Posted by & filed under PHP.

The PHP 5.3.3 packages for Debian 5.0 “Lenny” (amd64/i386) have been updated. Here are the changes :

  • php5-fpm should now work out-of-the-box. Some unset parameters prevented its launch. Thanks to Daniel Hahler for the patch.
  • PECL/APC has been upgraded to 3.1.4
  • PECL/memcache has been upgraded to 3.0.5

Posted by & filed under MySQL.

MySQL versions prior to 5.1.51 (including 5.1.50) suffer from a vulnerability in the processing of arguments passed to the LEAST()or GREATEST() functions. This issue could be exploited by a malicious user to cause a server crash, leading to a DoS condition.

You really should upgrade your Lenny servers (amd64 or i386) with the new packages of MySQL 5.1.51 from Dotdeb. As usual, don’t forget to read the Changelog before upgrading.

Posted by & filed under MySQL.

Maatkit is one of the great Open Source tools (among Percona Server, Xtrabackup and so on…) published by Percona. It’s a collection of utilities that help MySQL DBAs in many redundant, complex or boring tasks. For example :

  • mk-query-digest that outputs a digest of the queries from a slow-query logfile or from a running MySQL server,
  • mk-slave-delay that could help you to keep a copy of your databases while rolling back a new version of your application,
  • mk-parallel-dump and mk-parallel-restore to speed up your dump/load processes,
  • mk-table-checksum that checks the consistency of your MySQL slave,

If you’re a MySQL DBA that runs Debian servers, you really should install the new Maatkit packages from Dotdeb and read its documentation. There is a tool that will help you on your daily usage of MySQL, for sure!

Posted by & filed under MySQL.

Yesterday, many announcements have been made on MySQL Sunday. MySQL 5.5 is now RC, and will be GA soon, with many (exciting) improvements.

No, there are no MySQL 5.5 packages on Dotdeb (yet), but MySQL 5.1.50 packages for Debian 5.0 « Lenny » are now available on Dotdeb in amd64/i386 flavours.

This bugfix release embeds the InnoDB plugin 1.0.11.

As usual, please read the Changelog carefully before upgrading.

Posted by & filed under PHP.

On july, 22nd, the PHP Group released PHP 5.2.14 :

The PHP development team would like to announce the immediate availability of PHP 5.2.14. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related.

This release marks the end of the active support for PHP 5.2. Following this release the PHP 5.2 series will receive no further active bug maintenance. Security fixes for PHP 5.2 might be published on a case by cases basis. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

The packages for Debian “Lenny” are now available on Dotdeb.

Of course, you’re advised to read the full announcement and the Changelog before upgrading.

Thanks (again) to Stefan Esser and the Month of PHP security for improving PHP.

Posted by & filed under PHP.

On july, 22nd, the PHP Group released PHP 5.3.3 :

The PHP development team would like to announce the immediate availability of PHP 5.3.3. This release focuses on improving the stability and security of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users are encouraged to upgrade to this release.

The packages for Debian “Lenny” are now available on Dotdeb on the usual repository.

Of course, you should read the full announcement, the PHP 5.3 migration guide and consult the Changelog.

Caution : (to PHP-FPM users) with the inclusion of PHP-FPM in the PHP 5.3 core, the syntax of the configuration file (/etc/php5/fpm/php5-fpm.conf) has changed. It switched from a XML syntax to an INI one. Please prepare your new configuration file before upgrading, by reading carefully the PHP documentation and this page.

And thanks to Stefan Esser and the Month of PHP security for improving PHP.

Posted by & filed under Miscellaneous.

After many requests from several users and after many months of promise, the Dotdeb repositories are GPG-signed. Yes, you can now get rid of the annoying “WARNING: The following packages cannot be authenticated!” message!

Waiting for a dotdeb-keyring package, you just have to get the key and add it to your trusted keys’ keyring :

gpg --keyserver keys.gnupg.net --recv-key 89DF5277
gpg -a --export 89DF5277 | sudo apt-key add -

I hope you’ll enjoy it.