New PHP4 Upgrade available
You've probably seen this, but then again, this is
"In Case You Missed It" so here goes: if you haven't upgraded to PHP 4.4.1, then you need to - it includes some security fixes you need to be aware of. Go grab it at http://www.php.net/downloads.php#v4
and read the changelog if you like, although this is strictly a maintenance release.
PEAR Security Advisory
Greg Beaver has discovered a flaw in the PEAR installer (versions 1.4.2 and prior), so you are encouraged to upgrade as soon as possible to 1.4.3. You can read more about the advisory at the PEAR website: http://pear.php.net/group/docs/20051104-sa.php
or at Greg Beaver's blog: http://greg.chiaraquartet.net/
Free Database Now Available from Oracle
Oracle has announced
their beta release of a free "lite" version of the new 10g database; the 10g XE (Express Edition). You can download and read all about this new toy at http://www.oracle.com/technology/products/database/xe/index.html
And You Thought it Was Safe...
...to go back in the XML-RPC water. Netcraft
(and others) are reporting that although the XMLRPC security flaw that was discovered months ago was patched, there are still exploits being reported. Please, we are begging you. Upgrade your software. NOW. Interesting info from the Internet Storm Center on this: http://isc.sans.org/diary.php?date=2005-11-05
Patch your vBulletin
Secunia is reporting an image uploading vulnerability in vBulletin, which has been fixed in a patch. To read the advisory, go to http://secunia.com/advisories/17359/
and to get your patch (and read subsequent documentation), go to http://www.vbulletin.com/forum/showthread.php?t=161721
SourceForge offers MySQL 4.1.x and phpMyAdmin
In a recent announcement
, SourceForge lets us know that project admins will have access to multiple MySQL 4.1.x databases, as well as three separate database accounts (read-only, read-write, and admin access). But wait, there's more! Admins will also have access to a centralized version of phpMyAdmin for ease in managing projects. To read the official release, go to http://sourceforge.net/forum/forum.php?forum_id=508547
. Thanks, SourceForge!
Zend Conference Wrap Up
In case you just can't get enough of the Zend Conference, or if you want to relive the memories, they have posted the official conference photos (all 800), as well as a final schedule with links to the presentation overheads (where available). You can reach these by going to http://zend.kbconferences.com.
Apparently this one was such a success that they are also announcing next year's conference, to be held at the Doubletree Hotel in San Jose, CA October 17-20, 2006. Mark your calendars and start saving your pennies now, so you won't miss out next year.
Rasmus's Guide to Yahoo! Maps API
On his toys page, Rasmus Lerdorf has graciously written a tutorial on Yahoo!'s geocoding platform. You can see his samples at http://toys.lerdorf.com/
Windows/PECL Users Take Note
In a recent blog post
, Wez Furlong reminds us of pecl4win (http://pecl4win.php.net
) which is designed to provide PECL extensions compiled for Windows in a central place. You can view all the extensions, or view them by the version of PHP you're running. A great resource that you should check out if you're running Windows.
I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include:
And for PECL, we had:
||PHP Data Objects Interface
||FreeTDS/Sybase/MSSQL driver for PDO
||Mysql 3.x/4.0 driver for PDO
||Oracle Call Interface driver for PDO
||ODBC v3 Interface driver for PDO
||PostgreSQL driver for PDO
||SQLite v3 Interface driver for PDO
||Extended HTTP Support
||RPM file meta information reader
||For all those things you.... probably shouldn't have been doing anyway....
||Bindings for the libssh2 library
As always, you can download or learn more about these packages at http://pear.php.net
See you next week with more news and tidbits from the PHP world!