March 2013

PHP released 5.4.13 and Apache was updated to 2.4.4

Two updates in one blogpost. Just to save me some time I’m mentioning these together.

The PHP update is a security update and a bug fix release. The security issues in question are: CVE-2013-1643 and CVE-2013-1635. Read the ChangeLog for all the information.

Apache is updated due to a security issue and I’m advising you to upgrade. I’ve tried it on my test servers without any problem. The security issues in question were:

  • SECURITY: CVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
  • SECURITY: CVE-2012-4558 XSS in mod_proxy_balancer manager interface.

For instructions on how to upgrade PHP and Apache please read: Upgrading PHP or Upgrading Apache .

ClamAV 0.97.7 – update

There is a update for ClamAV available for download. The current version is 0.97.7. Upgrading is relatively easy and straight forward. All that needs to be done is remove the old version and install the new.

You can check the instructions on what to do here Upgrading ClamAV.

There is no need to reconfigure anything.