MySQL 5.0.84 for Debian 4.0 “Etch”, remote DoS under review

Some days after MySQL 5.0.83 has been released, MySQL 5.0.84 is now available on Dotdeb for Etch amd64/i386.

Please note that an advisory about a remote DoS for MySQL <5.0.84 is under review : CVE-2009-2446. Therefore, upgrading to this new version is strongly recommanded.

As usual, please read the list of changes before upgrading.


Dotdeb on Twitter

Dotdeb has now its own Twitter account. Feel free to follow…



MySQL 5.1.36 is available for Debian “Etch” and “Lenny”

MySQL 5.1.36 is now available on Dotdeb for Debian 4.0 “Etch” / Debian 5.0 “Lenny” in amd64/i386 flavours.

It fixes a lot of annoying bugs (read the list of changes to be convicted), especially one about granting the right privileges during the Debian post-installation process. The mysql-server-5.1 package should now install without needing any ugly trick.

Please upgrade your servers.


MySQL 5.0.83 for Debian 4.0 “Etch”

MySQL 5.0.83 is now available on Dotdeb for Etch amd64/i386.

Please read the list of changes of this maintenance release before upgrading.


PHP 5.3.0-final preview packages available for Debian Lenny

The official announce of PHP 5.3.0

Read carefully this announce from and its links :

The PHP development team is proud to announce the immediate release of PHP 5.3.0. This release is a major improvement in the 5.X series, which includes a large number of new features and bug fixes.

Some of the key new features include: namespaceslate static bindingclosures, optional garbage collection for cyclic references, new extensions (like ext/phar,ext/intl and ext/fileinfo), over 140 bug fixes and much more.

For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3.0.

Further details about the PHP 5.3.0 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

This is a great news and a big step for PHP, that gets cleaner and speedier (for example, read this benchmark of ezPublish performance boost with PHP 5.3.0).

In my (sysadmin) opinion, the best features are :

  • ext/phar to bundle complete application in an archive
  • MySQL native driver that avoid the libmysqlclient dependency, increases the overall performances and adds great features (real persistance, asynchronous queries)
  • dirty and unsafe features (register_globals, safe_mode, magic_quotes*) removal

The elePHPants march
The elePHPants march (credit : DragonBe)

Be careful!

Depending of your applications, PHP 5.3 may not be fully compatible with 5.2 out of the box :

  • many and many fonctions and features are deprecated or changed
  • some extensions (ming, ncurses…) moved to PECL, others (mime_magic, mhash) are just emulated
  • some bugs still exists and should be fixed with PHP 5.3.1

For example, I experienced some strange behaviour with WordPress, Sweetcron or Roundcube and I had to patch them.

Please read the migration guide very carefully before going further!

What are the changes from Dotdeb?

Ok, now that you read the Changelog and the migration guide, now that you know how to modify your script to migrate to PHP 5.3, you have to be aware of some changes introduced by Dotdeb and their consequences :

  • The migration from libmysqlclient to MySQL native driver is great in terms of performance and memory but have one restriction : it necessitates the use of MySQL 4.1’s newer 41-byte password format. Continued use of the old 16-byte passwords will cause mysql_connect() and similar functions to emit the error, “mysqlnd cannot connect to MySQL 4.1+ using old authentication.”. Please check your MySQL passwords in mysql.user before upgrading!
  • The mail_extra_headers that allowed to insert the script’s name in the sent mails has been included in the core of PHP and the ini variable is now mail.x_header
  • php5-mhash, since its functions are emulated by ext/hash , disappeared and is now included in the core of PHP.
  • php5-ming moved to PECL and is not packaged anymore
  • The Suhosin patch and the associated extension are not available yet (that’s what justifies the preview status)
  • All the PECL extension are not built yet. They will be as soon as the preview phase is over.
  • Enchant support has been included as bonus feature 🙂

How to install?

As they’re just preview packages, the PHP 5.3.0-final ones are still on a separate repository. To install them, just add these temporary entries in your /etc/apt/sources.list.

deb stable all
deb-src stable all

Now launch your favorite commands (apt-get update && apt-get upgrade) to upgrade your box and enjoy!

For your information, I do NOT intend to publish PHP>=5.3.0 packages for Debian Etch, it would mean too much work to get clean packages… PHP 5.2.10 (once fixed) will be last version available for Etch from Dotdeb. Then, you’re strongly encouraged to migrate to Debian Lenny if you want to take profit from 5.3.0.

Last but not least : thank you!

Thanks for using Dotdeb, for your useful reports and for your suggestions. Altough I’m doing my best to bring you the best new features of PHP the stable way, my work is not perfect and your help is really appreciated when things go bad.