Re: [PHP-DEV] PHP 7.2.19 Released

This is only part of a thread. view whole thread
  105809
May 31, 2019 04:17 me@ryanmccullagh.com ("Ryan McCullagh")
Hi internals group,

I hope you guys are doing well, and it's a pleasure to be on this mailing list. I have a question about the PHP upgrade path on Debian and Ubuntu. The common recommendation is to use the PPA from Ondřej Surý located at https://launchpad.net/~ondrej - Is this officially recommended by the PHP Group as well? 

Since 7.2.19 is a security release, I am trying to figure out the best way to get the release without compiling it myself. I can of course compile PHP and pull in the tag from git, but if someone has already solved this problem, I'd love to contribute to their system, rather than invent my own.

Thanks,
Ryan


On Thu, May 30, 2019, at 2:35 PM, Sara Golemon wrote:
> Hi, > > The PHP development team announces the immediate availability of PHP > 7.2.19. This is a security release which also contains several minor bug > fixes. > > All PHP 7.2 users are encouraged to upgrade to this version. > > For source downloads of PHP 7.2.19 please visit our downloads page. > Windows binaries can be found on the PHP for Windows site. > The list of changes is recorded in the ChangeLog. > > Release Announcement: http://php.net/releases/7_2_19.php > Downloads: http://www.php.net/downloads > Windows downloads: http://windows.php.net/download > Changelog: http://www.php.net/ChangeLog-7.php#7.2.19 > > Many thanks to all the contributors and supporters! > > Sara Golemon, Remi Collet > > Signatures and hashes may be found below and at: > https://gist.github.com/sgolemon/cd80f62daedc828fd6c337513781f823 > > php-7.2.19.tar.gz > SHA256 hash: > 1cd2266a058f3224d3cba594540045542606996f026eeef96747f27f6b3d22b6 > PGP signature: > -----BEGIN PGP SIGNATURE----- > iQIcBAABAgAGBQJc7jHwAAoJENyf+NPuWvJ/Z2YQAI+6yxXaAre/SVkIiY8qL589 > 3J+x5SEuJcq/DIfjJdAHXm7X8Q3WQYWfK6+2nPTRnaBVuEAGHIwt3+y97L26wGG7 > MUzKZ7xZ9b74mIcVmLA5f8wVQcDlzALtlFFY3jN81bU0H1sUhNEKR94RdPS3qyVv > orKBlaIhee9NPJbm6c9LW/spiSK+s3k84eC3MyxSHfvXyh6+cgSvmFgsklNKm3e6 > /pG+8enDZibCiyArt6QqS3G6SMI4CIicZflEqs+lctl2bk4dq0n7nVlAIWech899 > /YT3wkEkZRw88tJcJrnlbe9zwcdiLFvr3eUwXEq/qdTJFSqg67H4j1iiYs9f9xke > uN2qa7Im0K47+G7UFwZh3556SNnSJA8ae3FUdFaVi+WbHMPInRdnJVwcG+Gf1BZa > G98O1sjRm2ifYgu+9hkmGBmHtQvMsjCSKV6VTUF+dRBXO6yTmxi1RzXCRiaWQsiD > GLUcT2MmKgVjHwoBHfLPubpqbnKyHXMMZLs3izokci/iRt7nl0blkDvNMph07TAo > p4g0CHtAGlMHt8OCEyeHEdHkp4jGG3wwBCzmVmcliq471Z04cwpA4cRJW7mKChKY > ZY7JeZT5kY8w5Ka7fSxzKZLkzYpsAJeIixiWR6TP8h3zMy+5YCLv54uKZMEVHLVy > PrwDc7t4S0Z73O/Fq+RZ > =8s8v > -----END PGP SIGNATURE----- > > php-7.2.19.tar.bz2 > SHA256 hash: > ebd0b1f375fe07ed4925acc213d2f5ef76a61bd5de174e7b666b98421a90a099 > PGP signature: > -----BEGIN PGP SIGNATURE----- > iQIcBAABAgAGBQJc7jH0AAoJENyf+NPuWvJ/LEgP/RUe5HvFNHC3vqYhgtaiQMkP > vYTb+YSZs0b7rcR3FYlR09I0EcvEarHtes9/EsxsjYxrZ4YR9zBBzq8/+kk59I7G > h/sEWbwQEZCCHkrxuWInfrDdB7Iy+vXeMOxkvw79x0L7QW1xSIYScPyHGQMerg7o > t7HZZ8X2C9kCKmrY0PWSd2fbF/Pfp8nhb/QukEurIDgQwGAqNqGvOrXp3aIWuF9k > iGOkAqBKrrcVEZBciatRzrOL2GvtOpzMCYkt3fnlxAbzASaahu4Cu92GVk901Xmt > r9wpdeI37Vz+laDfbDwXNmbVVUdg1FUhS2hs85oogIl7oJT5BC5VF8jmY1yC7GqL > hbp9laIDzDUi0Fm5i/NHrjxBXfrqz46NfuBjMBWBOuOMVUz1AqefWV1+9lLgxVrV > R0YvVpl8vQcg5QnOX5hfsx/VLK9K/lAp9ovs3kq5EZhyXFDnHTGgZXtpdwwNHqqH > XfnJYWy9pBAv1zFlBHV2yaknxs3DmZul8CoXikHI/ul9T8GDHEGVifIV1s2qGaOt > 5OK79SmmccvsYMJAVDO0xFveUdbYTFLdHMQILPjaeOtLr91QlXKguHOTpVuSa1// > H4Pej9ZvwGohc0Z4JWXIgkgARTiwQDCcfdtr2Dt695Wgj7xo82e7zsAaa6g4UFMa > tSz18/nI3AsTv+CXytQs > =5Hir > -----END PGP SIGNATURE----- > > php-7.2.19.tar.xz > SHA256 hash: > 4ffa2404a88d60e993a9fe69f829ebec3eb1e006de41b6048ce5e91bbeaa9282 > PGP signature: > -----BEGIN PGP SIGNATURE----- > iQIcBAABAgAGBQJc7jH3AAoJENyf+NPuWvJ/xc0QAIsWKRbvGjXPJWdEAe3guF1b > PWpmPH+DRA7dq0rATizqrbOGr4dQO6m3rQ1RqutUlamXmnSvmhgLtmBJpZXR/uqH > diQSlefI+w70RfauAoVb/Wf5qipMhF6F9boqBsaMvHG6PDlw7Ii176MEKjJkR6pW > RLVq4NShYuMC0PMO9S7ys0AqaMK9vmLG2lwRASHjqPkAtzzp5T97TjiJ+171hjbM > R2zGzYIVI0Bfe+eD39kiBdq0kkrtKOhfZG/N+Emov7Hp/ejW+UqKtykfDIqmP154 > hMhf1OQrDN+2zh1LDjd0bNDVTzEkJeYbhkxKG1cveoTP6Q3pyFoplv8AGGwA/j6L > AFi+/nW2/3Jx9wzhWhgwCs16gjY5LVGBsqDSQio05MHLmes6FHIg5HrcEu46ALho > DowbX+fKjv1FJaM0mVACkH0yXjIFAJZaT1cqL4LoO/Hy4tXt1/SzG7ruXpMhwt9M > 5skepjIo+AWtMpXU3W6wTdcBPClEe4eGhNH+onRfosqOKpZUNKwnn5gFYnIRnPd0 > hIGnbYilR2PM2RuChVJTwW1u0HELbSJLdN9bdFW6jWgGQ4K7Ks0q3UGz6EbiU7k+ > bsKg9imiVxJJiMhoOy48uNG81kow2xDsDv7ZJTBYJPG5X0Tg5Ew0AGkTxIWhBv5t > FS7tUKb11JFFVSEbWanF > =zBm0 > -----END PGP SIGNATURE----- >
  105817
June 1, 2019 17:56 larry@garfieldtech.com ("Larry Garfield")
On Thu, May 30, 2019, at 11:17 PM, Ryan McCullagh wrote:
> Hi internals group, > > I hope you guys are doing well, and it's a pleasure to be on this > mailing list. I have a question about the PHP upgrade path on Debian > and Ubuntu. The common recommendation is to use the PPA from Ondřej > Surý located at https://launchpad.net/~ondrej - Is this officially > recommended by the PHP Group as well? > > Since 7.2.19 is a security release, I am trying to figure out the best > way to get the release without compiling it myself. I can of course > compile PHP and pull in the tag from git, but if someone has already > solved this problem, I'd love to contribute to their system, rather > than invent my own. > > Thanks, > Ryan
If you're on a supported Debian/Ubuntu release, then your best bet is apt-get update && apt-get upgrade. Done. They're pretty good about getting security updates out in a reasonable time. If you're using a 3rd party PPA repository (Ondrej or otherwise), the same applies. If your PPA source isn't on-the-ball about security releases, you need a new PPA source. :-) If you're not on a a still-supported Debian/Ubuntu release, stop what you're doing and get on a current/supported version, stat. --Larry Garfield
  105818
June 1, 2019 18:27 scott@exussum.co.uk (Scott Dutton)
Ondrej updated on the 31st (yesterday). The official Ubuntu one (in 18.04 at least) updated on 30th. 

