Categories
PHP

PHP 5.4.28, for Wheezy and Squeeze

On May 1st 2014, the PHP group has released PHP 5.4.28. 9 bugs were fixed in this release, including CVE-2014-0185. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Please note that if you’re using an Unix socket to make PHP-FPM talk to your web server, you’ll have to set the listen.owner and listen.group directive to the right user/group (usually www-data), for each of your pool. Don’t change the permissions on the socket from 0660 to 0666 (too permissive), it would avoid the CVE-2014-0185 fix.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.12 for Debian Wheezy

On April 30th 2014, the PHP group has released PHP 5.5.12 :

This release fixes several bugs against PHP 5.5.11, as well as CVE-2014-0185 regarding PHP-FPM. All PHP users are encouraged to upgrade to this new version.

As a consequence, PHP 5.5.12 packages are now available on Dotdeb for Debian 7.4 “Wheezy”, on both amd64 and i386 architectures.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

Please note that if you’re using an Unix socket to make PHP-FPM talk to your web server, you’ll have to set the listen.owner and listen.group directive to the right user/group (usually www-data), for each of your pool. Don’t change the permissions on the socket from 0660 to 0666 (too permissive), it would avoid the CVE-2014-0185 fix.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
PHP

PHP 5.4.27, for Wheezy and Squeeze

On April 3rd 2014, the PHP group has released PHP 5.4.27. 6 bugs were fixed in this release, including CVE-2013-7345. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.11 for Debian Wheezy

On April 2nd 2014, the PHP group has released PHP 5.5.11 :

Several bugs were fixed in this release, some bundled libraries updated and a security issue has been fixed : CVE-2013-7345. We recommand all PHP 5.5 users to upgrade to this version.

As a consequence, PHP 5.5.11 packages are now available on Dotdeb for Debian 7.4 “Wheezy”, on both amd64 and i386 architectures.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
MySQL PHP

About the “mysql_connect(): Headers and client library minor version mismatch” warning

After having MySQL 5.6.17 published, some users complained about a warning thrown by their PHP applications :

PHP Warning: mysql_connect(): Headers and client library minor version mismatch. Headers:50535 Library:50617

In fact, this could happen with any application linked to libmysqlclient18 in a certain version (php5-mysql from Dotdeb is linked to the 5.5.35 version from the stock Debian distribution) when connecting to a MySQL server in another version (5.6.17 in our case). The warning is thrown by libmysqlclient18 itself. And this is just a warning, there is no reason why any bad behavior would happen in that case.

Of course, I could build php5-mysql against the latest libmysqlclient18 (5.6.17), but it would lead to very bad issues, such as duplicate symbols or segfaults when PHP is loaded with other MySQL-linked modules from the stock Debian distribution (those are linked to libmysqlclient18 5.5.35). For example : mod_php5 + Apache + mod_auth_mysql would crash.

If this this warning really annoys you, feel free to install php5-mysqlnd instead of php5-mysql :

  • it’s a drop-in replacement
  • it’s not linked against any libmysqlclient library
  • it won’t throw any irrelevant warning about version mismatch
  • it has a lot of benefits. See http://www.php.net/mysqlnd for more info

I hope this helps.

Categories
PHP

PHP 5.4.26, for Wheezy and Squeeze

On March 7th 2014, the PHP group has released PHP 5.4.26. 5 bugs were fixed in this release, including CVE-2014-1943. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.10, for Debian 7.0 “Wheezy”

On March 6th 2014, the PHP group has released PHP 5.5.10. Several bugs were fixed in this release, including security issues related to CVEs. CVE-2014-1943, CVE-2014-2270 and CVE-2013-7327 have been addressed in this release. All PHP 5.5 users should upgrade to this version.

As a consequence, PHP 5.5.10 packages are now available on Dotdeb for Debian 7.0 “Wheezy”, on both amd64 and i386 architectures.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
PHP

PHP 5.4.25, for Wheezy and Squeeze

On February 6th 2014, the PHP group has released PHP 5.4.25. 5 bugs were fixed, all PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.9 for Debian 7.0 “Whezzy”

On February 5th 2014, the PHP group has released PHP 5.5.9. This release fixes several bugs against PHP 5.5.8.

As a consequence, PHP 5.5.9 packages are now available on Dotdeb for Debian 7.0 “Wheezy”, on both amd64 and i386 architectures.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
PHP

PHP 5.4.24, for Wheezy and Squeeze

On January 10th 2014, the PHP group has released PHP 5.4.24. About 14 bugs were fixed. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.