Categories
MySQL

MySQL 5.1.47, a security-focused release, is available

MySQL 5.1.47 is now available on Dotdeb for your Lenny servers, in amd64 and i386 flavours.

This is a security-oriented release that fixes some serious flaws… Please read full changelog for more information.

Please also note that the InnoDB plugin has been upgraded to version 1.0.8 and is now considered of General Availability quality. Feel free to use it for a performance boost.

Categories
MySQL

MySQL 5.1.46 is now available

MySQL 5.1.46 is now available on Dotdeb for your Lenny servers, in amd64 and i386 flavours. It fixes a lot of annoying bugs and upgrades the InnoDB plugin to version 1.0.7 for more performances.

Be careful : the MySQL server is now split in two separate packages :

  • mysql-server-core-5.1 that contains only the mysqld binary and some system files,
  • mysql-server-5.1 that depends on mysql-server-core-5.1 and that contains the init scripts and utilities to run the MySQL server in a Debian environment.

The migration to this new packaging schema is transparent and will not break any dependencies.

As usual, please read the changes in MySQL 5.1.46 and what’s new in the InnoDB plugin 1.0.7 before upgrading.

Categories
PHP

May is the month of PHP security

According to Stefan Esser, author of the Suhosin patch, May 2010 will be the “Month of PHP Security” :

This initiative continues the effort of Hardened-PHP’s Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on the one hand and on the other hand by publishing articles and tools that help PHP application developers to develop more secure PHP applications.

You’ll find more information on the MoPS website and you can follow its twitter account to discover each vulnerability as soon as it’s reported.

Categories
PHP

PHP 5.3.2 and PHP 5.2.13 get an update

New packages of PHP 5.3.1 and PHP 5.2.13 has been uploaded to fix some annoying bugs :

In addition, PHP 5.3.2 now restarts softly, without any problem (thanks to Daniel Hahler).

Categories
MySQL

MySQL 5.1.45 is available

Sorry, but I forgot to write a note about it. Here’s a quick one…

MySQL 5.1.45 is now available on Dotdeb for Debian 5.0 “Lenny” in amd64/i386 flavours.

This is a bug fix release, but please read the Changelog carefully before upgrading.

Categories
PHP

PHP 5.3.2 is available too!

A few days ago, the PHP Group released PHP 5.3.2. It fixes severe security issues and some other bugs :

The PHP development team is proud to announce the immediate release of PHP 5.3.2. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes.

Security Enhancements and Fixes in PHP 5.3.2:

  • Improved LCG entropy. (Rasmus, Samy Kamkar)
  • Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen)
  • Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak. (Ilia)

(…)

It is now available on Dotdeb (still on a separate repository) with the following changes :

  • id3 and mailparse PECL extensions have been removed from the repository. If some of them were useful to you, please let me know. Don’t forget that there”s an easy way to package PECL extensions by yourself
  • the memcache extension has been downgraded to v3.0.3 because of a bug in the session redundancy
  • php5-fpm is now an alternative dependency og the php5 meta-package

As usual, please read the release announcement and the full Changelog before upgrading. If you’re migrating from PHP 5.2, you can also take a look at migration guide.

[Update] The packages have been updated to fix a MySQL connection issue. The geoip PECL extension is back.

Categories
PHP

PHP 5.2.13 is available

A few days ago, the PHP Group released PHP 5.2.13. It fixes severe security issues and some other bugs :

The PHP development team would like to announce the immediate availability of PHP 5.2.13. This release focuses on improving the stability of the PHP 5.2.x branch with over 40 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.13:

  • Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen)
  • Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak. (Ilia)
  • Improved LCG entropy. (Rasmus, Samy Kamkar)

(…)

On the Dotdeb side

As usual, please read the release announcement and the full Changelog before upgrading.

Categories
MySQL

MySQL 5.1.44 is available for Debian 5.0 “Lenny”

MySQL 5.1.44 is now available on Dotdeb for Debian 5.0 “Lenny” in amd64/i386 flavours.

This is primarily a bug fix release, but please read the Changelog carefully before upgrading.

Categories
MySQL

MySQL 5.1.43 is available for Debian “Lenny” (and “Etch”…)

MySQL 5.1.43 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.

Please note that it’s the last update for Etch, because the security supports ends for this branch (time to upgrade!).

This maintenance release comes with many improvements and bugfixes, especially the InnoDB plugin 1.0.6 (please read the Changelog for more details).

Categories
Miscellaneous

Etch security support discontinued by Debian on Feb. 15th…

The Debian security team announced that Debian 4.0 “Etch” security support  will be ended on February 15th, 2010 :

Security Support for Debian GNU/Linux 4.0 to be discontinued on
February 15th

One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and
nearly three years after the release of Debian GNU/Linux 4.0 alias
'etch' the security support for the old distribution (4.0 alias
'etch') is coming to an end next month.  The Debian project is proud
to be able to support its old distribution for such a long time and
even for one year after a new version has been released.

The Debian project has released Debian GNU/Linux 5.0 alias 'lenny' on
the 14th of February 2009.  Users and Distributors have been given a
one-year timeframe to upgrade their old installations to the current
stable release.  Hence, the security support for the old release of
4.0 is going to end in February 2010 as previously announced.

Previously announced security updates for the old release will continue
to be available on security.debian.org.

Then, Dotdeb will follow the Debian project and all the Etch packages will be moved to http://archives.dotdeb.org/ on Feb. 15th.

It is now time for you to upgrade your last servers from Etch to Lenny…

What’s next?

I’ll have to prepare the Squeeze release (planned on August 2010). The (early) plans ?

  • Focus on high quality PHP 5.3 and MySQL 5.1+ packages
  • More useful tools for your LAMP platforms : Gearman, Maatkit… MariaDB? Drizzle? Wait & see
  • No more mail-realated packages (Qmail, Vpopmail, Courier, Dovecot, Vqadmin)