Posted by & filed under PHP.

On October 16th 2014, the PHP group released PHP 5.4.34.

6 security-related bugs were fixed in this release, including fixes for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. Also, a fix for OpenSSL which produced regressions was reverted. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.7
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.7
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.2.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

2 Responses to “PHP 5.4.34, for Wheezy and Squeeze”

  1. Ingo

    Thank you for the update! The SSL-Bug was causing trouble on all SOAP Connections. Hard to figure out, but now everything is good.

  2. sunfire

    Thanks for the update.

    But my SSL Problem with Horde still exists.

    fgets(): SSL read operation timed out.

    I thought it would be fixed in 5.4.34.