On October 16th 2014, the PHP group released PHP 5.4.34.
6 security-related bugs were fixed in this release, including fixes for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. Also, a fix for OpenSSL which produced regressions was reverted. All PHP 5.4 users are encouraged to upgrade to this version.
The corresponding packages are now available on Dotdeb :
- for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
- on both amd64 and i386 architectures.
The following modules have been packaged too :
- APC 3.1.13
- apcu 4.0.7
- ffmpeg 0.6.0 (Squeeze only)
- gearman 0.8.3
- geoip 1.0.8
- imagick 3.1.2
- memcache 3.0.8
- memcached 2.2.0
- mongo 1.5.7
- pecl_http 1.7.6
- pinba (master)
- redis 2.2.5
- spplus 1.1
- ssh2 0.12
- xcache 3.2.0
- xdebug 2.2.5
- xhprof 0.9.4
- zendopcache 7.0.3
As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.