--- mysql-dfsg-5.0-5.0.22.orig/debian/mysql-server-5.0.preinst +++ mysql-dfsg-5.0-5.0.22/debian/mysql-server-5.0.preinst @@ -0,0 +1,164 @@ +#!/bin/bash -e +# +# summary of how this script can be called: +# * install +# * install +# * upgrade +# * abort-upgrade +# + +. /usr/share/debconf/confmodule + +if [ -n "$DEBIAN_SCRIPT_DEBUG" ]; then set -v -x; DEBIAN_SCRIPT_TRACE=1; fi +${DEBIAN_SCRIPT_TRACE:+ echo "#42#DEBUG# RUNNING $0 $*" 1>&2 } + +export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin +MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" +DATADIR=/var/lib/mysql +LOGDIR=/var/log/mysql +UPGRADEDIR=/var/lib/mysql-upgrade + +# Try to stop the server in a sane way. If it does not success let the admin +# do it himself. No database directories should be removed while the server +# is running! Another mysqld in e.g. a different chroot is fine for us. +stop_server() { + if [ ! -x /etc/init.d/mysql ]; then return; fi + + set +e + if [ -x /usr/sbin/invoke-rc.d ]; then + cmd="invoke-rc.d mysql stop" + else + cmd="/etc/init.d/mysql stop" + fi + $cmd + errno=$? + set -e + + # 0=ok, 100=no init script (fresh install) + if [ "$errno" != 0 -a "$errno" != 100 ]; then + echo "${cmd/ */} returned $errno" 1>&2 + echo "There is a MySQL server running, but we failed in our attempts to stop it." 1>&2 + echo "Stop it yourself and try again!" 1>&2 + db_stop + exit 1 + fi +} + +################################ main() ########################## + +this_version=5.0 + +# Abort if old ISAM tables are present. +if [ -n "`find /var/lib/mysql -name '*.ISM' 2>/dev/null`" ]; then + db_fset mysql-server-5.0/no_upgrade_with_isam_tables seen false || true + db_input high mysql-server-5.0/no_upgrade_with_isam_tables || true + db_go + db_stop + exit 1 +fi + +# Safe the user from stupidities. +show_downgrade_warning=0 +for i in `ls $DATADIR/debian-*.flag 2>/dev/null`; do + found_version=`echo $i | sed 's/.*debian-\([0-9\.]\+\).flag/\1/'` + if dpkg --compare-versions "$this_version" '<<' "$found_version"; then + show_downgrade_warning=1 + break; + fi +done +if [ "$show_downgrade_warning" = 1 ]; then + db_fset mysql-server-$this_version/really_downgrade seen false || true + db_input medium mysql-server-$this_version/really_downgrade || true + db_go + db_get mysql-server-$this_version/really_downgrade || true + if [ "$RET" = "true" ]; then + rm -f $DATADIR/debian-*.flag + touch $DATADIR/debian-$this_version.flag + else + echo "Aborting downgrade from (at least) $found_version to $this_version." 1>&2 + db_stop + exit 1 + fi +fi + +# to be sure +stop_server + +# If we use NIS then errors should be tolerated. It's up to the +# user to ensure that the mysql user is correctly setup. +# Beware that there are two ypwhich one of them needs the 2>/dev/null! +if test -n "`which ypwhich 2>/dev/null`" && ypwhich >/dev/null 2>&1; then + set +e +fi + +# +# Now we have to ensure the following state: +# /etc/passwd: mysql:x:100:101:MySQL Server:/var/lib/mysql:/bin/false +# /etc/group: mysql:x:101: +# +# Sadly there could any state be present on the system so we have to +# modify everything carefully i.e. not doing a chown before creating +# the user etc... +# + +# creating mysql group if he isn't already there +if ! getent group mysql >/dev/null; then + # Adding system group: mysql. + addgroup --system mysql >/dev/null +fi + +# creating mysql user if he isn't already there +if ! getent passwd mysql >/dev/null; then + # Adding system user: mysql. + adduser \ + --system \ + --ingroup mysql \ + --home $DATADIR \ + --gecos "MySQL Server" \ + --shell /bin/false \ + mysql >/dev/null +fi + +# end of NIS tolerance zone +set -e + +# if there's a symlink, let's store where it's pointing, because otherwise +# it's going to be lost in some situations +for dir in DATADIR LOGDIR; do + checkdir=`eval echo "$"$dir` + if [ -L "$checkdir" ]; then + mkdir -p "$UPGRADEDIR" + cp -d "$checkdir" "$UPGRADEDIR/$dir.link" + fi +done + +# creating mysql home directory +if [ ! -d $DATADIR -a ! -L $DATADIR ]; then + mkdir $DATADIR +fi + +# checking disc space +if LC_ALL=C BLOCKSIZE= df --portability $DATADIR/. | tail -n 1 | awk '{ exit ($4>1000) }'; then + echo "ERROR: There's not enough space in $DATADIR/" 1>&2 + db_stop + exit 1 +fi + +# Since the home directory was created before putting the user into +# the mysql group and moreover we cannot guarantee that the +# permissions were correctly *before* calling this script, we fix them now. +# In case we use NIS and no mysql user is present then this script should +# better fail now than later.. +# The "set +e" is necessary as e.g. a ".journal" of a ext3 partition is +# not chgrp'able (#318435). +set +e +chown mysql:mysql $DATADIR +find $DATADIR -follow -not -group mysql -print0 2>/dev/null \ + | xargs -0 --no-run-if-empty chgrp mysql +set -e + +db_stop + +#DEBHELPER# + +exit 0 --- mysql-dfsg-5.0-5.0.22.orig/debian/copyright.more +++ mysql-dfsg-5.0-5.0.22/debian/copyright.more @@ -0,0 +1,60 @@ +# +# Some random bits of interest. +# + +# +# Arjen about OpenSSL +# +http://bugs.mysql.com/?id=6924 +Updated by: Arjen Lentz +Date: 2005-11-05 + +Linking with the client library is covered by the FLOSS exception which +includes OpenSSL now. So that's clean. Indeed, the OpenSSL is not +compliant with the FSF free software guidelines, however it *is* +compliant with the OSI guidelines. And