-
mysql-5.5 (5.5.47-0+deb7u1) wheezy-security; urgency=high
* Imported Upstream version 5.5.47 to fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- CVE-2016-0546 CVE-2016-0505 CVE-2016-0596 CVE-2016-0597 CVE-2016-0616
CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609
(Closes: #811428)
* fix-test-suite-failure-caused-by-arbitrary-date-in-the-future-patch is no
longer needed, as bug is fixed in new Upstream version
-- Lars Tangvald <email address hidden> Wed, 13 Jan 2016 12:53:26 +0100
-
mysql-5.5 (5.5.44-0+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Imported Upstream version 5.5.44 to fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- CVE-2015-4752 CVE-2015-4737 CVE-2015-2648 CVE-2015-2643 CVE-2015-2620
CVE-2015-2582
(Closes: #792445)
-- Salvatore Bonaccorso <email address hidden> Wed, 15 Jul 2015 22:01:14 +0200
-
mysql-5.5 (5.5.40-0+wheezy1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Imported Upstream version 5.5.40 to fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
(Closes: #765663)
-- Salvatore Bonaccorso <email address hidden> Sat, 18 Oct 2014 18:13:19 +0200
-
mysql-5.5 (5.5.38-0+wheezy1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Imported Upstream version 5.5.38 fo fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- CVE-2014-2494
- CVE-2014-4207
- CVE-2014-4258
- CVE-2014-4260
(Closes: #754941)
* Update copyright years for upstream files
-- Salvatore Bonaccorso <email address hidden> Sat, 19 Jul 2014 16:15:21 +0200
-
mysql-5.5 (5.5.37-0+wheezy1) wheezy-security; urgency=medium
* SECURITY UPDATE: Update to 5.5.37 to fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- CVE-2014-0001
- CVE-2014-0384
- CVE-2014-2419
- CVE-2014-2430
- CVE-2014-2431
- CVE-2014-2432
- CVE-2014-2436
- CVE-2014-2438
- CVE-2014-2440
-- James Page <email address hidden> Sat, 26 Apr 2014 18:43:56 +0100
-
mysql-5.5 (5.5.35+dfsg-0+wheezy1) wheezy-security; urgency=high
* SECURITY UPDATE: Update to 5.5.35 to fix security issues:
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- CVE-2013-5891
- CVE-2013-5908
- CVE-2014-0386
- CVE-2014-0393
- CVE-2014-0401
- CVE-2014-0402
- CVE-2014-0412
- CVE-2014-0420
- CVE-2014-0437
* d/p/debian/patches/33_scripts__mysql_create_system_tables__no_test.patch:
Refreshed against new point release.
* d/p/50_mysql-test__db_test.patch,
d/p/62_disable_tests.patch:
Rework patches to enable plugin_auth, plugin_auth_qa_1 and plugin_auth_qa_2
tests disable in 5.5.33+dfsg-0+wheezy1.
* d/p/73_fix_rpl_deadlock_innodb_test.patch: Dropped - no longer required for
this point release.
* d/control: Update VCS fields for new git location.
-- James Page <email address hidden> Mon, 20 Jan 2014 11:13:56 +0000
-
mysql-5.5 (5.5.33+dfsg-0+wheezy1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Imported Upstream version 5.5.33+dfsg
- Fixes: CVE-2013-5807 CVE-2013-3839 CVE-2013-3812 CVE-2013-3809
CVE-2013-3804 CVE-2013-3802 CVE-2013-3793 CVE-2013-3783 CVE-2013-1861
* Update copyright years for upstream files
* Add patches to disable the test database and anonymous access
d/p/33_scripts__mysql_create_system_tables__no_test.patch,
d/p/41_scripts__mysql_install_db.sh__no_test.patch,
d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1 package,
inadvertently dropped in 5.5 transition. This removes the global
anonymous access to the database which is a security concern.
* CVE-2013-2162: Insecure creation of the credential file debian.cnf.
Set umask to 066 before creating debian.cnf file. (Closes: #711600)
(LP: #1185573)
* Add 73_fix_rpl_deadlock_innodb_test.patch.
Fixes failing rpl.rpl_deadlock_innodb test by ignoring warnings.
* Disable more test after dropping the test databases
plugin_auth, plugin_auth_qa_1 and plugin_auth_qa_2 fail as they need to
operate on test_ databases. Some adaption to either the tests or
50_mysql-test__db_test.patch might be further needed.
* Add NEWS file to document changes needed to existing databases
-- Salvatore Bonaccorso <email address hidden> Sat, 14 Dec 2013 22:29:18 +0100
-
mysql-5.5 (5.5.31+dfsg-0+wheezy1) stable-security; urgency=high
* New upstream release.
SECURITY UPDATE: CVE-2013-2375 CVE-2013-1544 CVE-2013-1532
CVE-2013-2389 CVE-2013-2392 CVE-2013-2376 CVE-2013-1511
CVE-2013-2391 CVE-2013-1502
- Patches refreshed.
- d/p/yassl.patch - dropped, applied upstream
- d/p/debian-mdev382-fixup.patch: dropped, fixed upstream.
* d/control: Updating Vcs-* fields to point at wheezy branch.
