MySQL 5.1.47, a security-focused release, is available

MySQL 5.1.47 is now available on Dotdeb for your Lenny servers, in amd64 and i386 flavours.

This is a security-oriented release that fixes some serious flaws… Please read full changelog for more information.

Please also note that the InnoDB plugin has been upgraded to version 1.0.8 and is now considered of General Availability quality. Feel free to use it for a performance boost.


MySQL 5.1.46 is now available

MySQL 5.1.46 is now available on Dotdeb for your Lenny servers, in amd64 and i386 flavours. It fixes a lot of annoying bugs and upgrades the InnoDB plugin to version 1.0.7 for more performances.

Be careful : the MySQL server is now split in two separate packages :

  • mysql-server-core-5.1 that contains only the mysqld binary and some system files,
  • mysql-server-5.1 that depends on mysql-server-core-5.1 and that contains the init scripts and utilities to run the MySQL server in a Debian environment.

The migration to this new packaging schema is transparent and will not break any dependencies.

As usual, please read the changes in MySQL 5.1.46 and what’s new in the InnoDB plugin 1.0.7 before upgrading.


May is the month of PHP security

According to Stefan Esser, author of the Suhosin patch, May 2010 will be the “Month of PHP Security” :

This initiative continues the effort of Hardened-PHP’s Month of PHP Bugs in 2007 to improve the security of PHP and the PHP ecosystem by disclosing vulnerabilities in PHP and PHP applications on the one hand and on the other hand by publishing articles and tools that help PHP application developers to develop more secure PHP applications.

You’ll find more information on the MoPS website and you can follow its twitter account to discover each vulnerability as soon as it’s reported.