that's good enough for us. +Christian is correct in saying that the author of a GPL app that links +with MySQL may find themselves in a licensing headache (or may not +realize that OpenSSL is involved) but that is their responsibility. +The MySQL client can be linked with a number of other licenses, it +would not be feasible for MySQL to take over the responsibility for +"the next level" of how combinations of licenses work out. There are +too many possibilities, and combinations of more just 2 licenses. + + +# +# Steve Langasek about OpenSSL vs libmysqlclient +# +Subject: Bug#291945: eleventh-hour transition for mysql-using packages related to apache +Date: Sat, 12 Feb 2005 00:39:58 -0800 +From: Steve Langasek + +> > > > that's great to hear! i'm cc'ing the relevant wishlist bug i have open +> > > > against mysql-server. christian: any chance of getting an openssl enabled +> > > > version of the mysql-client and mysql-server packages? + +> > > Yes, I will re-enable openssl in the next upload. + +> > Please make sure this does not introduce an openssl dependency to +> > libmysqlclient itself; just because MySQL AB have granted a license +> > exception for OpenSSL does not mean everyone who links to libmysqlclient +> > has done so. + +> > I know of at least one GPL-without-exception package that is now using +> > libmysqlclient12 in Debian. + +> Nice, so we should check that any linked GPL library directly (obviuolsy) or +> indirectly (with N=1,2,3... levels of indirection) linked against +> openssl adds the exception. + +No, we should simply not be linking libmysqlclient against OpenSSL. The +exemption was needed because there exists software that uses both +libmysqlclient and libssl, but making libmysqlclient itself use libssl just +because we now have the exemption will cause licensing problems for +applications which currently do *not* depend on libssl. + +> This is a great reason to move asap all possible programs to gnutls, +> indeed. + +There are plenty of reasons to move software to gnutls, but doing so is +non-trivial. --- mysql-dfsg-5.0-5.0.22.orig/debian/watch +++ mysql-dfsg-5.0-5.0.22/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts="uversionmangle=s/-(rc|beta)/$1/" \ + ftp://sunsite.informatik.rwth-aachen.de/pub/mirror/www.mysql.com/Downloads/MySQL-5.0/mysql-([\d\.]*(?:-beta|-rc)?).tar.gz debian --- mysql-dfsg-5.0-5.0.22.orig/debian/mysql-server-5.0.logcheck.ignore.paranoid +++ mysql-dfsg-5.0-5.0.22/debian/mysql-server-5.0.logcheck.ignore.paranoid @@ -0,0 +1,9 @@ +/etc/init.d/mysql\[[0-9]+\]: Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists\!$ +/etc/init.d/mysql\[[0-9]+\]: '/usr/bin/mysqladmin --defaults-(extra-)?file=/etc/mysql/debian.cnf ping' resulted in$ +/etc/mysql/debian-start\[[0-9]+\]: Checking for crashed MySQL tables\.$ +mysqld\[[0-9]+\]: $ +mysqld\[[0-9]+\]: Version: .* socket: '/var/run/mysqld/mysqld.sock' port: 3306$ +mysqld\[[0-9]+\]: Warning: Ignoring user change to 'mysql' because the user was set to 'mysql' earlier on the command line$ +mysqld_safe\[[0-9]+\]: started$ +usermod\[[0-9]+\]: change user `mysql' GID from `([0-9]+)' to `\1'$ +usermod\[[0-9]+\]: change user `mysql' shell from `/bin/false' to `/bin/false'$ --- mysql-dfsg-5.0-5.0.22.orig/debian/changelog +++ mysql-dfsg-5.0-5.0.22/debian/changelog @@ -0,0 +1,2949 @@ +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.10) dapper-proposed; urgency=low + + * RELIABILITY UPDATE: fix for upstream bug #20908 + * debian/patches/105_upstream_20908.dpatch: fix MYSQLlex() in sql_lex.cc + to ABORT_SYM on zero-length variable names + * References + LP: #217772 + http://bugs.mysql.com/bug.php?id=20908 + + -- Jamie Strandboge Tue, 15 Apr 2008 16:28:38 -0400 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.9) dapper-security; urgency=low + + * Fix for upstream bug #20482: Creation of a view as a join of views or + tables could fail if the views or tables are in different databases. This + bug was introduced in the update for CVE-2007-2692, which had more + restrictive privilege checks. (LP: #209699) + + -- Jamie Strandboge Tue, 01 Apr 2008 13:03:24 -0400 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.8) dapper-security; urgency=low + + * no change build for -security upload + + -- Jamie Strandboge Wed, 19 Mar 2008 15:15:01 -0400 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.7) dapper-proposed; urgency=low + + * SECURITY UPDATE: buffer overflow via ProcessOldClientHello() in + handshake.cpp and input_buffer& operator>> in yassl_imp.cpp + * SECURITY UPDATE: buffer overread in HASHwithTransform::Update in hash.cpp + * debian/patches/99_SECURITY_CVE-2008-0226_0227.dpatch: properly verify + length of input (LP: #186978). Note that while this patch is included, + mysql on Ubuntu 6.06 is not compiled with yassl enabled. + * SECURITY UPDATE: privilege escalation via crafted CREATE SQL SECURITY + DEFINER VIEW and ALTER VIEW statements + * debian/patches/100_SECURITY_CVE-2007-6303.dpatch: make sure lex->definer + is non-NULL in sql_view.cc (LP: #185039). This patch also fixes upstream + bug #21080, which was needed to keep VIEW definitions in sync. + * SECURITY UPDATE: denial of service via crafted EXPLAIN SELECT FROM on the + INFORMATION_SCHEMA table + * debian/patches/101_SECURITY_CVE-2006-7232.dpatch: make sure + thd->lex-describe is non-NULL in sql_select.cc (LP: #161127) + * debian/patches/102_view_fix-now.dpatch: update view.test and view.result to + use a static year instead of now(). These tests are not part of the build + but helps with qa-regression-testing + * SECURITY UPDATE: privilege escalation via SQL SECURITY INVOKER stored + routines + * debian/patches/103_SECURITY_CVE-2007-2692.dpatch: restore THD::db_access + when returning from stored routine by performing privilege checks in the + execution stage rather than the parsing stage. This patch also fixes + upstream bug #18681, which was needed to properly check view security. + * References + CVE-2008-0226 + CVE-2008-0227 + CVE-2007-6303 + CVE-2006-7232 + CVE-2007-2692 + http://bugs.mysql.com/bug.php?id=27337 + http://bugs.mysql.com/bug.php?id=18681 + http://bugs.mysql.com/bug.php?id=21080 + + -- Jamie Strandboge Thu, 06 Mar 2008 07:53:05 -0500 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.6) dapper-security; urgency=low + + * SECURITY UPDATE: denial of service via crafted CONTAINS operation when + using InnoDB + * debian/patches/98_SECURITY_CVE-2007-5925.dpatch: make sure innodb returns + error on unsupported operations (db0err.h, page0cur.h, ha_innodb.cc). Also + updated mysqld_error.h, mysqld_ername.h and errmsg.txt for the new + returned error + * SECURITY UPDATE: privilege escalation using symlinks when using DATA + DIRECTORY and INDEX DIRECTORY options via a RENAME TABLE statement + * debian/patches/98_SECURITY_CVE-2007-5969.dpatch: fix for my_symlink2.c to + properly check symlinks when performing a rename operation + * SECURITY UPDATE: denial of service via SHOW TABLE STATUS query in + federated engine + * debian/patches/98_SECURITY_CVE-2007-6304.dpatch: fix for ha_federated.cc + to to return error if the response doesn't have enough columns + * SECURITY UPDATE: information disclosure when using CREATE TABLE LIKE + statements + * debian/patches/98_SECURITY_CVE-2007-3781.dpatch: fix to enforce access + privileges (sql_parse.cc, handler.h, sql_yacc.yy) + * debian/control: Build-Depends on bison + * References + CVE-2007-5925 + CVE-2007-5969 + CVE-2007-6304 + CVE-2007-3781 + LP #172260 + + -- Jamie Strandboge Wed, 19 Dec 2007 12:52:42 -0500 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.5) dapper-security; urgency=low + + * SECURITY UPDATE: denial of service via crafted IF clause + * debian/patches/SECURITY_CVE-2007-2583.dpatch: fix sql/item_cmpfunc.cc + to verify res is not NULL + * SECURITY UPDATE: privilege escalation + * debian/patches/SECURITY_CVE-2007-2691.dpatch: fix sql/sql_parse.cc to + make sure DROP privileges are required when using RENAME TABLE + statements + * SECURITY UPDATE: denial of service via crafted authentication + request + * debian/patches/SECURITY_CVE-2007-3780.dpatch: fix sql/sql_parse.cc to + not overflow a signed char + * SECURITY UPDATE: privilege escalation via views + * debian/patches/SECURITY_CVE-2007-3782.dpatch: fix sql/sql_prepare.cc + and sql/sql_update.cc to properly verify access privileges to + external tables + * SECURITY UPDATE: warn on startup if root mysql account has a blank + password. debian/mysql-server-5.0.mysql.init: supply 'reset-password' and + check for blank password. Based on work by Soren Hansen. + * References + CVE-2007-2583 + CVE-2007-2691 + CVE-2007-3780 + CVE-2007-3782 + Launchpad #119075 + + -- Jamie Strandboge Tue, 2 Oct 2007 14:46:02 -0400 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.3) dapper-security; urgency=low + + * SECURITY UPDATE: denial of service via subselects. + * debian/patches/46_CVE-2007-1420_subselect_dos.dpatch: backported from + Debain upstream. + * debian/rules: disabled debconf-updatepo for security update. + * References + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414790 + CVE-2007-1420 + + -- Kees Cook Thu, 15 Mar 2007 16:59:46 -0700 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.2) dapper-security; urgency=low + + * Fix CVE number in previous changelog and dpatch name. + + -- Martin Pitt Tue, 5 Sep 2006 10:35:26 +0200 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.1) dapper-security; urgency=low + + * SECURITY UPDATE: Privilege escalation. + * Add debian/patches/SECURITY_CVE-2006-4031.dpatch: + - Add --{skip-}merge options to disable the MERGE engine. + - This closes a potential pitfall when an user creates a merge table, and + the admin revokes privileges to the original table without revoking + privs to the merged table, too. + - Patch ported from upstream BK commit. + - References: + CVE-2006-4031 + http://bugs.mysql.com/bug.php?id=15195 + * Note: This version is not vulnerable against the case sensitive database + name comparison bug [CVE-2006-4226]. + * Add debian/patches/SECURITY_CVE-2006-4227.dpatch: + - Routine arguments were evaluated in the security context of the routine + itself, not in the caller's context. This could be exploited for + privilege escalation in setuid functions. + - Patch ported from Debian's 5.0.24-3 upload. + - References: + CVE-2006-4227 + http://bugs.mysql.com/bug.php?id=18630 + + -- Martin Pitt Mon, 4 Sep 2006 14:37:59 +0000 + +mysql-dfsg-5.0 (5.0.22-0ubuntu6.06) dapper-security; urgency=low + + * SECURITY UPDATE: Bring in a new upstream release to resolve a SQL + injection vulnerability with multibyte encodings (CVE-2006-2753) + * This upload is based on Debian's 5.0.22-2 to also pull in a fix + for a critical bug in the postinst with an existing config file. + + -- Adam Conrad Fri, 16 Jun 2006 21:09:53 +1000 + +mysql-dfsg-5.0 (5.0.22-2) unstable; urgency=high + + * Fixed debian-sys-maint related bug in postinst (thanks to + Jean-Christophe Dubacq). Closes: #369970 + * The last upload was a security patch (which I did not know as I + uploaded before the announcement came). I now added the CVE id for + reference and set urgency to high as the last entry did not. + + -- Christian Hammers Wed, 31 May 2006 01:04:11 +0200 + +mysql-dfsg-5.0 (5.0.22-1) unstable; urgency=low + + * SECURITY: This upstream release fixes an SQL-injection with multibyte + encoding problem. (CVE-2006-2753) + * New upstream release. + * Upstream fixes REPAIR TABLE problem. Closes: #354300 + * Upstream fixes problem that empty strings in varchar and text columns + are displayed as NULL. Closes: #368663 + + -- Christian Hammers Tue, 30 May 2006 23:43:24 +0200 + +mysql-dfsg-5.0 (5.0.21-3ubuntu1) dapper; urgency=low + + * Redirect mysql_upgrade output to syslog, instead of littering the + console, which appears to royally mess up debconf when I'm unlucky. + * Merge with Debian's pending 5.0.21-4 release to get new debconf + translations and the BLOCKSIZE fix for the free disk space check. + + -- Adam Conrad Tue, 23 May 2006 20:56:35 +1000 + +mysql-dfsg-5.0 (5.0.21-4) unstable; urgency=low + + * Added "BLOCKSIZE=" to the diskfree check (thanks to Farzad FARID). + Closes: #367027, #367083 + * Further fixed mysql_upgrade upstream script (thanks to Andreas Pakulat) + Closes: #366155 + * Adjusted the /proc test in debian/rules from /proc/1 to /proc/self + to make building on grsec systems possible (thanks to K. Rosenegger). + Closes: #366824 + * Updated Russion Debconf translation (thanks to Yuriy Talakan). + Closes: #367141 + * Updated Czech Debconf translation (thanks to Kiroslav Kure). + Closes: #367160 + * Updated Galician Debconf translation (thanks to Jacobo Tarrio). + Closes: #367384 + * Updated Swedish Debconf translation (thanks to Daniel Nylander). + Closes: #368186 + + -- Christian Hammers Wed, 10 May 2006 08:45:42 +0200 + +mysql-dfsg-5.0 (5.0.21-3) unstable; urgency=low + + * Fixed FTBFS problem which was caused by a patch that modifies Makefile.am + as well as Makefile.in and was not deteced because my desktop was fast + enough to patch both files within the same second and so fooled automake. + (thanks to Blars Blarson for notifying me). Closes: #366534 + + -- Christian Hammers Sat, 6 May 2006 19:03:58 +0200 + +mysql-dfsg-5.0 (5.0.21-2) unstable; urgency=low + + * Fixed bug in postinst that did not correctly rewrite + /etc/mysql/debian.cnf (thanks to Daniel Leidert). + Closes: #365433, #366155 + + -- Christian Hammers Thu, 4 May 2006 02:37:03 +0200 + +mysql-dfsg-5.0 (5.0.21-1) unstable; urgency=high + + * SECURITY: New upstream release with some security relevant bugfixes: + * "Buffer over-read in check_connection with usernames lacking a + trailing null byte" (CVE-2006-1516) + * "Anonymous Login Handshake - Information Leakage" (CVE-2006-1517) + * "COM_TABLE_DUMP Information Leakage and Arbitrary command execution" + (CVE-2006-1518) + Closes: #365938, #365939 + * Added diskfree check to the init script (thanks to Tim Baverstock). + Closes: #365460 + * First amd64 upload! + + -- Christian Hammers Sat, 29 Apr 2006 04:31:27 +0200 + +mysql-dfsg-5.0 (5.0.20a-2) unstable; urgency=low + + * The new mysql-upgrade which is started from /etc/mysql/debian-start + does now use the debian-sys-maint user for authentication (thanks to + Philipp). Closes: #364991 + * Wrote patch debian/patches/43* which adds a password option to + mysql_update. See MySQL bug #19400. + * Added "Provides: libmysqlclient-dev" to libmysqlclient15-dev as I saw no + obvious reasons against it (problems should be documented in + debian/README.Maintainer!) (thanks to Olaf van der Spek). Closes: #364899 + * Updated Netherlands debconf translation (thanks to Vincent Zweije) + Closes: #364464 + * Updated French debconf translation (thanks to Christian Perrier) + Closes: #364401 + * Updated Danish debconf translation (thanks to Claus Hindsgaul) + Closes: #365135 + + -- Christian Hammers Wed, 26 Apr 2006 01:14:53 +0200 + +mysql-dfsg-5.0 (5.0.20a-1) unstable; urgency=low + + * New upstream release. + * Added the new mysql_upgrade script and added it to + /etc/mysql/debian-start (thanks to Alessandro Polverini). + The script is currently very noise that is a known bug and will be + fixed in the next release! + Closes: #363458 + * No longer creates the "test" database. This actuallay had been tried + to archive before (at least patches) exists but apparently was not the + case in the last versions (thanks to Olaf van der Spek). Closes: #362126 + * Reformatted libmysqlclient15off.NEWS.Debian to changelog format + (thanks to Peter Palfrader). Closes: #363062 + + -- Christian Hammers Sat, 15 Apr 2006 13:05:22 +0200 + +mysql-dfsg-5.0 (5.0.20-1) unstable; urgency=high + + * Upstream contains a fix for a nasty bug (MySQL#18153) that users + already experienced and that caused corrupted triggers after + REPAIR/OPTIMIZE/ALTER TABLE statements. + (thanks to Jerome Despatis for pointing out) + * Added patch for the "updates on multiple tables is buggy after + upgrading from 4.1 to 5.0" problem which MySQL has been committed + for the upcoming 5.0.21 release. Closes #352704 + * Added Netherlands debconf translation (thanks to Vincent Zweije). + Closes: #360443 + * Added Galician debconf translation (thanks to Jacobo Tarrio). + Closes: #361257 + + -- Christian Hammers Fri, 7 Apr 2006 00:00:43 +0200 + +mysql-dfsg-5.0 (5.0.19-3) unstable; urgency=high + + [ Christian Hammers ] + * Fixed libmysqlclient15.README.Debian regarding package name changes + (thanks to Leppo). + * Moved libheap.a etc. back to /usr/lib/mysql/ as their names are just + too generic. Closes: #353924 + [ Sean Finney ] + * updated danish debconf translation, thanks to Claus Hindsgaul + (closes: #357424). + [ Adam Conrad ] + * Send stderr from 'find' in preinst to /dev/null to tidy up chatter. + * Backport patch for CVE-2006-0903 from the upcoming release to resolve + a log bypass vulnerability when using non-binary logs (closes: #359701) + + -- Adam Conrad Tue, 4 Apr 2006 15:23:18 +1000 + +mysql-dfsg-5.0 (5.0.19-2) unstable; urgency=medium + + * New upstream release. + * Renamed package libmysqlclient15 to libmysqlclient15off due to + binary incompatible changes. + See /usr/share/doc/libmysqlclient15off/README.Debian + * Updated Czech debconf translation (thanks to Miroslav Kure). + Closes: #356503 + * Updated French debconf translation (thanks to Christian Perrier). + Closes: #356332 + * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 + * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian + file is (thanks to Ross Boylan). Closes: #355978 + + -- Christian Hammers Fri, 17 Mar 2006 02:32:19 +0100 + +mysql-dfsg-5.0 (5.0.19-1) experimental; urgency=medium + + * New upstream release. + * Renamed package libmysqlclient15 to libmysqlclient15off. + See /usr/share/doc/libmysqlclient15off/NEWS.Debian + * Updated Czech debconf translation (thanks to Miroslav Kure). + Closes: #356503 + * Updated French debconf translation (thanks to Christian Perrier). + Closes: #356332 + * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 + * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian + file is (thanks to Ross Boylan). Closes: #355978 + + -- Christian Hammers Tue, 14 Mar 2006 22:56:13 +0100 + +mysql-dfsg-5.0 (5.0.18-9) unstable; urgency=medium + + [ Christian Hammers ] + * When using apt-get the check for left-over ISAM tables can abort the + installation of mysql-server-5.0 but not prevent the mysql-server-4.1 + package from getting removed. The only thing I can do is reflect this + in the Debconf notice that is shown and suggest to reinstall + mysql-server-4.1 for converting. See: #354850 + * Suggests removing of /etc/cron.daily/mysql-server in last NEWS message + (thanks to Mourad De Clerck). Closes: #354111 + * Added versioned symbols for kfreebsd and Hurd, too (thanks to Aurelien + Jarno and Michael Bank). Closes: #353971 + * Added versioned symbols for kfreebsd, too (thanks to Aurelien Jarno). + Closes: #353971 + [ Adam Conrad ] + * Add 39_scripts__mysqld_safe.sh__port_dir.dpatch to ensure that the + permissions on /var/run/mysqld are always correct, even on a tmpfs. + + -- Christian Hammers Mon, 6 Mar 2006 21:42:13 +0100 + +mysql-dfsg-5.0 (5.0.18-8) unstable; urgency=low + + * The rotation of the binary logs is now configured via + expire-logs-days in /etc/mysql/my.cnf and handled completely + by the server and no longer in configured in debian-log-rotate.conf + and handled by a cron job. Thanks to David Johnson. + See /usr/share/doc/mysql-server-5.0/NEWS.Debian + * Ran aspell over some files in debian/ and learned a lot :) + * debian/rules: Added check if versioned symbols are really there. + * Updated SSL-MINI-HOWTO. + * Updated copyright (removed the parts regarding the now removed + BerkeleyDB table handler and mysql-doc package). + * Relocated a variable in preinst (thanks to Michael Heldebrant). + Closes: #349258, #352587, #351216 + * Updated Danish debconf translation (thanks to Claus Hindsgaul). + Closes: #349013 + * Updated Swedish debconf translation (thanks to Daniel Nylander). + Closes: #349522 + * Updated French debconf translation (thanks to Christian Perrier). + Closes: #349592 + * Fixed typo in README.Debian (thanks to Vincent Ricard). + * Prolonged waiting time for mysqld in the init script. Closes: #352070 + + -- Christian Hammers Mon, 23 Jan 2006 23:13:46 +0100 + +mysql-dfsg-5.0 (5.0.18-7) unstable; urgency=low + + * Made mailx in debian-start.inc.sh optional and changed the dependency on it + on it to a mere recommendation. Closes: #316297 + * the previous FTBFS patches for GNU/Hurd inadvertently led to configure + being regenerating, losing a couple trivial things like our versioned + symbols patch, causing many nasty problems (closes: #348854). + + -- sean finney Fri, 20 Jan 2006 20:59:27 +0100 + +mysql-dfsg-5.0 (5.0.18-6) unstable; urgency=low + + * Added version comment (thanks to Daniel van Eeden). + * Added two patches to build on GNU/Hurd (thanks to Michael Bank). + Closes: #348182 + * Abort upgrade if old and now unsupported ISAM tables are present + (thanks to David Coe). Closes: #345895 + + -- Christian Hammers Tue, 17 Jan 2006 19:25:59 +0100 + +mysql-dfsg-5.0 (5.0.18-5) unstable; urgency=low + + * Bump shlibdeps for libmysqlclient15 to (>= 5.0.15-1), which was + the first non-beta release from upstream, as well as being shortly + after we broke the ABI in Debian by introducing versioned