Wednesday, January 20th, 2010
The Debian security team announced that Debian 4.0 "Etch" security support will be ended on February 15th, 2010 :
Security Support for Debian GNU/Linux 4.0 to be discontinued on
February 15th
One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and
nearly three years after the release of Debian GNU/Linux 4.0 alias
'etch' ...
Posted in Miscellaneous | 12 Comments »
Wednesday, January 20th, 2010
I just uploaded new MySQL 5.1.41 packages that fix a remote buffer overflow in MySQL servers that use the embedded YaSSL library :
Lenz Grimmer gives more information about this issue
CVE-2009-4484 has been filled
Since Debian and Dotdeb are impacted, you are strongly encouraged to upgrade your servers.
Posted in MySQL | 13 Comments »
Wednesday, February 18th, 2009
MySQL 5.0.77 packages are now available on Dotdeb for Debian Etch amd64/i386.
This is a maintenance release that fix some annoying bugs and a severe security issue.
Please read the official list of changes in 5.0.77 before upgrading.
Posted in MySQL | 1 Comment »
Tuesday, December 9th, 2008
The PHP Group released PHP 5.2.8 this morning to fix the magic_quotes_gpc issue.
If you previously installed PHP 5.2.7-0.dotdeb.1 from Dotdeb and do not care about the version number displayed in your phpinfo(), save your bandwidth, your server is already secure :) Otherwise, just apt-get upgrade your LAMP stack...
[update] The packages have ...
Posted in PHP | 44 Comments »
Sunday, December 7th, 2008
Stefan Esser has posted a warning about upgrading PHP to the 5.2.7 release :
(...)a change in the ext/filter extension that by default processes all incoming data, broke the magic_quotes_gpc feature. While magic_quotes_gpc itself is deprecated and it is recommended to not rely on it as protection against SQL injection, it is ...
Posted in PHP | 12 Comments »
