Dotdeb

PHP 5.3.1 packages for Debian “Lenny” : they’re here!

November 30th, 2009

The official announcement

A few days ago, the PHP Group released PHP 5.3.1 :

The PHP development team would like to announce the immediate availability of PHP 5.3.1. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.3.1:

• Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
• Added missing sanity checks around exif processing.
• Fixed a safe_mode bypass in tempnam().
• Fixed a open_basedir bypass in posix_mkfifo().
• Fixed failing safe_mode_include_dir.

Further details about the PHP 5.3.1 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

The Dotdeb changes

On the Debian side, some changes were made :

• the packages are now patched with the official Suhosin patch.
• beside the apache2, apache2filter, CGI and CLI flavours, the FPM one has now its own dedicated package, named “php5-fpm”. It will allow you to have greater performances and a lot of more features on a CGI-style installation (FYI, an init script, a config file and a nginx config sample are provided).

How to install?

Because migrating from PHP 5.2. to PHP 5.3 can break some applications, here is the Dotdeb release policy :

• PHP 5.2 is still the default branch for Debian Lenny for some weeks/months. PHP 5.3 packages are kept on a separate repository.
• PHP 5.3 will be the default branch for the upcoming Debian Squeeze (mid-2010)

Then , to install PHP 5.3 on your Debian “Lenny” box, just add these two entries in your /etc/apt/sources.list :

deb http://php53.dotdeb.org stable all
deb-src http://php53.dotdeb.org stable all

Now launch your favorite commands (apt-get update && apt-get upgrade) to upgrade your box.

In case you enjoy this new release, feel free to donate or to take a look at my whishlist… Xmas is coming

The official announcement A few days ago, the PHP Group released PHP 5.3.1 : The PHP development team would like to announce the immediate availability of PHP 5.3.1. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users of PHP are encouraged to upgrade to this release. Security Enhancements and Fixes in PHP 5.3.1: Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. Added missing sanity checks around exif processing. Fixed a safe_mode bypass in tempnam(). Fixed a open_basedir bypass in posix_mkfifo(). Fixed failing safe_mode_include_dir. Further details about the PHP 5.3.1 release can be found in the release announcement, and the full list of changes are available in the ChangeLog. The Dotdeb changes On the Debian side, some changes were made : the packages are now pa

Tags: PHP, PHP5, release

Posted in PHP | 73 Comments »

MySQL 5.1.41 is available for Debian “Lenny” and “Etch”

November 27th, 2009

MySQL 5.1.41 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.

This maintenance release fixes a lot of bugs (please read the Changelog for more details). Please note the the InnoDB plugin has been updated to 1.0.5.

MySQL 5.1.41 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours. This maintenance release fixes a lot of bugs (please read the Changelog for more details). Please note the the InnoDB plugin has been updated to 1.0.5.

Tags: MySQL, MySQL 5.1, release

Posted in MySQL | 28 Comments »

MySQL 5.1.40 is available for Debian “Lenny” and “Etch” with InnoDB-plugin support

November 2nd, 2009

MySQL 5.1.40 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours.

As usual, this maintenance release fixes a lot of bugs (please read the Changelog for more details).

Please note that the packaging is a little bit different from the official Debian packaging, to include the InnoDB plugin in the mysql-server-5.1 package instead of in the libmysqlclient-dev one. This plugin replaces the built-in InnoDB support and has many advantages :

• fast index creation,
• data compression,
• new row formats,
• new file formats,
• performance and scalability enhancements…

You can easily enable it by uncommenting to lines in the /etc/mysql/my.cnf configuration file and then restart your MySQL server :

Please read carefully the InnoDB plugin documentation and backup your data before activating this beta quality feature!

MySQL 5.1.40 is now available on Dotdeb for Debian 5.0 “Lenny” / Debian 4.0 “Etch” in amd64/i386 flavours. As usual, this maintenance release fixes a lot of bugs (please read the Changelog for more details). Please note that the packaging is a little bit different from the official Debian packaging, to include the InnoDB plugin in the mysql-server-5.1 package instead of in the libmysqlclient-dev one. This plugin replaces the built-in InnoDB support and has many advantages : fast index creation, data compression, new row formats, new file formats, performance and scalability enhancements... You can easily enable it by uncommenting to lines in the /etc/mysql/my.cnf configuration file and then restart your MySQL server : Please read carefully the InnoDB plugin documentation and backup your data before activating this beta quality feature!

Tags: better, InnoDB, MySQL, MySQL 5.1, release

Posted in MySQL | 8 Comments »

Google Perftools 1.4 are available for Debian 5.0 “Lenny”

October 3rd, 2009

Looking for a new way to speed up your MySQL server? The tcmalloc library from Google Perftools could be the answer (about 15-20% performance improvement). Refer to this (updated) How-to for more information.

I just packaged Google Perftools 1.4 for Debian 5.0 (a.k.a. “Lenny”). According to the Changelog, they’re bringing a lot of bugfixes and improvements, and then they enhance the stability of the daemons they’re plugged in, especially on 64bits systems.

Upgrading from previous version is highly recommended.

