News

Mysql 8.4.2 & 9.0.1

Introduces B/C changes to MySql. Especially my.ini

This document contains release notes for the changes in MySQL 9.0. For information about changes in a different version of MySQL, see the release notes for that version.

For additional MySQL 9.0 documentation, see the MySQL 9.0 Reference Manual, which includes an overview of features added in MySQL 9.0 (What Is New in MySQL 9.0), and discussion of upgrade issues that you may encounter while upgrading.

MySQL platform support evolves over time; please refer to https://www.mysql.com/support/supportedplatforms/database.html for the latest updates.

Updates to these notes occur as new product features are added, so that everybody can follow the development process. If a recent version is listed here that you cannot find on the download page (https://dev.mysql.com/downloads/), the version has not yet been released.

The documentation included in source and binary distributions may not be fully up to date with respect to release note entries because integration of the documentation occurs at release build time. For the most up-to-date release notes, please refer to the online documentation instead.

For legal information, see the Legal Notices.

For help with using MySQL, please visit the MySQL Forums, where you can discuss your issues with other MySQL users.

Document generated on: 2024-08-06 (revision: 28819)

PHP 8.2.21 & 8.3.9 + xdebug hotfix


This release will enable Xdebug and develop, debug and trace modules on ALL PHP versions. In order to apply these, the PHP modules used must be re-downloaded.

PHP 8.2.21 -  https://www.php.net/ChangeLog-8.php#8.2.21

PHP 8.3.9 - https://www.php.net/ChangeLog-8.php#8.3.9

Changes xdebug to be on by default and utilizing develop, debug, & trace modes by default.

Apache 2.4.62

Security release!

important: Apache HTTP Server: source code disclosure with handlers configured via AddType (CVE-2024-40725)

A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.

Users are recommended to upgrade to version 2.4.62, which fixes this issue.

Reported to security team 2024-07-09
Update 2.4.62 released 2024-07-17
Affects 2.4.60 through 2.4.61

important: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (CVE-2024-40898)

SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests.

Users are recommended to upgrade to version 2.4.62 which fixes this issue.

Acknowledgements:

  • finder: Smi1e (DBAPPSecurity Ltd.)
  • finder: xiaojunjie (DBAPPSecurity Ltd.)
Reported to security team 2024-07-12
Update 2.4.62 released 2024-07-17
Affects 2.4.0 through 2.4.61

SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows (cve.mitre.org) SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. Credits: Smi1e (DBAPPSecurity Ltd.)

SECURITY: CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue.

mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for "balancer:" URLs set via SetHandler, also allowing for "unix:" sockets with BalancerMember(s). PR 69168. [Yann Ylavic]

mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs. PR 69160 [Yann Ylavic]

mod_ssl: Fix crashes in PKCS#11 ENGINE support with OpenSSL 3.2. [Joe Orton]

mod_ssl: Add support for loading certs/keys from pkcs11: URIs via OpenSSL 3.x providers. [Ingo Franzki ifranzki linux.ibm.com]

mod_ssl: Restore SSL dumping on trace7 loglevel with OpenSSL >= 3.0. [Ruediger Pluem, Yann Ylavic]

mpm_worker: Fix possible warning (AH00045) about children processes not terminating timely. [Yann Ylavic]

Bearsamp 2024.6.27

Bearsampp 27 June Release

Added Xlight FTP server
Added Mailpit SMTP server
Deprecated Filezilla FTP server
Deprecated Mailhog SMTP server
Added Rebuild ini function
Completed Docblocks

MariaDB June releases

Release Notes

This section contains the release notes for MariaDB Server releases. This section is divided into the major MariaDB series. The latest long-term stable series, as well as rolling release, is MariaDB 11.4 (maintained for five years), and the current development release is MariaDB 11.5.

    Release Notes - MariaDB 11.6 Rolling Releases

    Release Notes - MariaDB 11.5 Rolling Releases

    Release Notes - MariaDB 11.4 Series

    Release Notes - MariaDB 10.11 Series

    Other Release Notes Articles

    There are 2 related questions.
    Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

    1. Ghostscript 10.03.1
    2. Git 2.45.2
    3. Composer 2.7.7 Security Release
    4. PHP 8.1.28, 8.2.19, & 8.3.7 Release + Hotfix

    Page 26 of 54

    Our Supporters

    Jet Brains
    AM Graphix
    Bear
    Tassos gr
    Simplify your web
    codium

    Sorry, this website uses features that your browser doesn't support. Upgrade to a newer version of Firefox, Chrome, Safari, or Edge and you'll be all set.