The repository for Debian-based LAMP servers
MySQL 5.1.43 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.
Please note that it’s the last update for Etch, because the security supports ends for this branch (time to upgrade!).
This maintenance release comes with many improvements and bugfixes, especially the InnoDB plugin 1.0.6 (please read the Changelog for more details).
The Debian security team announced that Debian 4.0 “Etch” security support will be ended on February 15th, 2010 :
Security Support for Debian GNU/Linux 4.0 to be discontinued on February 15th One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and nearly three years after the release of Debian GNU/Linux 4.0 alias 'etch' the security support for the old distribution (4.0 alias 'etch') is coming to an end next month. The Debian project is proud to be able to support its old distribution for such a long time and even for one year after a new version has been released. The Debian project has released Debian GNU/Linux 5.0 alias 'lenny' on the 14th of February 2009. Users and Distributors have been given a one-year timeframe to upgrade their old installations to the current stable release. Hence, the security support for the old release of 4.0 is going to end in February 2010 as previously announced. Previously announced security updates for the old release will continue to be available on security.debian.org.
Then, Dotdeb will follow the Debian project and all the Etch packages will be moved to http://archives.dotdeb.org/ on Feb. 15th.
It is now time for you to upgrade your last servers from Etch to Lenny…
I’ll have to prepare the Squeeze release (planned on August 2010). The (early) plans ?
I just uploaded new MySQL 5.1.41 packages that fix a remote buffer overflow in MySQL servers that use the embedded YaSSL library :
Since Debian and Dotdeb are impacted, you are strongly encouraged to upgrade your servers.
Just for fun : I’ve been interviewed about Dotdeb by PHP TV, a french-speaking webTV.
On December 17th 2009, the PHP Group released PHP 5.2.12 :
The PHP development team would like to announce the immediate availability of PHP 5.2.12. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release.
Security Enhancements and Fixes in PHP 5.2.12:
- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
- Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia)
- Added protection for $_SESSION from interrupt corruption and improved “session.save_path” check, identified by Stefan Esser. (CVE-2009-4143, Stas)
- Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
(Please read the full announcement for more details)
Dotdeb packages of PHP 5.2.12 are now (finally) available for Debian “Lenny” and “Etch”, amd64 and i386.
Upgrading your servers is strongly encouraged because of several security issue, especially a multipart/form-data DoS (CVE-2009-4017). Please set the max_file_uploads parameter carefully.
The PHP 5.3.1 packages for Debian “Lenny” have been updated to fix :
All should work fine now.
A few days ago, the PHP Group released PHP 5.3.1 :
The PHP development team would like to announce the immediate availability of PHP 5.3.1. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users of PHP are encouraged to upgrade to this release.
Security Enhancements and Fixes in PHP 5.3.1:
- Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
- Added missing sanity checks around exif processing.
- Fixed a safe_mode bypass in tempnam().
- Fixed a open_basedir bypass in posix_mkfifo().
- Fixed failing safe_mode_include_dir.
Further details about the PHP 5.3.1 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.
On the Debian side, some changes were made :
Because migrating from PHP 5.2. to PHP 5.3 can break some applications, here is the Dotdeb release policy :
Then , to install PHP 5.3 on your Debian “Lenny” box, just add these two entries in your /etc/apt/sources.list :
deb http://php53.dotdeb.org stable all deb-src http://php53.dotdeb.org stable all
Now launch your favorite commands (apt-get update && apt-get upgrade) to upgrade your box.
In case you enjoy this new release, feel free to donate or to take a look at my whishlist… Xmas is coming 
MySQL 5.1.41 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.
This maintenance release fixes a lot of bugs (please read the Changelog for more details). Please note the the InnoDB plugin has been updated to 1.0.5.
MySQL 5.1.40 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.
As usual, this maintenance release fixes a lot of bugs (please read the Changelog for more details).
Please note that the packaging is a little bit different from the official Debian packaging, to include the InnoDB plugin in the mysql-server-5.1 package instead of in the libmysqlclient-dev one. This plugin replaces the built-in InnoDB support and has many advantages :
You can easily enable it by uncommenting to lines in the /etc/mysql/my.cnf configuration file and then restart your MySQL server :
Please read carefully the InnoDB plugin documentation and backup your data before activating this beta quality feature!
Looking for a new way to speed up your MySQL server? The tcmalloc library from Google Perftools could be the answer (about 15-20% performance improvement). Refer to this (updated) How-to for more information.
I just packaged Google Perftools 1.4 for Debian 5.0 (a.k.a. “Lenny”). According to the Changelog, they’re bringing a lot of bugfixes and improvements, and then they enhance the stability of the daemons they’re plugged in, especially on 64bits systems.
Upgrading from previous version is highly recommended.
Tags: google-perftools, release