symbols. + + -- Adam Conrad Fri, 13 Jan 2006 13:18:03 +1100 + +mysql-dfsg-5.0 (5.0.18-4) unstable; urgency=low + + * Munge our dependencies further to smooth upgrades even more, noting + that we really need 5.0 to conflict with 4.1, and stealing a page from + the book of mysql-common, it doesn't hurt to hint package managers in + the direction of "hey, this stuff is a complete replacement for 4.1" + * Change the description of mysql-server and mysql-client to remove the + references to it being "transition", and instead point out that it's + the way to get the "current best version" of each package installed. + + -- Adam Conrad Wed, 11 Jan 2006 11:39:45 +1100 + +mysql-dfsg-5.0 (5.0.18-3) unstable; urgency=low + + * Make the mysql-{client,server}-5.0 conflict against mysql-{client,server} + versioned, so they can be installed side-by-side and upgrade properly. + * Add myself to Uploaders; since I have access to the alioth repository. + + -- Adam Conrad Tue, 10 Jan 2006 19:15:48 +1100 + +mysql-dfsg-5.0 (5.0.18-2) unstable; urgency=low + + * Removed the transitional package that forced an upgrade from + mysql-server-4.1 to mysql-server-5.0 as I was convinced that + having a general "mysql-server" package with adjusted dependencies + is enough (thanks to Adam Conrad). + * Updated logcheck.ignore files (thanks to Jamie McCarthy). Closes: #340193 + + -- Christian Hammers Mon, 9 Jan 2006 21:54:53 +0100 + +mysql-dfsg-5.0 (5.0.18-1) unstable; urgency=low + + * New upstream version. + * Added empty transitional packages that force an upgrade from the + server and client packages that have been present in Sarge. + * Fixed SSL-MINI-HOWTO (thanks to Jonas Smedegaard). Closes: #340589 + + -- Christian Hammers Mon, 2 Jan 2006 21:17:51 +0100 + +mysql-dfsg-5.0 (5.0.17-1) unstable; urgency=low + + * Never released as Debian package. + + -- Christian Hammers Thu, 22 Dec 2005 07:49:52 +0100 + +mysql-dfsg-5.0 (5.0.16-1) unstable; urgency=low + + * New upstream version. + * Removed the error logs from the logrotate script as Debian does + not use them anymore. Closes: #339628 + + -- Christian Hammers Tue, 22 Nov 2005 01:19:11 +0100 + +mysql-dfsg-5.0 (5.0.15-2) unstable; urgency=medium + + * Added 14_configure__gcc-atomic.h.diff to fix FTBFS on m68k + (thanks to Stephen R Marenka). Closes: #337082 + * Removed dynamic linking against libstdc++ as it was not really + needed (thanks to Adam Conrad). Closes: #328613 + * Fixed the "/var/lib/mysql is a symlink" workaround that accidently + left a stalled symlink (thanks to Thomas Lamy). Closes: #336759 + * As the init script cannot distinguish between a broken startup and + one that just takes very long the "failed" message now says + "or took more than 6s" (thanks to Olaf van der Spek). Closes: #335547 + + -- Christian Hammers Thu, 3 Nov 2005 22:00:15 +0100 + +mysql-dfsg-5.0 (5.0.15-1) unstable; urgency=low + + * New upstream version. 5.0 has finally been declared STABLE! + * Added small patch to debian/rules that fixed sporadic build errors + where stdout and stderr were piped together, got mixed up and broke + * Added --with-big-tables to ./configure (thanks to tj.trevelyan). + Closes: #333090 + * Added capability to parse "-rc" to debian/watch. + * Fixed cronscript (thanks to Andrew Deason). Closes: #335244 + * Added Swedish debconf translation (thanks to Daniel Nylander). + Closes: #333670 + * Added comment to README.Debian regarding applications that manually + set new-style passwords... Closes: #334444 + * Sean Finney: + - Fix duplicate reference to [-e|--extended-insert]. Closes: #334957 + - Fix default behavior for mysqldumpslow. Closes: #334517 + - Reference documentation issue in mysql manpage. Closes: #335219 + + -- Christian Hammers Fri, 30 Sep 2005 00:10:39 +0200 + +mysql-dfsg-5.0 (5.0.13rc-1) unstable; urgency=low + + * New upstream release. Now "release-candidate"! + * Removed any dynamic link dependencies to libndbclient.so.0 which + is due to its version only distributed as a static library. + * Sean Finney: + - FTBFS fix related to stripping rpath in debian/rules + + -- Christian Hammers Mon, 26 Sep 2005 22:09:26 +0200 + +mysql-dfsg-5.0 (5.0.12beta-5) unstable; urgency=low + + * The recent FTBFS were probably result of a timing bug in the + debian/patches/75_*.dpatch file where Makefile.in got patched just + before the Makefile.shared which it depended on. For that reason + only some of the autobuilders failed. Closes: #330149 + * Fixed chrpath removal (option -k had to be added). + * Corrected debconf dependency as requested by Joey Hess. + + -- Christian Hammers Mon, 26 Sep 2005 18:37:07 +0200 + +mysql-dfsg-5.0 (5.0.12beta-4) unstable; urgency=low + + * Removed experimental shared library libndbclient.so.0.0.0 as it + is doomed to cause trouble as long as it is present in both MySQL 4.1 + and 5.0 without real soname and its own package. We still have + libndbclient.a for developers. (thanks to Adam Conrad and + mediaforest.net). Closes: #329772 + + -- Christian Hammers Fri, 23 Sep 2005 12:36:48 +0200 + +mysql-dfsg-5.0 (5.0.12beta-3) unstable; urgency=medium + + * Symbol versioning support! wooooohoooooo! + (thanks to Steve Langasek) Closes: #236288 + * Moved libndbcclient.so.0 to the -dev package as it is provided by + libmysqlclient14 and -15 which must be installable simultaneously. + * Removed mysql-*-doc