On March 19th 2015, the PHP group released PHP 5.4.39.
Six security-related bugs were fixed in this release, including CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP 5.4 users are encouraged to upgrade to this version.
The corresponding packages are now available on Dotdeb :
- for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
- on both amd64 and i386 architectures.
The following modules have been packaged too :
- APC 3.1.13
- apcu 4.0.7
- ffmpeg 0.6.0 (Squeeze only)
- gearman 0.8.3
- geoip 1.0.8
- imagick 3.1.2
- memcache 3.0.8
- memcached 2.2.0
- mongo 1.6.5
- pecl_http 1.7.6
- pinba (master)
- redis 2.2.7
- spplus 1.1
- ssh2 0.12
- xcache 3.2.0
- xdebug 2.3.2
- xhprof 0.9.4
- zendopcache 7.0.4
As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.