-- Clint Byrum <email address hidden> Wed, 08 May 2013 21:33:08 -0700
-
mysql-5.5 (5.5.30+dfsg-1.1) unstable; urgency=low
* Non-maintainer upload.
* d/p/yassl.patch - patch for CVE-2013-0169 (Closes: #699886)
-- Michael Stapelberg <email address hidden> Sun, 14 Apr 2013 12:45:53 +0200
-
mysql-5.5 (5.5.30+dfsg-1) unstable; urgency=low
* New upstream release.
* d/p/debian-mdev382-fixup.patch - patch from MariaDB, Thanks
Kristian Nielsen. resolves CVE-2012-4414 (Closes: #698068)
-- Clint Byrum <email address hidden> Sun, 24 Mar 2013 16:22:56 -0700
-
mysql-5.5 (5.5.28+dfsg-1) unstable; urgency=low
* New upstream release (resolves CVE-2012-3163, CVE-2012-3158, CVE-2012-3177,
CVE-2012-3147, CVE-2012-3166, CVE-2012-3173, CVE-2012-3144, CVE-2012-3150,
CVE-2012-3180, CVE-2012-3149, CVE-2012-3156, CVE-2012-3167, CVE-2012-3197,
CVE-2012-3160) (Closes: #690778)
* Removed debian/patches/73_mysqlcheck_tests.patch and
debian/patches/2_main_openssl_1.patch as they did not apply cleanly and did
not seem to be required any longer
* Refreshed patches and updated headers:
- debian/patches/73_mysqlcheck_tests.patch
- debian/patches/94_spelling.patch
- debian/patches/70_mysql_va_list.patch
-- Nicholas Bamber <email address hidden> Sun, 28 Oct 2012 09:22:24 +0000
-
mysql-5.5 (5.5.24+dfsg-9) unstable; urgency=low
* Danish debconf translation (Closes: #684566)
* Turkish debconf translation (Closes: #688294)
* Loosened versioned dependency between mysql-server-5.5 and
mysql-server-core-5.5, hopefully (Closes: #686803)
* Restored zlib1g-dev (>= 1:1.1.3-5) as a build dependency
and made the use of system libz explicit in debian/rules
-- Nicholas Bamber <email address hidden> Sat, 22 Sep 2012 15:01:11 +0100
-
mysql-5.5 (5.5.24+dfsg-8) unstable; urgency=low
* Updated debian/copyright after analysis from development version
of license-reconcile (Closes: #682311)
- 'Comments' field to corrected to 'Comment'
- Missing paragraphs for '*', 'debian/*' and for the mysqlreport
and innotop scripts
- Removed duplicate entries from Files listings
- Added clause for files licensed under BSD (4-clause)
- Clarified 'BSD (3 clause) GPL-2' as being 'BSD (3 clause) or GPL-2'
* Updated Slovak debconf translation (Closes: #684644)
-- Nicholas Bamber <email address hidden> Tue, 04 Sep 2012 06:56:24 +0100
-
mysql-5.5 (5.5.24+dfsg-7) unstable; urgency=low
* Updated Turkish debconf translation (Closes: #683733)
* Use xz compression for binary packages (Closes: #684146)
-- Nicholas Bamber <email address hidden> Sat, 11 Aug 2012 21:02:27 +0100
-
mysql-5.5 (5.5.24+dfsg-6) unstable; urgency=low
* Updated Czech debconf translation (Closes: #681711)
-- Nicholas Bamber <email address hidden> Sun, 29 Jul 2012 13:04:46 +0100
-
mysql-5.5 (5.5.24+dfsg-5) unstable; urgency=medium
* Spanish debconf translation (Closes: #679053)
-- Nicholas Bamber <email address hidden> Sat, 14 Jul 2012 13:36:13 +0100
-
mysql-5.5 (5.5.24+dfsg-4) unstable; urgency=low
* Made DFSG repacking mechanism independent of local installs, improved
the documentation and added debian/README.source
* Setting the gcc/g++ version to 4.4 on i386 platforms and removed
patch disabling tests (Closes: #674267) but see #678252 for follow
up from upstream
* Danish debconf translation (Closes: #599483)
-- Nicholas Bamber <email address hidden> Thu, 21 Jun 2012 13:36:40 +0100
-
mysql-5.5 (5.5.24+dfsg-3) unstable; urgency=high
* Added versioned dependency on initscripts and revert /var/run
to /run change (Closes: #676560)
-- Nicholas Bamber <email address hidden> Thu, 07 Jun 2012 23:29:32 +0100
-
mysql-5.5 (5.5.24+dfsg-2) unstable; urgency=low
* Really bumped the version in shlibs
-- Nicholas Bamber <email address hidden> Mon, 04 Jun 2012 23:03:35 +0100
-
mysql-5.5 (5.5.23+dfsg-2) unstable; urgency=low
* Fixing regular expression in tests to guard against build path containing
the '+' symbol (Closes: #674210)
* Disabled certain SSL tests pending investigation (cf. #674267)
* Updated French translation (Closes: #674025)
* Updated Dutch translation (Closes: #674124)
* Updated Russian translation (Closes: #674189)
-- Nicholas Bamber <email address hidden> Fri, 25 May 2012 23:38:16 +0100