Posted by & filed under Nginx.

Nginx 1.6.2 has been released on September 16th 2014, with the following changes :

  • Security: it was possible to reuse SSL sessions in unrelated contexts if a shared SSL session cache or the same TLS session ticket key was used for multiple “server” blocks (CVE-2014-3616). Thanks to Antoine Delignat-Lavaud.
  • Bugfix: requests might hang if resolver was used and a DNS server returned a malformed response; the bug had appeared in 1.5.8.
  • Bugfix: requests might hang if resolver was used and a timeout occurred during a DNS request.

As a consequence, packages of Nginx 1.6.2 are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” (amd64/i386).

Please note that the nginx-rtmp-module has been added to nginx-extras and that the other modules have been updated to their latest version.

For more details about which modules are included in the different Nginx flavors, just have to look at this document.

Posted by & filed under PHP.

On September 18th 2014, the PHP group released PHP 5.4.33.

10 bugs were fixed in this release. All PHP 5.4 users are encouraged to upgrade to this version.

This release is the last planned release that contains regular bugfixes. All the consequent releases will contain only security-relevant fixes, for the term of one year. PHP 5.4 users that need further bugfixes are encouraged to upgrade to PHP 5.6 or PHP 5.5.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.7
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.2.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Posted by & filed under Redis.

Redis 2.8.17 has been released on September 19th 2014, bringing a lot of changes.

The upgrade urgency is :

  • High for Redis Sentinel
  • Low for Redis Server (unmodified compared to 2.8.16)

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures.

Posted by & filed under PHP.

On September 18th 2014, the PHP group released PHP 5.5.17.

Several bugs were fixed in this release. All PHP 5.5 users are encouraged to upgrade to this version.

PHP 5.5.17 packages are now available on Dotdeb for Debian 7.6 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.7
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.2.0
  • xdebug 2.2.5
  • xhprof 0.9.4

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

Posted by & filed under Redis.

Redis 2.8.15 has been released on September 16th 2014, bringing a lot of changes.

The upgrade urgency is :

  • low for Redis,
  • high for Sentinel.

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures. Please note that these 2.8.15 packages include a fix for the AOF bug introduced in 2.8.15 / fixed in 2.8.16, so the next packaged version should be 2.8.17.

Posted by & filed under Redis.

Redis 2.8.14 has been released on September 1st 2014, bringing a lot of changes.

The upgrade urgency is :

  • high for Lua scripting users – the server could crash because of a bug introduced in Redis 2.8.10,
  • otherwise low
  • low for Redis Sentinel.

The packages are now available for both Debian 7 “Wheezy” and Debian 6 “Squeeze” on both amd64 and i386 architectures.

Posted by & filed under Zabbix.

Zabbix 2.2.6 has been released on August 27th 2014. This release fixes known issues of Zabbix 2.2.x and introduces new minor features. Please read the release notes for more info.

As usual, the packages are now available :

  • for Debian 7.0 “Wheezy and 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

Posted by & filed under PHP.

On August 21st 2014, the PHP group has released PHP 5.4.32.

16 bugs were fixed in this release, including the following security-related issues: CVE-2014-2497, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-4670, CVE-2014-4698, CVE-2014-5120. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.5
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Posted by & filed under PHP.

On August 22nd 2014, the PHP group has released PHP 5.5.16.

This release fixes several bugs against PHP 5.5.15 and resolves CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120 and CVE-2014-3597.

All PHP users are encouraged to upgrade to this new version.

PHP 5.5.16 packages are now available on Dotdeb for Debian 7.6 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.5
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.