CPANEL-34745 - MariaDB 10.3.26-1 Breaks PHP < 7.2
Just wanting to post this here, as I've spent the last 2 hours fault finding an issue on my servers this morning.
cPanel servers, all the latest updates. MariaDB automatically updated to 10.3.26-1 over night as part of the cPanel yum update.
As soon as this happened, any XenForo site running on PHP7.2 or below broke!
This also prevents any user accessing MySQL via cPanel: Swapping to 7.3 or 7.4 works. I've had to downgrade MariaDB back to the previous version:
And this fixes the issue. So, I don't know if it's a PHP issue, a MariaDB issue, or something combining everything! I've excluded MariaDB and Galera now from automatic updates on my servers.
[04-Nov-2020 08:24:41 UTC] PHP Fatal error: Uncaught XF\Db\Exception: MySQL query error [1835]: Malformed communication packet in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php:212
Stack trace:
#0 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(196): XF\Db\AbstractStatement->getException('MySQL query err...', 1835, 'HY000')
#1 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(77): XF\Db\Mysqli\Statement->getException('MySQL query err...', 1835, 'HY000')
#2 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(79): XF\Db\Mysqli\Statement->execute()
#3 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(116): XF\Db\AbstractAdapter->query('\n\t\t\tSELECT data...', Array)
#4 /home/XXX/public_html/community/src/XF/DataRegistry.php(137): XF\Db\AbstractAdapter->fetchPairs('\n\t\t\tSELECT data...')
#5 /home/XXX/public_html/community/src/XF/DataRegistry.php(82): XF\DataRegistry->readFromDb(Array, Array)
#6 /home/XXX/public_html/community/src/XF/DataRegistry.php(225): XF\DataRegistry- in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php on line 212
This also prevents any user accessing MySQL via cPanel: Swapping to 7.3 or 7.4 works. I've had to downgrade MariaDB back to the previous version:
# yum history info 264
Loaded plugins: fastestmirror, universal-hooks
Transaction ID : 264
Begin time : Wed Nov 4 05:35:28 2020
Begin rpmdb : 1964:269d3e2a5fc59faed15b162386618da46afe3e28
End time : 05:36:05 2020 (37 seconds)
End rpmdb : 1964:7aac4ca2ee1e5c81b04babc4f774126e1254d10d
User : root
Return-Code : Success
Command Line : --assumeyes --color=never --config /etc/yum.conf update --disablerepo=epel
Transaction performed with:
Installed rpm-4.11.3-43.el7.x86_64 @base
Installed yum-3.4.3-167.el7.centos.noarch @base
Installed yum-metadata-parser-1.1.4-10.el7.x86_64 @anaconda
Installed yum-plugin-fastestmirror-1.1.31-54.el7_8.noarch @updates
Packages Altered:
Updated MariaDB-client-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated MariaDB-common-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated MariaDB-compat-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated MariaDB-devel-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated MariaDB-server-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated MariaDB-shared-10.3.25-1.el7.centos.x86_64 @MariaDB103
Update 10.3.26-1.el7.centos.x86_64 @MariaDB103
Updated galera-25.3.30-1.el7.centos.x86_64 @MariaDB103
Update 25.3.31-1.el7.centos.x86_64 @MariaDB103
history info
And this fixes the issue. So, I don't know if it's a PHP issue, a MariaDB issue, or something combining everything! I've excluded MariaDB and Galera now from automatic updates on my servers.
-
That's a good question - the PHP/MariaDB conflict isn't actually up to cPanel to solve, as that is something that is happening from MariaDB. We are working on a patch for this at this time, but I don't have any estimated time when that will be released. That is being tracked internally with case UPS-282. 0 -
friends - i am full noob i've forum v80.team 2 days ago its down i told with hosting support - doesnt help i told with cPanel supp - same, but still trying i choos? php 7,3 on both cP and WHM - not solved (only white screen before "error500" i changed language codec in multiphp admin - not solved what can i do? it is doesnt work??? here is latest log [07-Nov-2020 00:05:02 UTC] PHP Warning: PHP Startup: Unable to load dynamic library 'pdo.so' (tried: /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo.so: cannot open shared object file: No such file or directory), /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo.so.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 [07-Nov-2020 00:05:02 UTC] PHP Warning: PHP Startup: Unable to load dynamic library 'pdo_sqlite.so' (tried: /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_sqlite.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_sqlite.so: cannot open shared object file: No such file or directory), /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_sqlite.so.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_sqlite.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 [07-Nov-2020 00:05:02 UTC] PHP Warning: PHP Startup: Unable to load dynamic library 'sqlite.so' (tried: /opt/cpanel/ea-php73/root/usr/lib64/php/modules/sqlite.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/sqlite.so: cannot open shared object file: No such file or directory), /opt/cpanel/ea-php73/root/usr/lib64/php/modules/sqlite.so.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/sqlite.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 [07-Nov-2020 00:05:02 UTC] PHP Warning: PHP Startup: Unable to load dynamic library 'pdo_mysql.so' (tried: /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_mysql.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_mysql.so: cannot open shared object file: No such file or directory), /opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_mysql.so.so (/opt/cpanel/ea-php73/root/usr/lib64/php/modules/pdo_mysql.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 [07-Nov-2020 00:05:02 UTC] PHP Fatal error: Uncaught Error: Call to undefined function IPS\mb_internal_encoding() in /home/sxafkzbe/public_html/init.php:493 Stack trace: #0 /home/sxafkzbe/public_html/init.php(1420): IPS\IPS::init() #1 /home/sxafkzbe/public_html/index.php(12): require_once('/home/sxafkzbe/...') #2 {main} thrown in /home/sxafkzbe/public_html/init.php on line 493 how make it working? 0 -
how to we disable mariadb updates? i downgraded then this morning to 10.3.25 then the next day it went back to 10.3.26 0 -
how to we disable mariadb updates? i downgraded then this morning to 10.3.25 then the next day it went back to 10.3.26
Hi, You can edit the file "/etc/cpupdate.conf" and change "RPMUP=daily" to "RPMUP=manual". With this you will stop cPanel updates. Have a nice day.0 -
Whats news? workaround doesnt work 0 -
all solved cP support Assigned to Suede Young Id #93888880 0 -
The autofixer is to resolve the issues caused in the cPanel databases interface. It doesn't affect the PHP issues, so you'd still want to stay on the older version if you don't want to upgrade PHP just yet.
Such autofixer is being run on every nightly update? So, by tomorrow it would be safe to unlock updates for MariaDB on servers with websites running PHP>= 7.3, is this correct?0 -
Hello, doesn"t work for me. /scripts/autorepair fix_mariadb_show_grants_roles Requesting script ... info [autorepair] Successfully verified signature for cpanel (key types: release). Done Auto Repair is running......Auto Repair is done.
Nothing happensmysql -e "ALTER TABLE mysql.user MODIFY COLUMN password_last_changed timestamp AFTER max_statement_time, MODIFY COLUMN password_lifetime smallint AFTER password_last_changed, MODIFY COLUMN account_locked enum('N','Y') AFTER password_lifetime" ERROR 1054 (42S22) at line 1: Unknown column 'password_last_changed' in 'user'
Doesn"t work. My solution is only downdgrade MariaDB. Any idea? CENTOS 7.8 [server] V90.0.16 PHP 7.2 MariaDB 10.3.25-MariaDB0 -
I am having the same issues as the OP. My Xenforo forums is down. I am running PHP 7.2 and cannot update to PHP 7.4 because it will break other applications. I ran the autofixer suggested by Cpanel: /scripts/autorepair fix_mariadb_show_grants_roles However, the Xenforo site is still down. Any other suggestions besides downgrading? (which I don't really want to do) 0 -
Hi, This problem is solved?, we can update MariaDB and WHM/cPanel to last version?. This is very urgent because we have various cPanel servers and we don't want more problems in client's accounts. Thank you. 0 -
There are problems with certain scripts, for example xenforo forums, this is what they answered: this is a bug with maria db. Your host will have to downgrade to 10.3.25. 0 -
Hi, This problem is solved?, we can update MariaDB and WHM/cPanel to last version?. This is very urgent because we have various cPanel servers and we don't want more problems in client's accounts. Thank you.
hi dear my forum fixed in post #34 i wrote ? of ticket - support solved my problem.0 -
Hello, When I downgraded to 10.3.25, everything was normal again. Now I followed updated info from here Updating MariaDB to v10.2.35 or v10.3.26, causes MySQL Databases interface to show MySQL as offline. reupdated MariaDB to 10.3.26, applied the patch... And one of my old PHP 5.6 script doesn't work again. Now, I can't even downgrade. When I run this again: # whmapi1 configureservice service=mysql enabled=1 monitored=0 # downgrade MariaDB-server MariaDB-common MariaDB-shared MariaDB-client MariaDB-compat MariaDB-devel
it won't downgrade. I just got the message "Nothing to do" and MariaDB stays 10.3.26. Best, Milos0 -
Such autofixer is being run on every nightly update? So, by tomorrow it would be safe to unlock updates for MariaDB on servers with websites running PHP>= 7.3, is this correct?
