Thursday, April 26. 2007
The 2nd release candidate of PHP 5.2.2 was just released and can be downloaded here:
Source Code:
http://downloads.php.net/ilia/php-5.2.2RC2.tar.bz2 (md5sum: 4752195cc5418686914ee1db08774763)
Win32 Binaries:
http://downloads.php.net/edink/php-5.2.2RC2-Win32.zip (md5sum: afa59d4219d83b7281f0101c9dae947e)
Since there were no major regressions in RC1 and RC2 only resolved pre-existing issues the goal is to proceed with the final release next Thursday. To make sure that the release is solid and does not break any existing code I would like ask everyone to test it against their code to see if everything still works as expected. If you identify any new issues since 5.2.1, please let me know.
Monday, April 23. 2007
The final release candidate of FUDforum 2.7.7RC2 is now available for download. This releases' focus has been primarily bug fixing with a fair number of small issues being resolved. I anticipate this RC will go smoothly and will be followed by a final within 2-3 weeks.
The install script can be found here and the upgrade script here.
The release announcement detailing all of the major changes can be found here.
Tuesday, April 10. 2007
The first release candidate of PHP 5.2.2 is now available for download here:
http://downloads.php.net/ilia/php-5.2.2RC1.tar.bz2 (262e36555c083d103259fea165faabaf)
http://downloads.php.net/ilia/php-5.2.2RC1.tar.gz (04e979787670d3d5e1c3e289104b65fa)
The focus of this release is twofold, number one we are continuing to stabilize the language, with over 60 bug fixes. The second goal was to improve the security of the language through an internal audit as well as by addressing previously unknown bugs identified by MOPB. As you can imagine both these goals result in a rather extensive set of changes, so testing to make sure no new bugs or regressions were introduced is critical. Therefor I would like to ask everyone, over the next few weeks to give this RC a shot with your code base to ensure there are no problems. I want to make 5.2.2 go out as soon as possible given the security improvements that it brings, with the next RC slated at just over 2 weeks from today (April 26th) and the final in early May.
If you come across any problems feel free to identify them by replying to this blog entry or by creating a bug report on http://bugs.php.net.
Saturday, March 17. 2007
Took a bit longer then I thought but the slides from my Security Tutorial and the Migrating to PHP 5.2.1 talk are filly up and can be found on the talks page (scroll to the bottom).
I hope the people who attended the talks found them interesting and I'd like to thank all the people who took the time to leave feedback, which relayed to me amazingly fast by the organizers.
A big thanks should go to the organizers as well who have done an amazing job in organizing the conference and the after-conference activities. Having a 5 star hotel for the conference was a very nice perk as well .
Thursday, March 8. 2007
I spotted Edin's blog post about PHP 4.4.6 now being linked against MySQL 5.0.36 on Windows and decided to see what is new in that release in comparison to the 5.0.33 I am currently running.
A quick visit to the MySQL's downloads page revealed a distinct absence of said release however. There are however release notes about MySQL 5.0.37, which lists some compelling fixes. Unfortunately, this release is nowhere to be found as well, even though the release notes claim it was released on 27 February 2007.
A simple question comes to mind, WTF?
Tuesday, February 13. 2007
The slides for the Migrating to 5.2.1 from the Vancouver conference are now available, they can be found here:
http://ilia.ws/files/vancouver_php52.pdf
Monday, February 12. 2007
The slides from the caching talk in Vancouver are now available online and can be downloaded here:
http://ilia.ws/files/vancouver_cache.pdf
Thursday, February 8. 2007
It took a bit longer then originally anticipated, but PHP 5.2.1 was finally released today. Big thanks to all the people who have helped make this release possible, by reporting bugs, identifying security issues and of course helping to resolve those issues and improving the language in general.
The focus of this release was making PHP 5.2 more stable and more secure. The complete shopping list of changes can be found here. The official release announcement can be found at http://www.php.net/releases/5_2_1.php, it details the major changes and all of the security fixes that have been made in this release.
Given the significant number of security issues that were resolved, my recommendation is that all users of PHP, especially those running really old versions (You know who you are ) consider upgrading to this release as soon as possible. Not only will the security of your setup increase, but the stability and the performance of your PHP will improve as well.
The tarballs and the binaries that comprise this release can be found here: http://www.php.net/downloads.php
Tuesday, February 6. 2007
Through an interview on SecurityFocus Stefan Esser has just announced his plans for the "Month of PHP Bugs" (MOPB?) during March 2007.
