpenSuse 10.x. But I personally would not recommend those distributions, since security support is mostly dropped within a year or 2 for those releases.

    Since Fedora brings every 3/4 months or so a new version, it's hard for us to keep up with all those versions.

    Please choose a distribution that we support, or download the VMWare demo we provide on the site.
    If it isn't reproducable, it's not a bug.
    If it is reproducable, it's meant to be that way.

  5. #5

    Re: Zarafa on Red Hat Fedora Core 7

    I would recommend CentOS if you need to demo on RedHat.

  6. #6
    Junior Member
    Join Date
    Feb 2008

    Re: Zarafa on Red Hat Fedora Core 7

    That's no problem since you can upgrade to each new version for free. It's also our decision, not yours. It's one of the advantages of Linux: you have a choice. (Unless you use Zarafa, apparently)

    I find it strange that you find it too much asked to provide a binary for a recent version of PHP. The version of PHP that you guys 'support' is from mid 2006. I wouldn't call that support. If you guys choose to release a product and do not update it to the recent standards, I just call that lazy. Typical behavior form a closed-source company like Microsoft. I thought that you would do better, but apparently not.

    That's not true. It's once every 6 months. But that's not relevant. It's PHP which is releasing more versions then once each 3 years. Some people do need those new version. Here is a list of only the PHP security-issues which are fixed since the release of the PHP version which you guys 'support':

    Version 5.2.2, 03-May-2007:

    * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
    * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
    * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
    * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
    * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
    * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
    * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
    * Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers. (MOPB-20, MOPB-21 by Stefan Esser). (Ilia)
    * Fixed substr_compare and substr_count information leak (MOPB-14 by Stefan Esser) (Stas, Ilia)
    * Limit nesting level of input variables with max_input_nesting_level as fix for (MOPB-03 by Stefan Esser) (Stas)
    * Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team) (Ilia)
    * Fixed a possible super-global overwrite inside import_request_variables(). (by Stefano Di Paola, Stefan Esser) (Ilia)
    * Fixed a remotely trigger-able buffer overflow inside make_http_soap_request(). (Ilia)
    * Fixed a buffer overflow inside user_filter_factory_create(). (Ilia)
    * Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library. (Stas)

    Version 5.2.3, 31-May-2007

    * Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
    * Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
    * Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
    * Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
    * Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
    * Added mysql_set_charset() to allow runtime altering of connection encoding.

    Version 5.2.4, 30-August-2007

    * Fixed "Floating point exception" inside wordwrap(). (Mattias Bengtsson, Ilia)
    * Fixed several integer overflows in ImageCreate(), ImageCreateTrueColor(), ImageCopyResampled() and ImageFilledPolygon() reported by Mattias Bengtsson. (Tony)
    * Fixed size calculation in chunk_split(). (Stas)
    * Fixed integer overflow in str[c]spn(). (Stas)
    * Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia)
    * Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Ilia)
    * Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Stas)
    * Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz)
    * Fixed possible invalid read in glob() win32 implementation (CVE-2007-3806). (Tony)
    * Improved fix for MOPB-03-2007. (Ilia)
    * Corrected fix for CVE-2007-2872. (Ilia)

    Version 5.2.5, November 2007

    * Fixed dl() to only accept filenames. reported by Laurent Gaffie.
    * Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
    * Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences.
    * Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
    * Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason.
    * Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms).
    * Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).

    I think I'm gonna install Exchange. That'll cost us less money and the support is not any worse then the support you are providing. I don't like the attitude of your company. You would like it if people are using Linux/OSS-based servers. But you are selling closed-source software yourselves, instead on selling support based on OSS products, like companies as RedHat, Novell, Canonical, Google, SUN and friends do.

    But if you choose to release closed-source software, you have to release more binary-releases to link to software which source is available. If you are too lazy to do so, I don't think I wanna be your customer.

    CNOC Informatiesystemen

  7. #7
    Senior Member
    Join Date
    Mar 2007
    Yorkshire, England

    Re: Zarafa on Red Hat Fedora Core 7

    Hi Cnoc,

    Linux and the OSS comunity as a whole has its own advantages and disadvantages, I am a Linux guy through and through and I don't find what Zarafa do strange at all! Linux is a multi-architecture operating system, and distributions of these flavours of operating systems can come in MANY different configurations. Windows has but a couple of Server Platforms (2000, 2003 and perhaps 2008)

    At the end of the day, Zarafa is a commercial company that provide a piece of software that they have worked very hard on that has to run on Linux... true.. but they also have to ensure that what they write works to the best of their knowledge for their development environment... as a developer myself I know you must standardise on a Platform/Package set and then build on that. Each distribution can have its own patch-sets for a revision of any package.. look at source based distributions like Gentoo/LFS and all the other meta distributions!! You'd have to release something each day or two!!!

    The fact that they have provided virtual machines that people can use and are used to is great, and I applaude it!

    Linux is moving and changing all the time, and I'd rather have it do what Zarafa think it should rather than dozens of different variables that are out of their control.

    Milo, Steve, John, Michael, Imar... in fact everyone.. keep up the good work!

    Certified Zarafa Engineer since v4.20
    If the problem is solved, please mark the subject of the original post as [SOLVED] - it helps when searching! :-)
    Please remember to add what version you are currently using, along with appropriate logs.

  8. #8
    Senior Member Michael's Avatar
    Join Date
    Dec 2006

    Re: Zarafa on Red Hat Fedora Core 7

    I think that you make a mistake here, the by Zarafa supported distro's will do security patches on PHP, but they don't always use the same version numbering, they just apply the patch for the security issue.

  9. #9
    Senior Member
    Join Date
    May 2006
    Delft / Amsterdam

    Re: Zarafa on Red Hat Fedora Core 7

    Hi Cnoc,

    As core developer of Zarafa, I can tell you, that it is impossible to support always the last new distributions.
    There are many reasons to wait with releases for new distributions.

    However, if you want to get an impression of Zarafa, you can download the zarafa VMware image, it’s quite simple to install the image, special created for lazy guys When you finished the test and you like Zarafa, we can discuss your wishes.

    Michel de Ron

Similar Threads

  1. Zarafa-licenced and Fedora 14
    By bryanwells in forum Installation, Configuration and Maintenance
    Replies: 10
    Last Post: 19-10-2011, 11:10 AM
  2. Zarafa Server 6.40.8 dies with core dump
    By flux in forum Administration and Integration
    Replies: 2
    Last Post: 07-06-2011, 10:20 AM
  3. build errors on Fedora Core 10
    By udaykiran in forum Installation and Configuration Archives
    Replies: 1
    Last Post: 08-10-2009, 10:22 AM
  4. Is installing Zarafa on Fedora Core 9 possible?
    By JaapvanEkris in forum Installation and Configuration Archives
    Replies: 3
    Last Post: 05-11-2008, 08:35 PM
  5. Fedora Core 4 zarafa-admin problem (4.2 beta)
    By tepucom in forum Beta Feedback Archives
    Replies: 3
    Last Post: 08-06-2006, 02:36 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts