BLOG

[ANNOUNCEMENT] Apache HTTP Server 2.4.10 Released

           Apache HTTP Server 2.4.10 Released

The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.10 of the Apache
HTTP Server ("Apache").  This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
recommended over all previous releases. This release of Apache is
principally a security, feature and bug fix release.

CVE-2014-0117 (cve.mitre.org)
mod_proxy: Fix crash in Connection header handling which 
allowed a denial of service attack against a reverse proxy
with a threaded MPM.

CVE-2014-3523 (cve.mitre.org)
Fix a memory consumption denial of service in the WinNT MPM (used in all Windows
installations). Workaround: AcceptFilter <protocol> {none|connect}

CVE-2014-0226 (cve.mitre.org)
Fix a race condition in scoreboard handling, which could lead to
a heap buffer overflow.

CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avoid
denial of sevice via highly compressed bodies.  See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.

CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server.  By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts.  The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.

Also in this release are some exciting new features including:

*) Proxy FGI and websockets improvements
*) Proxy capability via handler
*) Finer control over scoping of RewriteRules
*) Unix Domain Socket (UDS) support for mod_proxy backends.
*) Support for larger shared memory sizes for mod_socache_shmcb
*) mod_lua and mod_ssl enhancements
*) Support named groups and backreferences within the LocationMatch,
   DirectoryMatch, FilesMatch and ProxyMatch directives.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.

Apache HTTP Server 2.4.10 is available for download from:

http://httpd.apache.org/download.cgi

Apache 2.4 offers numerous enhancements, improvements, and performance
boosts over the 2.2 codebase.  For an overview of new features
introduced since 2.4 please see:

http://httpd.apache.org/docs/trunk/new_features_2_4.html

Please see the CHANGES_2.4 file, linked from the download page, for a
full list of changes. A condensed list, CHANGES_2.4.10 includes only
those changes introduced since the prior 2.4 release.  A summary of all 
of the security vulnerabilities addressed in this and earlier releases 
is available:

http://httpd.apache.org/security/vulnerabilities_24.html

This release requires the Apache Portable Runtime (APR) version 1.5.x
and APR-Util version 1.5.x. The APR libraries must be upgraded for all
features of httpd to operate correctly.

This release builds on and extends the Apache 2.2 API.  Modules written
for Apache 2.2 will need to be recompiled in order to run with Apache
2.4, and require minimal or no source code changes.

http://svn.apache.org/repos/asf/httpd/httpd/trunk/VERSIONING

When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs (other
than the Prefork MPM), you must ensure that any modules you will be
using (and the libraries they depend on) are thread-safe.



EasyPHP News

#EasyPHP Webserver launch : screenshot
EasyPHP Webserver is almost ready. Launch date : friday 25th.
What is EasyPHP Webserver ? EasyPHP Webserver turns your computer into a ready-to-use personal web hosting server. You can host whatever you want directly on your computer and share it with everyone on internet like any website.


phpMyAdmin 4.0.10.1, 4.1.14.2 and 4.2.6 are released

Welcome to phpMyAdmin 4.0.10.1, 4.1.14.2 and 4.2.6, which are bugfix versions with security fixes.

PHP Cape Town Conference

Cape Town's 2nd Annual PHP Conference is here… 2nd – 4th October 2014

We are excited to announce our 2nd Annual
PHP Cape Town Conference, 3 Days
at The Cape Town Stadium overlooking the Atlantic Ocean – yip insane views.

Keeping with our winning formula of international speakers combined with some
great local talent to learn off. With over 300 delegates expected, you do not
want to miss this one.

PHP Cape Town 2013 SOLD OUT in less than 4 weeks and it will happen again.

If you're PHP-Curious or Skilled Developer we would like you to share in the
experience. Thank You to the PHP Cape Town Community for volunteering and
helping out. Call for Papers will close 20th July 2014.

  • 12 Speakers
  • 6 Practical Workshop Sessions
  • Great Sponsors
  • Free Swag, T Shirt and Books
  • Prize Draws

EasyPHP News

#PHP 5.6.0 RC2 is available!
Download: http://www.easyphp.org/components.php


PHP 5.6.0RC2 is available

The PHP development team announces the immediate availability of the second release
candidate of PHP 5.6. As we entered the feature freeze with beta1, this is a
bugfix-only release. All users of PHP are encouraged to test this version carefully,
and report any bugs in the bug tracking system.

THIS IS A DEVELOPMENT PREVIEW – DO NOT USE IT IN PRODUCTION!

For more information about the new features you can check out the work-in-progress
documentation
or you can read the full list of changes in the
NEWS file
contained in the release archive.

For source downloads of PHP 5.6.0RC2 please visit
the download page. Windows binaries
can be found on windows.php.net/qa/.

Our third Release Candidate should show up on the 17th of July.

Thank you for helping us make PHP better.

EasyPHP News

Two new components : #PHP 5.6.0 RC1 & 5.5.14 for #EasyPHP Devserver 14.1.
Download: http://www.easyphp.org/components.php


EasyPHP News

Work in progress : #EasyPHP Devserver 14.2 with #Apache 2.4.9, #MySQL 5.6.19, #PHP 5.6.0, #PhpMyAdmin 4.2.5 and new stuff…


EasyPHP News

New component : #PHP 5.4.30 for #EasyPHP DevServer 14.1 is out!
Download: http://www.easyphp.org/components.php

**********************
The PHP development team announces the immediate availability of PHP 5.4.30. Over 20 bugs were fixed in this release, including the following security issues: CVE-2014-3981, CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-4049, CVE-2014-3515. All PHP 5.4 users are encouraged to upgrade to this version.

Please, note that this release also fixes a backward compatibility issue that has been detected in the PHP 5.4.29 release. Still, the fix in PHP 5.4.30 may break some very rare situations. As this tiny compatibility break involves security, and as security is our primary concern, we had to fix it. This concerns bug 67072. For more information about this bug and its actual resolution, please refer to our upgrading guide, section 4a. We apologize for any inconvenience you may have experienced with this behavior.

For source downloads of PHP 5.4.30 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

PHP 5.5.14 is released

The PHP Development Team announces the immediate availability of PHP 5.5.14.
This release fixes several bugs against PHP 5.5.13.
Also, this release fixes a total of 8 CVEs, half of them concerning the FileInfo
extension.

All PHP users are encouraged to upgrade to this new version.

Please, note that this release also fixes a backward compatibility issue that has been
detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may break some very rare
situations. As this tiny compatibility break involves security, and as security is our primary
concern, we had to fix it. This concerns
bug 67072. For more information about
this bug and its actual resolution, please visit our
upgrading guide.
We apologize for any inconvenience you may have experienced with this behavior.

For source downloads of PHP 5.5.14, please visit our downloads page.
Windows binaries can be found on windows.php.net/download/.
The list of changes is recorded in the ChangeLog.

follow us on google+ follow us feedburner