It would be interesting to see what issues he discovers, hopefully most of them have already been reported to the PHP Security Team, in which case the upcoming 5.2.1 release will provide a resolution path for affected users. Hopefuly, unlike the MOAB and MOKB, the reported issues are not going to be infamous 0-day vulnerabilities. If they are however, which would be unfortunate, I think we'd be looking at a security fix only release in April, while releasing patches to address individual issues on a daily basis.
Either way, I have to look at this as a free security audit of PHP by someone with a clue about security and ultimately, in the long run it will only make PHP better, even if March is going to be rather busy
Thursday, January 25. 2007
I've packaged what looks the be the final RC for the 5.2.1 release, RC4. This release fixes another dozen or so bugs since the last release and from the given feedback looks to be regression free. That said I'd like to ask everyone to take a few minutes and try this RC with their code to make sure it really is as good as it seems and to ensure no new issues are introduced.
If you come across any issue please let me know via http://bugs.php.net, this blog, or internals mailing list.
The tarballs for this release can be found here:
http://downloads.php.net/ilia/php-5.2.1RC4.tar.bz2 (md5sum: f50578276f653b1f523150e3ff987f03)
http://downloads.php.net/ilia/php-5.2.1RC4.tar.gz (md5sum: 361197eb2b21b36e2e20cb132da2cf16)
Sunday, January 21. 2007
Sometimes the things you'll find on a bookshelves of your local book store can be quite unusual and downright weird. Consider the following super-hero themed series of books on Windows products by O'Reilly.
Thursday, January 18. 2007
The 3rd release candidate for PHP 5.2.1 is now available for download. The tarballs can be found here:
http://downloads.php.net/ilia/php-5.2.1RC3.tar.bz2 (d3889eda8c3471ce7cf2adb35a4de736)
http://downloads.php.net/ilia/php-5.2.1RC3.tar.gz (c5b3e5540d1951d4c4b976b8a39c09ab)
and the Win32 binaries will be available in short order.
Since the last release, there are over 20 different bug fixes resolving some annoying engine issues such as the tempval leak inside foreach(). We do not anticipate any regressions to be introduced by this RC, but I would still like to ask everyone to take a few minutes and test it against their code base. If you come across any issues please report them at http://bugs.php.net/.
Depending on the stability of this release it may either be followed by a final release or another RC, therefor your feedback is critical to determining whether or not the code is stable enough to warrant the 5.2.1 final.
Wednesday, January 17. 2007
Thanks to Steph's hard work the last few months of weeklies are now available for reading. If you don't have the time or keep an eye on what's going on in the PHP community, especially on the developer mailing lists, weeklies are a quick shortcut to getting yourself up to date.
Monday, January 15. 2007
After a few month break since the last release, a new version of FUDforum is once again in the works. This is primarily a feature enhancement release with a slew of new functionality designed to improve the forum. Aside from the new feature a fair number of bug fixes is also available, so something for everyone
As you can tell from the version, this is release candidate, so its not quite perfect yet, but I am hoping that within a month the release process can be wrapped up and stable be released.
The install script can be found here and the upgrade script here.
The release announcement detailing all of the major changes can be found here.
Wednesday, January 10. 2007
As you may already know or soon will find out MySQL had released a new version of their community server, 5.0.33. First all congratulations to developers, any release is a lot of work and finally pushing it out the public is definitely an achievement.
There are however some interesting and in my eyes less then positive developments pertaining to this release. As you can see from Kaj's announcement as well as the state of the MySQL's download page pre-compiled binaries are no longer offered. The only files available for MySQL 5.0.33 are sources for *NIX and Windows platforms.
While this is not an issue for *NIX users where lack of binaries will be resolved by distros and if not, the compiler is always available and compiling MySQL is big issue, it does pose a major problem for Windows users who generally do not have access to a C/C++ compiler. This means that all the people who develop on Win32 and then deploy on *NIX machines will need to stick to older versions of the database for the dev environments or rely on someone other then MySQL to provide binaries (which may result is less then stable, trustworthy packages going around). This also may affect adoption rates since many companies insist (and rightly so) on using same version of DB on production and development.
Interestingly enough the "For maximum stability and performance, we recommend that you use the binaries we provide." statement on the download page still remains. I guess the suggestion is that if we (the users) want stability we need to go for the Enterprise edition.
|