EasyPHP
EN FR
>download >components >modules >blog >forum >faq >screenshots >introduction

BLOG

[ANNOUNCEMENT] Apache HTTP Server 2.4.1 Released 

              Apache HTTP Server 2.4.1 Released

The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the GA release of version 2.4.1 of the Apache HTTP
Server. This version of Apache HTTP Server is the first GA release of
the new 2.4.x branch.

Apache HTTP Server 2.4 provides a number of improvements and
enhancements over the 2.2 version. A listing and description of these
features is available via:

http://httpd.apache.org/docs/2.4/new_features_2_4.html

Please see the CHANGES_2.4 file, linked from the download page, for a
full list of changes.

We consider this release to be the best version of Apache HTTP Server
available, and encourage users of all prior versions to upgrade.
Apache HTTP Server 2.4.1 is available for download from:

http://httpd.apache.org/download.cgi

This release requires the Apache Portable Runtime (APR) version 1.4.x
and APR-Util version 1.4.x. The APR libraries must be upgraded for all
features of httpd to operate correctly.

This release builds on and extends the Apache 2.2 API. Modules written
for Apache 2.2 will need to be recompiled in order to run with Apache
2.4, and may require minimal source code changes.

http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html

A summary of all of the security vulnerabilities addressed in this and
earlier releases is available:

http://httpd.apache.org/security/vulnerabilities_24.html

Important:
Windows users: AcceptFilter None has replaced Win32DisableAcceptEx
and the feature appears to have interoperability issues with mod_ssl.
Apache 2.4.1 may not yet be suitable for all Windows servers.  There
is not yet a Windows binary distribution of httpd 2.4, but this is
expected to be remedied soon as various dependencies graduate from
beta to GA.
February 21, 2012

phpMyAdmin 3.5.0-rc1 is released

Welcome to the first release candidate for phpMyAdmin 3.5.0; here are the major new features:

* browse-mode improvements

February 20, 2012

phpMyAdmin 3.4.10.1 is released

Welcome to phpMyAdmin 3.4.10.1, a minor security release.

February 18, 2012

MySQL Advanced 7.2

MySQL Advanced 7.2 (7.2.4 GA, published on Thursday, 16 Feb 2012)

February 16, 2012

phpMyAdmin 3.4.10 is released

Welcome to phpMyAdmin 3.4.10, a bugfix release.

February 14, 2012

Roadmap to phpMyAdmin 4.0

During the recent team meeting (February 5, 2012), we discussed about the long term development effort for the phpMyAdmin project. Here are the conclusions.

Removal of frames

February 10, 2012

Northeast PHP conference – Call for Papers!

Wanting to share your experiences with a larger PHP community? Please submit your name and topic ideas
(even if you are only suggesting topics and not wishing to actually present them) – each topic requires
a separate submission, submit as many as you like:

http://speakers.northeastphp.org

We hope to have topics and hands-on workshops in four tracks:

  • Core PHP topics (Intermediate to Advanced levels)
  • Web development related topics
  • Training track (workshop style)
  • UX related topics

This event is co-organized by 3 User Groups in the Northeast of North America,
namely: Atlantic Canada,
Vermont and Area, and Boston.

February 9, 2012

phpMyAdmin has switched to github

The phpMyAdmin project has moved all its git repositories over to
github. This allows people to contribute easier; it also brings speed
improvements to developers.

February 8, 2012

PHP 5.3.10 Released!

The PHP development team would like to announce the immediate
availability of PHP 5.3.10. This release delivers a critical security
fix.

Security Fixes in PHP 5.3.10:

  • Fixed arbitrary remote code execution vulnerability reported by Stefan
    Esser, CVE-2012-0830.

All users are strongly encouraged to upgrade to PHP 5.3.10.

For source downloads please visit
our downloads page, Windows binaries can be found
on windows.php.net/download/.

February 2, 2012

Apache HTTP Server 2.2.22 Released 

                       Apache HTTP Server 2.2.22 Released

   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 2.2.22 of the Apache HTTP
   Server ("Apache").  This version of Apache is principally a security
   and bug fix release, including the following significant security fixes:

   * SECURITY: CVE-2011-3368 (cve.mitre.org)
     Reject requests where the request-URI does not match the HTTP
     specification, preventing unexpected expansion of target URLs in
     some reverse proxy configurations.

   * SECURITY: CVE-2011-3607 (cve.mitre.org)
     Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
     is enabled, could allow local users to gain privileges via a .htaccess
     file.

   * SECURITY: CVE-2011-4317 (cve.mitre.org)
     Resolve additional cases of URL rewriting with ProxyPassMatch or
     RewriteRule, where particular request-URIs could result in undesired
     backend network exposure in some configurations.

   * SECURITY: CVE-2012-0021 (cve.mitre.org)
     mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
     string is in use and a client sends a nameless, valueless cookie, causing
     a denial of service. The issue existed since version 2.2.17.

   * SECURITY: CVE-2012-0031 (cve.mitre.org)
     Fix scoreboard issue which could allow an unprivileged child process
     could cause the parent to crash at shutdown rather than terminate
     cleanly.

   * SECURITY: CVE-2012-0053 (cve.mitre.org)
     Fixed an issue in error responses that could expose "httpOnly" cookies
     when no custom ErrorDocument is specified for status code 400.

   The Apache HTTP Project thanks halfdog, Context Information Security Ltd,
   Prutha Parikh of Qualys, and Norman Hippert for bringing these issues to
   the attention of the security team.

   We consider this release to be the best version of Apache available, and
   encourage users of all prior versions to upgrade.

   Apache HTTP Server 2.2.22 is available for download from:

http://httpd.apache.org/download.cgi

   Please see the CHANGES_2.2 file, linked from the download page, for a
   full list of changes.  A condensed list, CHANGES_2.2.22 includes only
   those changes introduced since the prior 2.2 release.  A summary of all
   of the security vulnerabilities addressed in this and earlier releases
   is available:

http://httpd.apache.org/security/vulnerabilities_22.html

   This release includes the Apache Portable Runtime (APR) version 1.4.5
   and APR Utility Library (APR-util) version 1.4.2, bundled with the tar
   and zip distributions.  The APR libraries libapr and libaprutil (and
   on Win32, libapriconv version 1.2.1) must all be updated to ensure
   binary compatibility and address many known security and platform bugs.
   APR-util version 1.4 represents a minor version upgrade from earlier
   httpd source distributions, which previously included version 1.3.

   Apache 2.2 offers numerous enhancements, improvements, and performance
   boosts over the 2.0 codebase.  For an overview of new features
   introduced since 2.0 please see:

http://httpd.apache.org/docs/2.2/new_features_2_2.html

   This release builds on and extends the Apache 2.0 API.  Modules written
   for Apache 2.0 will need to be recompiled in order to run with Apache
   2.2, and require minimal or no source code changes.

http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

   When upgrading or installing this version of Apache, please bear in mind
   that if you intend to use Apache with one of the threaded MPMs (other
   than the Prefork MPM), you must ensure that any modules you will be
   using (and the libraries they depend on) are thread-safe.
January 31, 2012