April 2010

Mysql released 5.1.46

For all who are using to a 5.1.x version. This is mostly a bug fix release and it is up to you if you want to upgrade. There is a single security issue mentioned in the release notes. Check all the fixes and changes that are listed on the release notes to see what issues are resolved and if you are affected.

I’ve compiled this version and did some simple tests on my test servers and it worked without any problems.

Please note that I’ve made some changes to the startup scripts to make sue that you are indeed running the updated version as indicated in my earlier post.

Read the documentation on how to ugrade MySQL.

Security Update 2010-003

I’ve never seen two Security Updates this close after one another. This is a minor fix which solved a 0 day security issue:

Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint’s Zero Day Initiative for reporting this issue.

There are no changes to any of our software (yes even postfix is unaffected!) so you can run this without any problem. Read more about it in Apple’s Knowledge base article.

Mac OS X update 10.6.3 and Security Update 2010-002

I’ve updated all my machines that run Snow Leopard with the update and I haven’t noticed any strange behavior or errors.

If you want to read more on what is affected in the updates I would suggest reading the Apple support site for the (security) update.

There are some reports on changes in the firewall which might affect the workings of your server if you are using the default firewall configuration. I use noobproof to configure my firewalls. It has a better level of control.

Update: the postfix binary is replaced and you need to run a “sudo make install” from the last version you used. This is a reminder on why you keep the compiled stuff lying around on the server and not clean it up after installation.