MySQL 5.1.49 packages for Debian 5.0 « Lenny » are now available on Dotdeb in amd64/i386 flavours.

This is a bug fix release, embedding the InnoDB plugin 1.0.10.

As usual, please read the Changelog carefully before upgrading.

Feel free to Flattr this post at flattr.com, if you like it.

The PHP development team would like to announce the immediate availability of PHP 5.2.14. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related.

This release marks the end of the active support for PHP 5.2. Following this release the PHP 5.2 series will receive no further active bug maintenance. Security fixes for PHP 5.2 might be published on a case by cases basis. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

The packages for Debian “Lenny” are now available on Dotdeb.

Of course, you’re advised to read the full announcement and the Changelog before upgrading.

Thanks (again) to Stefan Esser and the Month of PHP security for improving PHP.

Feel free to Flattr this post at flattr.com, if you like it.

The PHP development team would like to announce the immediate availability of PHP 5.3.3. This release focuses on improving the stability and security of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users are encouraged to upgrade to this release.

The packages for Debian “Lenny” are now available on Dotdeb on the usual repository.

Of course, you should read the full announcement, the PHP 5.3 migration guide and consult the Changelog.

Caution : (to PHP-FPM users) with the inclusion of PHP-FPM in the PHP 5.3 core, the syntax of the configuration file (/etc/php5/fpm/php5-fpm.conf) has changed. It switched from a XML syntax to an INI one. Please prepare your new configuration file before upgrading, by reading carefully the PHP documentation and this page.

And thanks to Stefan Esser and the Month of PHP security for improving PHP.

Feel free to Flattr this post at flattr.com, if you like it.

Waiting for a dotdeb-keyring package, you just have to get the appropriate file by hand and add it to your trusted keys’ keyring :

gpg --keyserver keys.gnupg.net --recv-key 89DF5277
gpg -a --export 89DF5277 | sudo apt-key add -

I hope you’ll enjoy it.

Feel free to Flattr this post at flattr.com, if you like it.

This is a bug fix release, focused on replication and partitioning, and the InnoDB plugin has been updated to the 1.0.9 stable version.

As usual, please read the Changelog carefully before upgrading.

Feel free to Flattr this post at flattr.com, if you like it.

This is a security-oriented release that fixes some serious flaws… Please read full changelog for more information.

Please also note that the InnoDB plugin has been upgraded to version 1.0.8 and is now considered of General Availability quality. Feel free to use it for a performance boost.

Feel free to Flattr this post at flattr.com, if you like it.

Be careful : the MySQL server is now split in two separate packages :

• mysql-server-core-5.1 that contains only the mysqld binary and some system files,
• mysql-server-5.1 that depends on mysql-server-core-5.1 and that contains the init scripts and utilities to run the MySQL server in a Debian environment.

The migration to this new packaging schema is transparent and will not break any dependencies.

As usual, please read the changes in MySQL 5.1.46 and what’s new in the InnoDB plugin 1.0.7 before upgrading.

Feel free to Flattr this post at flattr.com, if you like it.

• using RDS, a “Database as a Service”
• running your own MySQL server on a EC2 instance, with an EBS volume attached, a snapshot-enabled filesystem…

The comparison is made on features, cost and performances. I used the same MySQL version as RDS (5.1.42) and the same config. Performances are measured by tpcc-mysql from Percona and they are charted using Google Fusion Tables.

You’ll se that, altough MySQL + EC2 requires some additionnal DBA or sysadmin skills, it allows a lot of more tuning and a real performance boost (+270%).

So, if you’re planning to host MySQL databases on Amazon, feel free to take a look at these slides :

Note for french-speaking people : la présentation est disponible en français.

Feel free to Flattr this post at flattr.com, if you like it.

This initiative continues the effort of Hardened-PHP’s Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on the one hand and on the other hand by publishing articles and tools that help PHP application developers to develop more secure PHP applications.

You’ll find more information on the MoPS website and you can follow its twitter account to discover each vulnerability as soon as it’s reported.

Feel free to Flattr this post at flattr.com, if you like it.

• filter_var now validates correctly the hostnames that include ‘-’ (bug #51192)
• the GD bundled library has been patched to fix some TrueType issues (bug #51207, …)

In addition, PHP 5.3.2 now restarts softly, without any problem (thanks to Daniel Hahler).

Feel free to Flattr this post at flattr.com, if you like it.