I don’t know why but I’m very tired. I jot down for my memory.
My server OS is Windows7 HP SP1 (x86).
My guess tells me all of them are security releases. So I’ve dealt with them promptly.
In the past, Windows update gave us troubles almost every time, but I feel this was the first mess in quite a while. How about your feelings? (^_~)
Edit(Aug.28):
Hey! We have new MS14-045 update KB2993651. See Microsoft Security Bulletin MS14-045 – Important.
Recently, I had two inconvenient things. One is about IE11 on Windows7 and the other is about phpMyAdmin version on the service of WebCrow. Yes I know, these things aren’t grouped together because their levels are very different.
The thing about IE11 on Windows7 is this (Credential authentication does not work if you paste credential information by using the Paste shortcut menu command in Windows 7 or in Windows Server 2008 R2). This looks one of the well-known issues. OK, I need not the Hotfix of KB2547752. OK, I can do CTRL+V or anything. But about the trouble the most frustrating for me is IE11 on Windows7 shows me ‘●●●●●●●●●●’ as if the procedure is normally ended when I use a right click and paste. ‘Don’t Use the Paste shortcut menu command’ is an old story, so itself is no problem. But if it’s requested, they should not make IE show ‘●●●●●●●●●●’. Grrr.
The other is phpMyAdmin version is 2.11.x.x on WebCrow. This version does not have Configuration storage, so I cannot use the feature bookmarks. Very inconvenient! I realize I am dependent on the feature everyday life, ha-ha-ha.
They released PHP5.5.15 on Jul-24 01:03:48UTC. So, I updated my PHP from 5.5.14 to 5.5.15 on my Web server (Windows7HP+SP1(x86)). ChangeLog.
PHP 5.6.0RC3 is delayed than planned. What’s happening?
By the way, I read “Fix a memory consumption denial of service in the WinNT MPM” on Changes with Apache 2.4.10. So I stopped using the word around. But it did not work well. On the next day, I rolled back the work around.
Edit(Aug.1):
Finally they released PHP 5.6.0RC3. It’s two weeks later than scheduled. They say their next Release Candidate should show up on the 14th of August. Is PHP 5.6.0GA going to show up in September?
Apache HTTP Server 2.4.10 was released. It includes five security patches. It has a new module named mod_authnz_fcgi, so httpd.conf has a following added line.
#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
On the Windows version it was upgraded pcre from 8.34 to 8.35 and APR from 1.5.0 to 1.5.1.
I downloaded httpd-2.4.10-win32-VC11.zip (17 Jul) from the ApacheLounge for my Windows7 server. If you need the information about Apache 2.4.x configuration on Windows, see my post ‘To create a Wamp-like Web Server in Windows7-#1.‘.
They released PHP5.5.14 on Jun-25 23:06:26UTC. So, I updated my PHP from 5.5.13 to 5.5.14 on my Web server (Windows7HP+SP1(x86)).
According to ChangeLog, this includes eight CVE fixes, oh! my gosh. They also concerns about bug 67072. If you have issues related to this and need more information, you should visit their upgrading guide.
The php.ini-production has no change. As the official PHP binary includes php5apache2_4.dll, I extract the zip archive and replace all PHP5.5.13 files with all PHP5.5.14 files except my php.ini. Then, I restart my Apache. That’s it.
If you need how to configure PHP5.5, please see the post. It is for a mbstrings user, but the information gives some help for you.
I used this opportunity to update to phpMyAdmin 4.2.5 and MariaDB 10.0.12. If you need more information about their configuration, Please see “phpMyAdmin 4.2.0 is released” and “MariaDB 5.5“.
Since WordPress that was version 3.7 had a ca-bundle.crt in its wp-includes folder, I’ve had troubles when I upgrade my WordPress Network. I misunderstood the message “Warning! Problem updating https://SITENAME.” meant one of my sites had a trouble, but now I think it meant the first site the WordPress checked out was wrong and the WordPress had no information about the rest of my sites.
First I had the “Error message: SSL certificate problem: self signed certificate in certificate chain” because I use a self-signed certificate. But Oiram gave me its solution. All I need is to add my CA cert data to the ca-bundle.crt.
Next I had the “Error message: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure”. I’ve had a hard time with this trouble for more than two months. Finally, I have the complete solution of this today \(^o^)/.
I look back now and think the trouble had three issues.
[ ssl_client ]
basicConstraints = CA:FALSE
nsCertType = client
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
nsComment = “OpenSSL Certificate for SSL Client”
And I made a new client.crt with ssl_client extension.
