Categories
PHP

PHP 5.4.4

On june 14th 2012, the PHP group has released PHP 5.4.4, that brings over 30 bug fixes, some of which are security related : A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. Please also note that the use of php://fd streams is now restricted to the CLI SAPI (php5-cli).

Packages of PHP 5.4.4 are now available on Dotdeb for Debian 6.0 “Squeeze” on both amd64 and i386 architectures (see the installation instructions).

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Categories
Redis

Redis 2.4.15

Redis 2.4.15 has been released. Here is the short Changelog :

  • [BUGFIX] Jemalloc updated to 3.0.0. This fixes a possibly AOF rewrite issue. See issue #504 for info.

The packages are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. The upgrade urgency is moderate if you use AOF, otherwise low.

Categories
PHP

PHP 5.3.14

On june 14th 2012, the PHP group has released PHP 5.3.14, that brings over 30 bug fixes, some of which are security related : A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. Please also note that the use of php://fd streams is now restricted to the CLI SAPI (php5-cli).

Packages of PHP 5.3.14 are now available on Dotdeb for Debian 6.0 “Squeeze” on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Categories
MySQL

MySQL 5.1 discontinued on Dotdeb

During the last weeks, MySQL suffered from many vulnerabilities (see DSA-2429-1 and DSA-2496-1). Due to the non-disclosure of security patch information from Oracle, the Debian security team is now forced to ship upstreams version update of MySQL 5.1 (5.1.63 as of this writing).

Then it makes no sense for Dotdeb to duplicate this effort and to maintain the same versions of MySQL 5.1 for Squeeze with the same features and level of optimization. As a consequence the MySQL 5.1 packages has been removed from the Dotdeb repository (you’ll find archived versions here).

Please just be sure to have debian-security in your sources.list to have the most recent security fixes for your MySQL 5.1 server :

deb http://security.debian.org/ squeeze/updates main contrib non-free

Now, don’t worry, if you want to install a recent MySQL 5.5 server, the packages will still be actively maintained on Dotdeb, in terms of features and optimization.

Categories
MySQL

Percona toolkit 2.1.2

Percona toolkit 2.1.2 is now available on Dotdeb for Debian 6.0 “Squeeze”. It brings a lot of bug fixes :

  • pt-table-sync is now working properly, the --lock-and-rename feature has been disabled when using it with MySQL versions that don’t support it reliably.
  • pt-table-checksum and pt-online-schema-change have been enhanced to add even more safety checks, and to detect and deal with some MySQL optimizer misbehaviors, as well as to handle more edge-case behaviors related to things like replication lag.
  • A variety of bugfixes in pretty much every tool because of an expanded test coverage : more MySQL versions, more operating system platforms, more types of MySQL server settings, and more versions of Perl.

Baron Schwartz also wrote a blog post about it.

Categories
Nginx

Nginx 1.2.1

Dotdeb’s packages of Nginx 1.2.1 are now available for Debian 6.0 “Squeeze” (amd64/i386). They fix some bugs and enhance the IPv6 support. Please take a look at Nginx’ official Changelog before upgrading.

Please also note that Naxsi has been upgraded to the 0.46-1 version.

As usual, if you want to know which module has been included in each Nginx flavor, you just have to look at this document.

Categories
MySQL

MySQL 5.5.25

The packages of MySQL 5.5.25 are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. They fixes some InnoDB- and replication-related issues.

As usual, please read carefully the full Changelog before upgrading.