Sunday, July 11th, 2010
After many requests from several users and after many months of promise, the Dotdeb repositories are GPG-signed. Yes, you can now get rid of the annoying "WARNING: The following packages cannot be authenticated!" message!
Waiting for a dotdeb-keyring package, you just have to get the appropriate file by hand and add ...
Posted in Miscellaneous | 33 Comments »
Tuesday, May 25th, 2010
MySQL 5.1.47 is now available on Dotdeb for your Lenny servers, in amd64 and i386 flavours.
This is a security-oriented release that fixes some serious flaws... Please read full changelog for more information.
Please also note that the InnoDB plugin has been upgraded to version 1.0.8 and is now considered of General Availability ...
Posted in MySQL | 4 Comments »
Tuesday, May 4th, 2010
According to Stefan Esser, author of the Suhosin patch, May 2010 will be the "Month of PHP Security" :
This initiative continues the effort of Hardened-PHP's Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on ...
Posted in PHP | 3 Comments »
Wednesday, January 20th, 2010
The Debian security team announced that Debian 4.0 "Etch" security support will be ended on February 15th, 2010 :
Security Support for Debian GNU/Linux 4.0 to be discontinued on
February 15th
One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and
nearly three years after the release of Debian GNU/Linux 4.0 alias
'etch' ...
Posted in Miscellaneous | 10 Comments »
Wednesday, January 20th, 2010
I just uploaded new MySQL 5.1.41 packages that fix a remote buffer overflow in MySQL servers that use the embedded YaSSL library :
Lenz Grimmer gives more information about this issue
CVE-2009-4484 has been filled
Since Debian and Dotdeb are impacted, you are strongly encouraged to upgrade your servers.
Posted in MySQL | 12 Comments »
Wednesday, February 18th, 2009
MySQL 5.0.77 packages are now available on Dotdeb for Debian Etch amd64/i386.
This is a maintenance release that fix some annoying bugs and a severe security issue.
Please read the official list of changes in 5.0.77 before upgrading.
Posted in MySQL | 1 Comment »
Tuesday, December 9th, 2008
The PHP Group released PHP 5.2.8 this morning to fix the magic_quotes_gpc issue.
If you previously installed PHP 5.2.7-0.dotdeb.1 from Dotdeb and do not care about the version number displayed in your phpinfo(), save your bandwidth, your server is already secure :) Otherwise, just apt-get upgrade your LAMP stack...
[update] The packages have ...
Posted in PHP | 44 Comments »
Sunday, December 7th, 2008
Stefan Esser has posted a warning about upgrading PHP to the 5.2.7 release :
(...)a change in the ext/filter extension that by default processes all incoming data, broke the magic_quotes_gpc feature. While magic_quotes_gpc itself is deprecated and it is recommended to not rely on it as protection against SQL injection, it is ...
Posted in PHP | 12 Comments »