Both do update pretty quickly usually. 

Scott



On 1 June 2019 18:56:44 BST, Larry Garfield <larry@garfieldtech.com> wrote:
>On Thu, May 30, 2019, at 11:17 PM, Ryan McCullagh wrote: >> Hi internals group, >> >> I hope you guys are doing well, and it's a pleasure to be on this >> mailing list. I have a question about the PHP upgrade path on Debian >> and Ubuntu. The common recommendation is to use the PPA from Ondřej >> Surý located at https://launchpad.net/~ondrej - Is this officially >> recommended by the PHP Group as well? >> >> Since 7.2.19 is a security release, I am trying to figure out the >best >> way to get the release without compiling it myself. I can of course >> compile PHP and pull in the tag from git, but if someone has already >> solved this problem, I'd love to contribute to their system, rather >> than invent my own. >> >> Thanks, >> Ryan > >If you're on a supported Debian/Ubuntu release, then your best bet is >apt-get update && apt-get upgrade. Done. They're pretty good about >getting security updates out in a reasonable time. > >If you're using a 3rd party PPA repository (Ondrej or otherwise), the >same applies. If your PPA source isn't on-the-ball about security >releases, you need a new PPA source. :-) > >If you're not on a a still-supported Debian/Ubuntu release, stop what >you're doing and get on a current/supported version, stat. > >--Larry Garfield > >-- >PHP Internals - PHP Runtime Development Mailing List >To unsubscribe, visit: http://www.php.net/unsub.php
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.