Categories
PHP

PHP 5.4.32, for Wheezy and Squeeze

On August 21st 2014, the PHP group has released PHP 5.4.32.

16 bugs were fixed in this release, including the following security-related issues: CVE-2014-2497, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-4670, CVE-2014-4698, CVE-2014-5120. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.5
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Categories
PHP

PHP 5.5.16 for Debian Wheezy

On August 22nd 2014, the PHP group has released PHP 5.5.16.

This release fixes several bugs against PHP 5.5.15 and resolves CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120 and CVE-2014-3597.

All PHP users are encouraged to upgrade to this new version.

PHP 5.5.16 packages are now available on Dotdeb for Debian 7.6 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.5
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

Categories
PHP

PHP 5.3.29 (End of Life) for Squeeze

On August 14th 2014, the PHP group has released PHP 5.3.29.

The PHP development team announces the immediate availability of PHP 5.3.29. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively.

PHP 5.3.29 contains about 25 potentially security related fixes backported from PHP 5.4 and 5.5.

The corresponding packages are now available on Dotdeb for Debian 6.0 “Squeeze”, on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Categories
PHP

PHP 5.4.31, for Wheezy and Squeeze

On July 24th 2014, the PHP group has released PHP 5.4.31. Over 10 bugs were fixed in this release. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Categories
PHP

PHP 5.5.15 for Debian Wheezy

On July 24th 2014, the PHP group has released PHP 5.5.15.

This release fixes several bugs against PHP 5.5.14.

All PHP users are encouraged to upgrade to this new version.

PHP 5.5.15 packages are now available on Dotdeb for Debian 7.5 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

Categories
PHP

PHP 5.4.30, for Wheezy and Squeeze

On June 26th 2014, the PHP group has released PHP 5.4.30. Over 20 bugs were fixed in this release, including the following security issues: CVE-2014-3981, CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-4049, CVE-2014-3515. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.6
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.14 for Debian Wheezy

On June 27th 2014, the PHP group has released PHP 5.5.14.

This release fixes several bugs against PHP 5.5.13. Also, this release fixes a total of 8 CVEs, half of them concerning the FileInfo extension.

All PHP users are encouraged to upgrade to this new version.

Please, note that this release also fixes a backward compatibility issue that has been detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may break some very rare situations. As this tiny compatibility break involves security, and as security is our primary concern, we had to fix it. This concerns bug 67072. For more information about this bug and its actual resolution, please visit our upgrading guide. We apologize for any inconvenience you may have experienced with this behavior.

PHP 5.5.14 packages are now available on Dotdeb for Debian 7.5 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.6
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.4
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

php5-mysqlnd can now seamlessly replace php5-mysql for other packages having outdated dependencies. You can now avoid an annoying libmysqlclient warning when using MySQL servers different from 5.5.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
PHP

PHP 5.4.29, for Wheezy and Squeeze

On May 29th 2014, the PHP group has released PHP 5.4.29. 16 bugs were fixed in this release, including two security issues in fileinfo extension. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7 “Wheezy” and Debian 6 “Squeeze”,
  • on both amd64 and i386 architectures.

The following modules have been packaged too :

  • APC 3.1.13
  • apcu 4.0.4
  • ffmpeg 0.6.0 (Squeeze only)
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.3
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4
  • zendopcache 7.0.3

Please also note that the default permissions on the FPM Unix socket have been fixed, in a secure way.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

And if you find Dotdeb useful, feel free to show your support.

Categories
PHP

PHP 5.5.13 for Debian Wheezy

On May 29th 2014, the PHP group has released PHP 5.5.13 :

This release fixes several bugs in PHP 5.5.12, and addresses two CVEs in Fileinfo (CVE-2014-0238 and CVE-2014-0237).

As a consequence, PHP 5.5.13 packages are now available on Dotdeb for Debian 7.5 “Wheezy”, on both amd64 and i386 architectures.

The following modules have been packaged too :

  • apcu 4.0.4
  • gearman 0.8.3
  • geoip 1.0.8
  • imagick 3.1.2
  • memcache 3.0.8
  • memcached 2.2.0
  • mongo 1.5.3
  • pecl_http 1.7.6
  • pinba (master)
  • redis 2.2.5
  • spplus 1.1
  • ssh2 0.12
  • xcache 3.1.0
  • xdebug 2.2.5
  • xhprof 0.9.4

Please note that the default permissions on the FPM Unix socket have been fixed, in a secure way.

Please read the Changelog and the migration guide (be aware of the backward incompatible changes) before upgrading.

And don’t forget: if you find Dotdeb useful, you may want to show your support.

Categories
PHP

PHP 5.4.28, for Wheezy and Squeeze

On May 1st 2014, the PHP group has released PHP 5.4.28. 9 bugs were fixed in this release, including CVE-2014-0185. All PHP 5.4 users are encouraged to upgrade to this version.

The corresponding packages are now available on Dotdeb :

  • for Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze”,
  • on both amd64 and i386 architectures.

As usual, please read the ChangeLog before upgrading and be sure to use to the latest packages before reporting any issue.

Please note that if you’re using an Unix socket to make PHP-FPM talk to your web server, you’ll have to set the listen.owner and listen.group directive to the right user/group (usually www-data), for each of your pool. Don’t change the permissions on the socket from 0660 to 0666 (too permissive), it would avoid the CVE-2014-0185 fix.

And if you find Dotdeb useful, feel free to show your support.