Hello! The autofixer should run in the next nightly upcp maintenance cron if it hasn't already. The autofixer was created to resolve the issue regarding the "MySQL Databases" UI being unable to read the user grants properly. The issue concerning PHP sites populating a 500, is still actively being reported as it's tied with a different UPS case. This has not yet been resolved as we're still working with MariaDB's team. You can find more information on this case and future via through the below article:0 -
I can see the problem is from Thursday ... Now we have Monday. Problem is not solved yet ! Many of customers will go out of our hosting, becouse PrestaShop is not working with php 7.3 but on <7.3 is not working after MadiaDB upgrade How long will it takes ! My priority support is completely unhelpfull ? What should I do ? 0 -
@bejbi: Downgrade your MariaDB install ASAP. Then lock it for a while as explained in the workaround, until this issue is fixed. Nothing else left to do. downgrade+lock+pray. 0 -
And now this: [MDEV-23569] temporary tables can overwrite existing files - Jira Vulnerability Description: -------------------------- MariaDB is vulnerable to an arbitrary file delete vulnerability that allows unprivileged users the ability to corrupt and/or delete files owned by the 'mysql' user including other user databases. This vulnerability is allowed to happen due to the use of insecure temporary files related to the MyISAM/Aria operations. In our testing, most hosting control panels that use MariaDB are vulnerable to this exploit. It is incredibly easy to exploit and users are highly recommended to update as soon as possible.
So keeping servers downgraded is now a vulnerability.0 -
Hello! The autofixer should run in the next nightly upcp maintenance cron if it hasn't already. The autofixer was created to resolve the issue regarding the "MySQL Databases" UI being unable to read the user grants properly. The issue concerning PHP sites populating a 500, is still actively being reported as it's tied with a different UPS case. This has not yet been resolved as we're still working with MariaDB's team. You can find more information on this case and future via through the below article:
0 -
@MindServer - the autofixer is specifically for the cPanel interface issue. It is not for the PHP <7.2 compatibility issue as that is currently only fixed with the downgrade. 0 -
after update cPanel, When adding a database to the user in Manage User Privileges, Nothing happens. I can not connect the database to the user. 0 -
@behinam - in order to keep this focused on the issues with the case it would be best to create a new thread for that issue. 0 -
@MindServer - the autofixer is specifically for the cPanel interface issue. It is not for the PHP <7.2 compatibility issue as that is currently only fixed with the downgrade.
The compatibility issue is in PHP 7.2, 7.3 and 7.4?, or is in PHP 7.2, 7.1, 7.0 and less?. Thank you very much. Have a nice day.0 -
it's 7.2 and lower, so 7.2 is also affected. 0 -
I've been following this thread and I am scared on page 2, im staying right where I am in 10.3.25 until this is much more solid. I am not running any alteration scripts that fix this and that but not this because this is an issue from them. We're running a company and we have multiple nodes and we can't have any screw ups so I will follow this thread until cpanel issues a real patch to the problem, not a quick hotfix autoscript for just the interface. I am very much fine at 10.3.25, works wonders all around. 0 -
@MindServer - for your situation it would be best to stay downgraded to avoid further issues with the system until there is a more official fix. 0 -
The problem has been solved, I have not downgraded MariaDB, I have always kept the version 10.3.26-MariaDB, I have waited for the autofixer. I use CLOUDLINUX 7.9 and cPanel v90.0.16 The problem has been solved automatically with the autofixer. Thank you @cPanelSamA 0 -
I've been following this thread and I am scared on page 2, im staying right where I am in 10.3.25 until this is much more solid. I am not running any alteration scripts that fix this and that but not this because this is an issue from them. We're running a company and we have multiple nodes and we can't have any screw ups so I will follow this thread until cpanel issues a real patch to the problem, not a quick hotfix autoscript for just the interface. I am very much fine at 10.3.25, works wonders all around.
Just keep in mind that 10.3.25 is vulnerable to So depending on the type of customers and access they have on your server, you should either wait until MariaDB launches the new versions to the major branch paths (it shouldn't take long since the rpms are already live), or follow my instructions above to install it right away.0
Please sign in to leave a comment.
Comments
89 comments