Posted by & filed under Redis.

Redis 3.2.2 has been released on July 28th 2016, bringing fixes for a Redis server and a Sentinel crash, and for GEORADIUS errors in reported entries + a few more improvements.

The upgrade urgency moderate.

The packages are now available :

  • for Debian 8 “Jessie” and Debian 7 “Wheezy”
  • on both amd64 and i386 architectures.

Posted by & filed under PHP.

On July 21st 2016, the PHP group published PHP 7.0.9.

This is a security release. Several security bugs were fixed in this release, including the HTTP_PROXY issue. All PHP 7.0 users are encouraged to upgrade to this version.

Packages of PHP 7.0.9 are now available for Debian 8 “Jessie” on amd64 and i386 architectures, along with the following PECL extensions : APCu, APCu_bc, geoip, igbinary, imagick, memcached, mongodb, msgpack, redis, ssh2 and xdebug (Careful, PHP 7 support from some of them is still very young!).

Posted by & filed under PHP.

On July 21st 2016, the PHP group released PHP 5.6.24.

This is a security release. Several security bugs were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.

PHP 5.6.24 packages are now available for Debian 7 “Wheezy”, on both amd64 and i386 architectures, in ZTS and non-ZTS (default) flavors, along with the usual PECL extensions.

Posted by & filed under PHP.

On July 21st 2016, the PHP group released PHP 5.5.38.

This is a security release that fixes some security related bugs. All PHP 5.5 users are encouraged to upgrade to this version.
(…)
Note that according to our release schedule, PHP 5.5.38 is the last release of the PHP 5.5 branch. There may be additional release if we discover important security issues that warrant it, otherwise this release will be the final one in the PHP 5.5 branch. If your PHP installation is based on PHP 5.5, it may be a good time to start making the plans for the upgrade to PHP 5.6 or PHP 7.0.

PHP 5.5.38 packages are now available on Dotdeb for Debian 7 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.7
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.6.11
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.7
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.2.0
  • xdebug 2.4.0
  • xhprof 0.9.4

Please read the Changelog before upgrading.

Posted by & filed under PHP.

On June 23rd 2016, the PHP group published PHP 7.0.8.

This is a security release. Several security bugs were fixed in this release. All PHP 7.0 users are encouraged to upgrade to this version.

Please also note that bcmatch, dba, mbstring, soap, xml and zip now have their separate dedicated packages.

Packages of PHP 7.0.8 are now available for Debian 8 “Jessie” on amd64 and i386 architectures, along with the following PECL extensions : APCu, APCu_bc, geoip, igbinary, imagick, memcached, mongodb, msgpack, redis, ssh2 and xdebug (Careful, PHP 7 support from some of them is still very young!).

As usual :

Posted by & filed under PHP.

On June 23rd 2016, the PHP group released PHP 5.6.23.

Several bugs were fixed in this release, including security-related ones. All PHP 5.6 users are encouraged to upgrade to this version.

PHP 5.6.23 packages are now available for Debian 7 “Wheezy”, on both amd64 and i386 architectures, in ZTS and non-ZTS (default) flavors, along with the usual PECL extensions.

Posted by & filed under PHP.

On June 23rd 2016, the PHP group released PHP 5.5.37.

This is a security release, several security bugs were fixed. All PHP 5.5 users are encouraged to upgrade to this version.

And because it’s probably the last PHP 5.5 release before it reaches its security EOL, you’d better upgrade to PHP 5.6 and above as soon as possible.

PHP 5.5.37 packages are now available on Dotdeb for Debian 7 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.7
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.6.11
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.7
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.2.0
  • xdebug 2.3.2
  • xhprof 0.9.4

Please read the Changelog before upgrading.

Posted by & filed under Redis.

Redis 3.2.1 has been released on June 17th 2016, bringing important bug fixes for Redis Sentinel and a few more improvements.

The upgrade urgency high.

The packages are now available :

  • for Debian 8 “Jessie” and Debian 7 “Wheezy”
  • on both amd64 and i386 architectures.

Posted by & filed under Nginx.

Nginx 1.10 – the new stable major version – has been released on May 24th 2016, followed by Nginx 1.10.1 on May 31st to fix the CVE-2016-4450 vulnerability.

The 1.10 branch brings a lot of new features and improvements, including :

  • HTTP/2 support: The SPDY module was replaced by the HTTP/2 module. Please make sure to update your listen directives.
  • The new stream module that lets you proxy and load-balance UDP and TCP traffic.
  • Support for dynamic modules.
  • SO_REUSEPORT support, TCP support for DNS resolution…

More details in this blog post.

As a consequence, I’m glad to announce that packages of Nginx 1.10.1 are now available :

  • for Debian 8 “Jessie” and Debian 7 “Wheezy”
  • On both amd64 and i386 architectures.

Important note when upgrading : please make sure that you have the following line at the beginning of your /etc/nginx/nginx.conf file :

include /etc/nginx/modules-enabled/*.conf;

Please also note that :

  • HTTP/2 with Chrome as a browser is not supported on stock Jessie and Wheezy, because it requires a more recent OpenSSL 1.0.2 for its ALPN protocol. Backporting such an important library is definitely not an option for me, so it’s totally your responsibility to upgrade OpenSSL from another vendor if you absolutely need HTTP/2.
  • even if the http-auth-pam, http-geoip, http-image-filter, http-lua, http-ndk, http-perl, http-xslt-filter, stream and mail modules now have their dedicated libnginx-mod-* packages, the current packaging scheme and numbering does not take profit from the dynamic loading for other extensions yet.
  • ngx_pagespeed has been updated to version 1.11.33.2 on Jessie.
  • ngx_pagespeed is stuck to version 1.9.32.11 on Wheezy because its 1.10 branch now requires GCC 4.8+. Usage of ngx_pagespeed on Wheezy has been kept for compatibility purpose but is highly discouraged. Upgrade to Jessie instead.
  • naxsi has been moved from its dedicated package to nginx-extras naxsi had to be temporarily disabled because of build failures, it should be back in nginx-extras (no more dedicated nginx-naxsi package) soon.
  • there won’t be any update for Squeeze, since its LTS support has been terminated.

For more details about which modules are included in the different Nginx flavors (light, full and extras), just take a look at the configuration options of their respective sections in the Jessie and Wheezy Makefiles.

Posted by & filed under PHP.

On May 26th 2016, the PHP group published PHP 7.0.7.

This is a security release. Several security bugs were fixed in this release. All PHP 7.0 users are encouraged to upgrade to this version.

Packages of PHP 7.0.7 are now available for Debian 8 “Jessie” on amd64 and i386 architectures, along with the following PECL extensions : APCu, APCu_bc, geoip, igbinary, imagick, memcached, mongodb, msgpack, redis and debug (Careful, PHP 7 support from some of them is still very young!).

As usual :