Looking for a new way to speed up your MySQL server? The tcmalloc library from Google Perftools could be the answer (about 15-20% performance improvement). Refer to this (updated) How-to for more information. I just packaged Google Perftools 1.4 for Debian 5.0 (a.k.a. "Lenny"). According to the Changelog, they're bringing a lot of bugfixes and improvements, and then they enhance the stability of the daemons they're plugged in, especially on 64bits systems. Upgrading from previous version is highly recommended.

Tags: google-perftools, release

Posted in MySQL | 8 Comments »

MySQL 5.1.39 released for Debian “Etch” and “Lenny”

October 1st, 2009

MySQL 5.1.39 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours.

This maintenance release fixes a lot of bugs. Please note that the Lenny version introduces some hardening features.

As usual, please read the list of changes in 5.1.39 before upgrading.

MySQL 5.1.39 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours. This maintenance release fixes a lot of bugs. Please note that the Lenny version introduces some hardening features. As usual, please read the list of changes in 5.1.39 before upgrading.

Tags: MySQL, MySQL 5.1, release

Posted in MySQL | 15 Comments »

PHP 5.2.11 packages are available for Etch and Lenny

September 23rd, 2009

PHP 5.2.11 has been published a few days ago by the PHP Group and its packages are now available for Debian Etch and Lenny, amd64 and i386. It fixes a lot of bugs and some security issues :

• Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia)
• Fixed sanity check for the color index in imagecolortransparent(). (Pierre)
• Added missing sanity checks around exif processing. (Ilia)
• Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)

To avoid the same negative feedbacks as about PHP 5.2.10, a lot of debug and changes has been made :

• The embedded_timezone patch has been disabled. You now have to set date.timezone manually in your /etc/php5/*/php.ini files, depending on your machine.

• If you encounter problems with some applications and the CGI flavour, remember to set cgi.fix_pathinfo=1 in your php.ini (thanks Scott for reporting this)

As usual, read the full Changelog before upgrading.

PHP 5.2.11 has been published a few days ago by the PHP Group and its packages are now available for Debian Etch and Lenny, amd64 and i386. It fixes a lot of bugs and some security issues : Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia) Fixed sanity check for the color index in imagecolortransparent(). (Pierre) Added missing sanity checks around exif processing. (Ilia) Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) To avoid the same negative feedbacks as about PHP 5.2.10, a lot of debug and changes has been made : The embedded_timezone patch has been disabled. You now have to set date.timezone manually in your /etc/php5/*/php.ini files, depending on your machine. If you encounter problems with some applications and the CGI flavour, remember to set cgi.fix_pathinfo=1 in your php.ini (thanks Scott for reporting this) As usual, read the full Changelog before upgrading.

Tags: PHP, PHP5, release

Posted in PHP | 30 Comments »

MySQL 5.1.37 is available for Debian “Etch” and “Lenny”

August 8th, 2009

MySQL 5.1.37 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours.

It fixes two security issues and brings a lot of bugfixes (read the list of changes), especially about replication and partitioning.

Please upgrade your servers.

MySQL 5.1.37 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours. It fixes two security issues and brings a lot of bugfixes (read the list of changes), especially about replication and partitioning. Please upgrade your servers.

Tags: MySQL, MySQL 5.1, release

Posted in MySQL | 18 Comments »

MySQL 5.0.84 for Debian 4.0 “Etch”, remote DoS under review

July 27th, 2009

Some days after MySQL 5.0.83 has been released, MySQL 5.0.84 is now available on Dotdeb for Etch amd64/i386.

Please note that an advisory about a remote DoS for MySQL <5.0.84 is under review : CVE-2009-2446. Therefore, upgrading to this new version is strongly recommanded.

As usual, please read the list of changes before upgrading.

Some days after MySQL 5.0.83 has been released, MySQL 5.0.84 is now available on Dotdeb for Etch amd64/i386. Please note that an advisory about a remote DoS for MySQL <5.0.84 is under review : CVE-2009-2446. Therefore, upgrading to this new version is strongly recommanded. As usual, please read the list of changes before upgrading.

Tags: MySQL, MySQL 5.0, release

Posted in MySQL | 2 Comments »

Dotdeb on Twitter

July 27th, 2009

Dotdeb has now its own Twitter account. Feel free to follow…

Dotdeb has now its own Twitter account. Feel free to follow...

Tags: dotdeb

Posted in Miscellaneous | 1 Comment »

MySQL 5.1.36 is available for Debian “Etch” and “Lenny”

July 23rd, 2009

MySQL 5.1.36 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours.

It fixes a lot of annoying bugs (read the list of changes to be convicted), especially one about granting the right privileges during the Debian post-installation process. The mysql-server-5.1 package should now install without needing any ugly trick.

Please upgrade your servers.

MySQL 5.1.36 is now available on Dotdeb for Debian 4.0 "Etch" / Debian 5.0 "Lenny" in amd64/i386 flavours. It fixes a lot of annoying bugs (read the list of changes to be convicted), especially one about granting the right privileges during the Debian post-installation process. The mysql-server-5.1 package should now install without needing any ugly trick. Please upgrade your servers.

Tags: MySQL, MySQL 5.1, release

Posted in MySQL | 6 Comments »