>openssl ca -config openssl.cnf -policy policy_anything -extensions ssl_client -in client.csr -out client.crt
curl_setopt( $handle, CURLOPT_SSLCERT, 'the exact path of clientcert.pem' );curl_setopt( $handle, CURLOPT_SSLKEY, 'the exact path of clientkey.pem' );
I hate to change WordPress core PHP scripts, so I try and try other methods, but nothing is useful. After all, I add the lines above to the class-http.php.
To copy the clientcert.pem and the clientkey.pem to somewhere in the server, somewhere means a safer place anyone cannot access via the Internet.
This reference is Client URL Library.
If you need how to create certificates, see the post “WordPress: Administration Over SSL #1”.
Now the error has gone. I’m happy, clap,clap!!
I’ve updated to MariaDB 10.0.11 on my server (Server OS : Windows7HP+SP1(x86)). I write the procedures as follows.
First, I backed up all the sever data. Especially, MariaDB and MyDB.
Next, I updated to MariaDB 10.0.11.
That’s it.
I used this opportunity to update to phpMyAdmin 4.2.3 and this is its ChangeLog. If you need its configuration, see “phpMyAdmin 4.2.0 is released”.
They released PHP5.5.13 on May-28 19:57:18UTC. So, I updated my PHP from 5.5.12 to 5.5.13 on my Web server (Windows7HP+SP1(x86)).
According to ChangeLog, this includes the fixes for CVE-2014-0237 and CVE-2014-0238. At this time, their Description is still ** RESERVED ** on the pages. CVE-2014-0237 is related to bug #67328 and CVE-2014-0238 is related to bug #67327.
The php.ini-production has no change. As the official PHP binary includes php5apache2_4.dll, I extract the zip archive and replace all PHP5.5.12 files with all PHP5.5.13 files except my php.ini. Then, I restart my Apache. That’s it.
If you need how to configure PHP5.5, please see the post. It is for a mbstrings user, but the information gives some help for you.
By the way, they announced their fourth and final beta should show up on the 29th of May. But we cannot see it still now. Do they have something wrong to delay final beta release? When will PHP5.6 come?
Edit(Jun.9):
They released PHP 5.6.0beta4 on June 5 UTC. This is the final beta version. They say their first Release Candidate should show up on the 19th of June. I don’t know how many RC shows up, but PHP 5.6.0 general availability will come anytime soon.
phpMyAdmin 4.2.0 is released. Here is the ChangeLog. I’ve updated.
I downloaded a phpMyAdmin-4.2.0-english.zip, extracted it, copied my old config.inc.php to the phpmyadmin folder made by extracting, and uploaded all of them to the server (See “To create a Wamp-like Web Server in Windows7-#3.“).
By the way, when I compared the new config.sample.inc.php with my old one(=Ver.4.1.x), I found two lines were lost and seven lines were added.
The lost lines.
At /* First server */ area
/* Select mysql if your server does not have mysqli */
$cfg[‘Servers’][$i][‘extension’] = ‘mysqli’;
Does this mean they don’t support mysql modules anymore? (I noticed ‘Added warning about the mysql extension being deprecated and removed the extension directive’ in the ChangeLog.)
The added lines.
At /* Storage database and tables */ area
// $cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
// $cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
As a new parameter of the configuration
/**
* Whether to display icons or text or both icons and text in table row
* action segment. Value can be either of ‘icons’, ‘text’ or ‘both’.
*/
//$cfg[‘RowActionType’] = ‘both’;
So, when I logged on the new phphmyadmin at the first time, I got “The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click here.”.
By a clicking, I got the next three alerts.
$cfg[‘Servers’][$i][‘savedsearches’] … not OK [ Documentation ]
Saving Query-By-Example searches: Disabled
I had instructions, too.
Quick steps to setup advanced features:
Create the needed tables with the examples/create_tables.sql.
Create a pma user and give access to these tables.
Enable advanced features in configuration file (config.inc.php), for example by starting from
config.sample.inc.php.
Re-login to phpMyAdmin to load the updated configuration file.
To create the tables with the examples/create_tables.sql or by your hand, it is your choice. Further information about this, see “Configuration storage“. As I already had the pma user, I created the two tables manually. Then, I edited nine lines above in my config.inc.php, and removed “//” from the head of the next lines.
$cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
$cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
I re-logined to phpMyAdmin to load the updated configuration file. Mission complete.