PHP

Latest updates in testing, PHP 5.5.8 / 5.4.24

The following packages are in testing, and available for download in the testing repositories:

  • php55w 5.5.8
  • php54w 5.4.24

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

Latest updates, PHP 5.5.7 / 5.4.23 / 5.3.28

Here are updated packages in the Yum repository:

All three releases fix a CVE CVE-2013-6420.

PHP 5.3.28 also fixes a CVE CVE-2013-4248 previously fixed in PHP 5.5.2 and 5.4.18, but only now has been put into PHP 5.3. This is incorrectly mentioned on the PHP.net website and changelog as the Ruby variant of the same flaw CVE-2013-4073.

Latest updates, PHP 5.5.6 / 5.4.22, Nginx security fix, APCu

Here are updated packages in the Yum repository:

The Nginx release includes a CVE patch CVE-2013-4547 Webtatic has backported from version 1.4, so that current Nginx 1.2 users on Webtatic have the security update.

The PHP releases have only bug fixes in.

PHP APCu is now included in the repository for both PHP 5.4 and 5.5. APCu is a cut down version of APC, which just deals with user cache, removing it's opcode cache that doesn't support PHP 5.5. This should allow you to continue to use the user cache to speed up websites.

Latest updates in testing, PHP 5.5.6 / 5.4.22

The following packages are in testing, and available for download in the testing repositories:

  • php55w 5.5.6
  • php54w 5.4.22

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

Latest updates in testing, PHP 5.5.5 / 5.4.21, MySQL 5.5.34

The following packages are in testing, and available for download in the testing repositories:

  • php55w 5.5.5
  • php54w 5.4.21
  • php55w-pecl-apcu / php54w-pecl-apcu 4.0.2
  • mysql55 5.5.34

Assuming you have the Webtatic repositories set up (see Yum Repository), you can update using:

    yum update <package> --enablerepo=webtatic-testing

Latest updates in testing, PHP 5.5.3 / 5.4.19, MySQL 5.5.33

The following packages are in testing, and available for download in the testing repositories:

  • php55w 5.5.3
  • php54w 5.4.19
  • mysql55 5.5.33

Assuming you have the Webtatic repositories set up, you can update using:

    yum update <package> --enablerepo=webtatic-testing

Latest updates, PHP 5.5.1 / 5.4.17

Here are updated packages in the Yum repository:

The PHP 5.5 and 5.4 releases addresses a CVE, CVE-2013-4113. The CVE and changelogs do not mention PHP 5.5.0 and 5.4.0 - 5.4.17 versions are affected, however they are and the security fix is in PHP.net's 5.5.1 version, and will be in their next PHP 5.4 release (5.4.18).

Webtatic has included the pending PHP 5.4.18 security fix for this in it's php54w*-5.4.17 release, so although PHP 5.4.18 will likely be released on PHP.net within the week addressing this issue, it will not be as urgent to upgrade if using php54w*-5.4.17.

Additionally, there have been the following improvements added to the Webtatic PHP releases:

  • Zend Thread Safety (ZTS) mod_php module is now bundled with the standard mod_php module (non-ZTS), and will only be enabled if switching httpd prefork MPM to the worker MPM. All PHP extensions included in the repository will install standard extensions and ZTS extensions by default, and depending on the mod_php version being used, use the appropriate extensions in /etc/php.d (non-ZTS) and /etc/php-zts.d (ZTS).
  • Mysqlnd is supplied as alternative additional package to php54w-mysql/php55w-mysql (using the system libmysqlclient), and will replace the alternative php54w-mysql55/php55w-mysql55 (using Mysql 5.5 libmysqlclient).
  • Several built-in PHP extensions are now shared extensions, so they can be disabled by removing the appropriate /etc/php.d/*.ini and /etc/php-zts.d/*.ini files