Posted by & filed under MySQL.

Packages of MySQL 5.5.38 are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures to fix some vulnerabilities and various bugs as well (the latest packaged version was 5.5.31…).

Please note that the Pinba engine has also been rebuilt to be used against this new version.

As usual, please read carefully the full Changelog before upgrading.

Posted by & filed under Zabbix.

Zabbix 2.2.5 has been released on June 23rd 2014. This release contains a security fix, fixes known issues of Zabbix 2.2.x and introduces new minor features. Please read the release notes for more info.

As usual, the packages are now available :

  • for Debian 7.0 “Wheezy and 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

And don’t forget, if you find Dotdeb useful, feel free to show your support.

Posted by & filed under Redis.

Redis 2.8.13 has been released on July 14th 2014 (happy Bastille day!), bringing the following changes :

  • [FIX] CLIENT KILL minor backward compatibility fixes. (Salvatore Sanfilippo)
  • [FIX] Enable HAVE_ATOMIC for PowerPC. (Matt Stancliff)
  • [FIX] More robust PSYNC and AOF rewrites tests. (Salvatore Sanfilippo)
  • [FIX] Solaris build fixed. (Matt Stancliff, Salvatore Sanfilippo)
  • [NEW] The new latency monitoring feature, as documented at http://redis.io/topics/latency-monitor (Salvatore Sanfilippo)
  • [NEW] The COMMAND command, exposing the Redis command table as an API. (Matt Stancliff)
  • [NEW] Update used memory with C11 __atomic. (Matt Stancliff)

The upgrade urgency is low for Redis and Sentinel, this is a features enhancement release mostly. Since this release introduces the latency monitoring feature, Redis 2.8 users experiencing latency issues are strongly encouraged to upgrade.

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures.

Posted by & filed under MySQL.

Percona toolkit 2.2.9 is now available on Dotdeb for both Debian 7 “Wheezy” and Debian 6 “Squeeze”. This release fixes 5 bugs.

As usual, before upgrading, please read the list of changes for Percona toolkit 2.2.9 and the announcement by Hrvoje Matijakovic.

Posted by & filed under PHP.

On June 26th 2014, the PHP group has released PHP 5.4.30. Over 20 bugs were fixed in this release, including the following security issues: CVE-2014-3981, CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-4049, CVE-2014-3515. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Posted by & filed under PHP.

On June 27th 2014, the PHP group has released PHP 5.5.14.

This release fixes several bugs against PHP 5.5.13. Also, this release fixes a total of 8 CVEs, half of them concerning the FileInfo extension.

All PHP users are encouraged to upgrade to this new version.

Please, note that this release also fixes a backward compatibility issue that has been detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may break some very rare situations. As this tiny compatibility break involves security, and as security is our primary concern, we had to fix it. This concerns bug 67072. For more information about this bug and its actual resolution, please visit our upgrading guide. We apologize for any inconvenience you may have experienced with this behavior.

PHP 5.5.14 packages are now available on Dotdeb for Debian 7.5 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

php5-mysqlnd can now seamlessly replace php5-mysql for other packages having outdated dependencies. You can now avoid an annoying libmysqlclient warning when using MySQL servers different from 5.5.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Posted by & filed under Zabbix.

Zabbix 2.2.4 has been released on June 23rd 2014, coming with faster Zabbix GUI, improved usability along with a number of bug fixes. Please read the release notes for more info.

As usual, the packages are now available :

  • for Debian 7.0 “Wheezy and 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

And don’t forget, if you find Dotdeb useful, feel free to show your support.

Posted by & filed under Nginx.

Packages of Nginx 1.6.0 for Debian Wheezy and Squeeze have just been updated to fix a vulnerability in the ngx_pagespeed-embeded OpenSSL library.

The nginx-auth-ldap, nginx-cache-purge, nginx-lua and nginx-upload-progress modules have also been updated.

Posted by & filed under Redis.

Redis 2.8.12 has been released on June 23th 2014, bringing the following changes :

  • [FIX / BREAKS BACKWARD COMPATIBILITY] Using SELECT inside Lua scripts no longer makes the selected DB to be set in the calling client. So Lua can still use SELECT, but the client calling the script will remain set to the original DB. Thix fixes an issue with Redis replication of Lua scripts that called SELECT without reverting the selected DB to the original one. (Salvatore Sanfilippo)
  • [FIX] Sentinel failover was instalbe if the master was detected as available during the failover (especially during manual failovers) because of an implementation error (lack of checking of SRI_PROMOTED flag). (Salvatore Sanfilippo)
  • [FIX] Cancel SHUTDOWN if initial AOF is being written. (Matt Stancliff)
  • [FIX] Sentinel: bind source address for outcoming connections. (Matt Stancliff).
  • [FIX] Less timing sensitive Sentinel tests. (Salvatore Sanfilippo).
  • [NEW] redis-cli --intrinsic-latency stopped with SIGINT still reports stats (Matt Stancliff)
  • [NEW] Sentinels broadcast an HELLO message ASAP after a failover in order to reach a consistent state faster (before it relied for periodic HELLO messages). (Salvatore Sanfilippo).
  • [NEW] Jemalloc updated to 3.6.0. (Salvatore Sanfilippo)
  • [NEW] CLIENT LIST speedup. (Salvatore Sanfilippo)
  • [NEW] CLIENT LIST new unique incremental ID to every client. (Salvatore Sanfilippo)
  • [NEW] ROLE command added. (Salvatore Sanfilippo)
  • [NEW] CLIENT KILL new form to kill by client type and ID (see doc at redis.io for more info). (Salvatore Sanfilippo)
  • [NEW] Sentinel now disconnects clients when instances are reconfigured (see http://redis.io/topics/sentinel-clients). (Salvatore Sanfilippo)
  • [NEW] Hiredis update to latest version. (Matt Stancliff)

The upgrade urgency is high for Redis, critical for Sentinel.

Please note that this release contains a non backward compatible semantical change to Lua script that should affect an almost zero number of users.

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures.

Posted by & filed under Redis.

Redis 2.8.11 has been released on June 11th 2014, bringing the following changes :

  • [FIX] A previous fix for Lua -> Redis numerical precision enhancement introduced a new problem. In Redis 2.8.10 commands called from Lua passing a string that “looks like” a very large number, may actually use as argument the string converted as a float. This bug is now fixed.
  • [FIX] Now commands other than PUSH adding elements to a list will be able to awake clients blocked in a blocking POP operation.
  • [FIX] Cygwin compilation fixes.

The upgrade urgency is high if you use Lua scripting, LOW otherwise.

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures.