Debian
mysql-5.5 package

Change logs for mysql-5.5 source package in Wheezy

  1. Wheezy (7.0)
  2. Change log 
  • mysql-5.5 (5.5.47-0+deb7u1) wheezy-security; urgency=high

  * Imported Upstream version 5.5.47 to fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
    - CVE-2016-0546 CVE-2016-0505 CVE-2016-0596 CVE-2016-0597 CVE-2016-0616
      CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609
    (Closes: #811428)
  * fix-test-suite-failure-caused-by-arbitrary-date-in-the-future-patch is no
    longer needed, as bug is fixed in new Upstream version

 -- Lars Tangvald <email address hidden>  Wed, 13 Jan 2016 12:53:26 +0100
  • mysql-5.5 (5.5.44-0+deb7u1) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Imported Upstream version 5.5.44 to fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
    - CVE-2015-4752 CVE-2015-4737 CVE-2015-2648 CVE-2015-2643 CVE-2015-2620
      CVE-2015-2582
    (Closes: #792445)

 -- Salvatore Bonaccorso <email address hidden>  Wed, 15 Jul 2015 22:01:14 +0200
  • mysql-5.5 (5.5.40-0+wheezy1) wheezy-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Imported Upstream version 5.5.40 to fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
    - CVE-2012-5615, CVE-2014-4274, CVE-2014-4287, CVE-2014-6463,
      CVE-2014-6464, CVE-2014-6469, CVE-2014-6478, CVE-2014-6484,
      CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496,
      CVE-2014-6500, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520,
      CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559
    (Closes: #765663)

 -- Salvatore Bonaccorso <email address hidden>  Sat, 18 Oct 2014 18:13:19 +0200
  • mysql-5.5 (5.5.38-0+wheezy1) wheezy-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Imported Upstream version 5.5.38 fo fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
    - CVE-2014-2494
    - CVE-2014-4207
    - CVE-2014-4258
    - CVE-2014-4260
   (Closes: #754941)
  * Update copyright years for upstream files

 -- Salvatore Bonaccorso <email address hidden>  Sat, 19 Jul 2014 16:15:21 +0200
  • mysql-5.5 (5.5.37-0+wheezy1) wheezy-security; urgency=medium


  * SECURITY UPDATE: Update to 5.5.37 to fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440

 -- James Page <email address hidden>  Sat, 26 Apr 2014 18:43:56 +0100
  • mysql-5.5 (5.5.35+dfsg-0+wheezy1) wheezy-security; urgency=high


  * SECURITY UPDATE: Update to 5.5.35 to fix security issues:
    - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
    - CVE-2013-5891
    - CVE-2013-5908
    - CVE-2014-0386
    - CVE-2014-0393
    - CVE-2014-0401
    - CVE-2014-0402
    - CVE-2014-0412
    - CVE-2014-0420
    - CVE-2014-0437
  * d/p/debian/patches/33_scripts__mysql_create_system_tables__no_test.patch:
    Refreshed against new point release.
  * d/p/50_mysql-test__db_test.patch,
    d/p/62_disable_tests.patch: 
    Rework patches to enable plugin_auth, plugin_auth_qa_1 and plugin_auth_qa_2
    tests disable in 5.5.33+dfsg-0+wheezy1.
  * d/p/73_fix_rpl_deadlock_innodb_test.patch: Dropped - no longer required for
    this point release.
  * d/control: Update VCS fields for new git location.

 -- James Page <email address hidden>  Mon, 20 Jan 2014 11:13:56 +0000
  • mysql-5.5 (5.5.33+dfsg-0+wheezy1) wheezy-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Imported Upstream version 5.5.33+dfsg
    - Fixes: CVE-2013-5807 CVE-2013-3839 CVE-2013-3812 CVE-2013-3809
      CVE-2013-3804 CVE-2013-3802 CVE-2013-3793 CVE-2013-3783 CVE-2013-1861
  * Update copyright years for upstream files
  * Add patches to disable the test database and anonymous access
    d/p/33_scripts__mysql_create_system_tables__no_test.patch,
    d/p/41_scripts__mysql_install_db.sh__no_test.patch,
    d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1 package,
    inadvertently dropped in 5.5 transition. This removes the global
    anonymous access to the database which is a security concern.
  * CVE-2013-2162: Insecure creation of the credential file debian.cnf.
    Set umask to 066 before creating debian.cnf file. (Closes: #711600)
    (LP: #1185573)
  * Add 73_fix_rpl_deadlock_innodb_test.patch.
    Fixes failing rpl.rpl_deadlock_innodb test by ignoring warnings.
  * Disable more test after dropping the test databases
    plugin_auth, plugin_auth_qa_1 and plugin_auth_qa_2 fail as they need to
    operate on test_ databases. Some adaption to either the tests or
    50_mysql-test__db_test.patch might be further needed.
  * Add NEWS file to document changes needed to existing databases

 -- Salvatore Bonaccorso <email address hidden>  Sat, 14 Dec 2013 22:29:18 +0100
  • mysql-5.5 (5.5.31+dfsg-0+wheezy1) stable-security; urgency=high


  * New upstream release.
    SECURITY UPDATE: CVE-2013-2375 CVE-2013-1544 CVE-2013-1532
    CVE-2013-2389 CVE-2013-2392 CVE-2013-2376 CVE-2013-1511
    CVE-2013-2391 CVE-2013-1502
    - Patches refreshed.
    - d/p/yassl.patch - dropped, applied upstream
    - d/p/debian-mdev382-fixup.patch: dropped, fixed upstream.
  * d/control: Updating Vcs-* fields to point at wheezy branch.

 -- Clint Byrum <email address hidden>  Wed, 08 May 2013 21:33:08 -0700
  • mysql-5.5 (5.5.30+dfsg-1.1) unstable; urgency=low


  * Non-maintainer upload.
  * d/p/yassl.patch - patch for CVE-2013-0169 (Closes: #699886)

 -- Michael Stapelberg <email address hidden>  Sun, 14 Apr 2013 12:45:53 +0200
  • mysql-5.5 (5.5.30+dfsg-1) unstable; urgency=low


  * New upstream release.
  * d/p/debian-mdev382-fixup.patch - patch from MariaDB, Thanks
    Kristian Nielsen. resolves  CVE-2012-4414 (Closes: #698068)

 -- Clint Byrum <email address hidden>  Sun, 24 Mar 2013 16:22:56 -0700
  • mysql-5.5 (5.5.28+dfsg-1) unstable; urgency=low


  * New upstream release (resolves CVE-2012-3163, CVE-2012-3158, CVE-2012-3177,
    CVE-2012-3147, CVE-2012-3166, CVE-2012-3173, CVE-2012-3144, CVE-2012-3150,
    CVE-2012-3180, CVE-2012-3149, CVE-2012-3156, CVE-2012-3167, CVE-2012-3197,
    CVE-2012-3160) (Closes: #690778)
  * Removed debian/patches/73_mysqlcheck_tests.patch and
    debian/patches/2_main_openssl_1.patch as they did not apply cleanly and did
    not seem to be required any longer
  * Refreshed patches and updated headers:
    - debian/patches/73_mysqlcheck_tests.patch
    - debian/patches/94_spelling.patch
    - debian/patches/70_mysql_va_list.patch

 -- Nicholas Bamber <email address hidden>  Sun, 28 Oct 2012 09:22:24 +0000
  • mysql-5.5 (5.5.24+dfsg-9) unstable; urgency=low


  * Danish debconf translation (Closes: #684566)
  * Turkish debconf translation (Closes: #688294)
  * Loosened versioned dependency between mysql-server-5.5 and
    mysql-server-core-5.5, hopefully (Closes: #686803)
  * Restored zlib1g-dev (>= 1:1.1.3-5) as a build dependency
    and made the use of system libz explicit in debian/rules

 -- Nicholas Bamber <email address hidden>  Sat, 22 Sep 2012 15:01:11 +0100
  • mysql-5.5 (5.5.24+dfsg-8) unstable; urgency=low


  * Updated debian/copyright after analysis from development version
    of license-reconcile (Closes: #682311)
    - 'Comments' field to corrected to 'Comment'
    - Missing paragraphs for '*', 'debian/*' and for the mysqlreport
      and innotop scripts
    - Removed duplicate entries from Files listings
    - Added clause for files licensed under BSD (4-clause)
    - Clarified 'BSD (3 clause) GPL-2' as being 'BSD (3 clause) or GPL-2'
  * Updated Slovak debconf translation (Closes: #684644)

 -- Nicholas Bamber <email address hidden>  Tue, 04 Sep 2012 06:56:24 +0100
  • mysql-5.5 (5.5.24+dfsg-7) unstable; urgency=low


  * Updated Turkish debconf translation (Closes: #683733)
  * Use xz compression for binary packages (Closes: #684146)

 -- Nicholas Bamber <email address hidden>  Sat, 11 Aug 2012 21:02:27 +0100
  • mysql-5.5 (5.5.24+dfsg-6) unstable; urgency=low


  * Updated Czech debconf translation (Closes: #681711)

 -- Nicholas Bamber <email address hidden>  Sun, 29 Jul 2012 13:04:46 +0100
  • mysql-5.5 (5.5.24+dfsg-5) unstable; urgency=medium


  * Spanish debconf translation (Closes: #679053)

 -- Nicholas Bamber <email address hidden>  Sat, 14 Jul 2012 13:36:13 +0100
  • mysql-5.5 (5.5.24+dfsg-4) unstable; urgency=low


  * Made DFSG repacking mechanism independent of local installs, improved
    the documentation and added debian/README.source
  * Setting the gcc/g++ version to 4.4 on i386 platforms and removed
    patch disabling tests (Closes: #674267) but see #678252 for follow
    up from upstream
  * Danish debconf translation (Closes: #599483)

 -- Nicholas Bamber <email address hidden>  Thu, 21 Jun 2012 13:36:40 +0100
  • mysql-5.5 (5.5.24+dfsg-3) unstable; urgency=high


  * Added versioned dependency on initscripts and revert /var/run
    to /run change (Closes: #676560)

 -- Nicholas Bamber <email address hidden>  Thu, 07 Jun 2012 23:29:32 +0100
  • mysql-5.5 (5.5.24+dfsg-2) unstable; urgency=low


  * Really bumped the version in shlibs

 -- Nicholas Bamber <email address hidden>  Mon, 04 Jun 2012 23:03:35 +0100
  • mysql-5.5 (5.5.23+dfsg-2) unstable; urgency=low


  * Fixing regular expression in tests to guard against build path containing
    the '+' symbol (Closes: #674210)
  * Disabled certain SSL tests pending investigation (cf. #674267)
  * Updated French translation (Closes: #674025)
  * Updated Dutch translation (Closes: #674124)
  * Updated Russian translation (Closes: #674189)

 -- Nicholas Bamber <email address hidden>  Fri, 25 May 2012 23:38:16 +0100