suggestions. + + -- Christian Hammers Tue, 20 Sep 2005 00:07:03 +0200 + +mysql-dfsg-5.0 (5.0.12beta-2) unstable; urgency=low + + * Added patch to build on GNU/kFreeBSD (thanks to Aurelien Jarno). + Closes: #327702 + * Added patch that was already been present on the 4.1 branch which + makes the "status" command of the init script more sensible + (thanks to Stephen Gildea). Closes: #311836 + * Added Vietnamese Debconf translation (thanks to Clytie Siddal). + Closes: #313006 + * Updated German Debconf translation (thanks to Jens Seidel). + Closes: #313957 + * Corrected commends in example debian-log-rotate.conf. The default is + unlike the mysql-sever-4.1 package which needed to stay backwards + compatible now 2 to avoid filling up the disk endlessly. + * Fixed watch file to be "-beta" aware. + + -- Christian Hammers Thu, 15 Sep 2005 20:50:19 +0200 + +mysql-dfsg-5.0 (5.0.12beta-1) unstable; urgency=medium + + * Christian Hammers: + - New upstream release. + - Changed build-dep to libreadline5-dev as requested by Matthias Klose. + Closes: #326316 + - Applied fix for changed output format of SHOW MASTER LOGS for + binary log rotation (thanks to Martin Krueger). Closes: #326427, #326427 + - Removed explicit setting of $PATH as I saw no sense in it and + it introduced a bug (thanks to Quim Calpe). Closes: #326769 + - Removed PID file creation from /etc/init.d/mysql-ndb as it does + not work with this daemon (thanks to Quim Calpe). + - Updated French Debconf translation (thanks to Christian Perrier). + Closes: #324805 + - Moved conflicts line in debian/control from libmysqlclient15 to + libmysqlclient15-dev and removed some pre-sarge conflicts as + suggested by Adam Majer. Closes: #324623 + * Sean Finney: + - For posterity, CAN-2005-2558 has been fixed since 5.0.7beta. + + -- Christian Hammers Thu, 15 Sep 2005 19:58:22 +0200 + +mysql-dfsg-5.0 (5.0.11beta-3) unstable; urgency=low + + * Temporarily build only with -O2 to circumvent gcc internal errors + (thanks to Matthias Klose). Related to: #321165 + + -- Christian Hammers Thu, 18 Aug 2005 15:44:04 +0200 + +mysql-dfsg-5.0 (5.0.11beta-2) unstable; urgency=low + + * Fixed README.Debian regarding the status of mysql-doc. + * Added "set +e" around chgrp in mysql-server-5.0.preinst to + not fail on .journal files (thanks to Christophe Nowicki). + Closes: #318435 + + -- Christian Hammers Sun, 14 Aug 2005 18:02:08 +0200 + +mysql-dfsg-5.0 (5.0.11beta-1) unstable; urgency=low + + * New upstream version. + * Added Danish Debconf translations (thanks to Claus Hindsgaul). + Closes: #322384 + * Updated Czech Debconf translations (thanks to Miroslav Kure). + Closes: #321765 + + -- Christian Hammers Sat, 13 Aug 2005 11:56:15 +0000 + +mysql-dfsg-5.0 (5.0.10beta-1) unstable; urgency=low + + * New upstream release. + * Christian Hammers: + - Added check for mounted /proc to debian/rules. + * Sean Finney: + - fix for fix_mysql_privilege_tables/mysql_fix_privilege_tables typo + in mysql-server-5.0's README.Debian (see #319838). + + -- Christian Hammers Sun, 31 Jul 2005 00:30:45 +0200 + +mysql-dfsg-5.0 (5.0.7beta-1) unstable; urgency=low + + * Second try for new upstream release. + * Renamed mysql-common-5.0 to mysql-common as future libmysqlclient16 + from e.g. MySQL-5.1 would else introduce mysql-common-5.1 which makes + a simultanous installation of libmysqlclient14 impossible as that + depends on either mysql-common or mysql-common-5.0 but not on future + versions. Thus we decided to always let the newest MySQL version + provide mysql-common. + * Added ${misc:Depends} as suggested by debhelper manpage. + * Raised standard in control file to 3.6.2. + * Removed DH_COMPAT from rules in faviour of debian/compat. + * Checkes for presence of init script before executing it in preinst. + Referres: 315959 + * Added 60_includes_mysys.h__gcc40.dpatch for GCC-4.0 compatibility. + + -- Christian Hammers Wed, 29 Jun 2005 00:39:05 +0200 + +mysql-dfsg-5.0 (5.0.5beta-1) unstable; urgency=low + + * New major release! Still beta so be carefull... + * Added federated storage engine. + + -- Christian Hammers Wed, 8 Jun 2005 19:29:45 +0200 + +mysql-dfsg-4.1 (4.1.12-1) unstable; urgency=low + + * Christian Hammers: + - New upstream release. + - Disabled BerkeleyDB finally. It has been obsoleted by InnoDB. + * Sean Finney: + - Updated French translation from Christian Perrier (Closes: #310526). + - Updated Japanese translation from Hideki Yamane (Closes: #310263). + - Updated Russian translation from Yuriy Talakan (Closes: #310197). + + -- Christian Hammers Sat, 4 Jun 2005 05:49:11 +0200 + +mysql-dfsg-4.1 (4.1.11a-4) unstable; urgency=high + + * Fixed FTBFS problem which was caused due to the fact that last uploads + BerkeleyDB patch was tried to applied on all architectures and not only + on those where BerkeleyDB is actually beeing built. Closes: #310296 + + -- Christian Hammers Mon, 23 May 2005 00:54:51 +0200 + +mysql-dfsg-4.1 (4.1.11a-3) unstable; urgency=high + + * Added patch from Piotr Roszatycki to compile the bundled db3 library + that is needed for the BerkeleyDB support with versioned symbols so + that mysqld no longer crashes when it gets linked together with the + Debian db3 version which happens when e.g. using libnss-db. + Closes: #308966 + + -- Christian Hammers Thu, 19 May 2005 01:41:14 +0200 + +mysql-dfsg-4.1 (4.1.11a-2) unstable; urgency=high + + * Okay, the hackery with /var/lib/dpkg/info/mysql-server.list will not + stand and is removed from the preinst of mysql-server. + * New workaround for the symlink problem that does not involve mucking + with dpkg's file lists is storing the symlinks in a temporary location + across upgrades. + As this sometimes fails since apt-get does not always call new.preinst + before old.postrm, some remarks were added to README.Debian and the + Debconf installation notes to minimize the inconvinience this causes. + + -- sean finney Sun, 15 May 2005 10:25:31 -0400 + +mysql-dfsg-4.1 (4.1.11a-1) unstable; urgency=high + + * Added the "a" to the version number to be able to upload a new + .orig.tar.gz file which now has the non-free Docs/ directory removed + as this has been forgotten in the 4.1.11 release (thanks to Goeran + Weinholt). Closes: #308691 + * The Woody package listed /var/lib/mysql and /var/log/mysql in its + /var/lib/dpkg/info/mysql-server.list. These directories are often + replaced by symlinks to data partitions which triggers a dpkg bug + that causes these symlinks to be removed on upgrades. The new preinst + prevents this by removing the two lines from the .list file + (thanks to Andreas Barth and Jamin W. Collins). See dpkg bug #287978. + * Updated French Debconf translation (thanks to Christian Perrier). + Closes: #308353 + + -- Christian Hammers Thu, 12 May 2005 21:52:46 +0200 + +mysql-dfsg-4.1 (4.1.11-3) unstable; urgency=high + + * The "do you want to remove /var/lib/mysql when purging the package" flag + from old versions is removed once this package is beeing installed so + that purging an old Woody mysql-server package while having a + mysql-server-4.1 package installed can no longer lead to the removal of + all databases. Additionaly clarified the wording of this versions Debconf + template and added a check that skips this purge in the postrm script + if another mysql-server* package has /usr/sbin/mysqld installed. + (thanks to Adrian Bunk for spotting that problem) Closes: #307473 + * Cronfile was not beeing installed as the filename was not in the + correct format for "dh_installcron --name" (thanks to Tomislav + Gountchev). Closes: #302712 + + -- Christian Hammers Sat, 23 Apr 2005 22:55:15 +0200 + +mysql-dfsg-4.1 (4.1.11-2) unstable; urgency=low + + * Sean Finney: + - don't freak out if we can't remove /etc/mysql during purge. + - debian/rules clean works again. + * Christian Hammers: + - Fixed typo in README.Debian (thanks to Joerg Rieger). Closes: #304897 + - Completely removed the passwordless test user as it was not only + insecure but also lead to irritations as MySQL checks first the + permissions of this user and then those of a password having one. + See bug report from Hilko Bengen for details. Closes: #301741 + + -- Christian Hammers Sat, 16 Apr 2005 15:55:00 +0200 + +mysql-dfsg-4.1 (4.1.11-1) unstable; urgency=low + + * New upstream version. + * Upstream fix for charset/collation problem. Closes: #282256 + * Upstream fix for subselect crash. Closes: #297687 + * Corrected minor issue in Debconf template regarding skip-networking + (thanks to Isaac Clerencia). Closes: #303417 + * Made dependency to gawk unnecessary (thanks to Zoran Dzelajlija). + Closes: #302284 + * Removed obsolete 50_innodb_mixlen.dpatch. + * Removed obsolete 51_CAN-2004-0957_db_grant_underscore.dpatch. + + -- Christian Hammers Fri, 8 Apr 2005 00:23:53 +0200 + +mysql-dfsg-4.1 (4.1.10a-7) unstable; urgency=low + + * Sean Finney: + - fix for the mysteriously disappeared cronjob. thanks to + Peter Palfrader for pointing out this omission. + (closes: #302712). + + -- sean finney Sat, 02 Apr 2005 16:54:13 -0500 + +mysql-dfsg-4.1 (4.1.10a-6) unstable; urgency=high + + * Sean Finney: + - the previous upload did not completely address the issue. this one + should do so. d'oh. + + -- sean finney Thu, 31 Mar 2005 03:35:50 +0000 + +mysql-dfsg-4.1 (4.1.10a-5) unstable; urgency=high + + * Sean Finney: + - the following security issue is addressed in this upload: + CAN-2004-0957 (grant privilege escalation on tables with underscores) + thanks to sergei at mysql for all his help with this. + + -- sean finney Wed, 30 Mar 2005 21:19:26 -0500 + +mysql-dfsg-4.1 (4.1.10a-4) unstable; urgency=low + + * Sean Finney: + - FTBFS fix for amd64/gcc-4.0. Thanks to Andreas Jochens + for reporting this (closes: #301807). + - ANSI-compatible quoting fix in daily cron job. thanks to + Karl Hammar for pointing out the problem in + the 4.0 branch. + - Added myself as a co-maintainer in the control file (closes: #295312). + + -- sean finney Tue, 29 Mar 2005 18:54:42 -0500 + +mysql-dfsg-4.1 (4.1.10a-3) unstable; urgency=low + + * BerkeleyDB is now disabled by default as its use is discouraged by MySQL. + * Added embedded server libraries as they finally do compile. + They are currently in libmysqlclient-dev as they are still + experimental and only available as .a library (thanks to Keith Packard). + Closes: #297062 + * Fixed obsolete "tail" syntax (thanks to Sven Mueller). Closes: #301413 + * Added CAN numbers for the latest security bugfix upload. + * Updated manpage of mysqlmanager (thanks to Justin Pryzby). Closes: #299844 + * Added comments to default configuration. + + -- Christian Hammers Sun, 20 Mar 2005 17:40:18 +0100 + +mysql-dfsg-4.1 (4.1.10a-2) unstable; urgency=low + + * Disabled "--with-mysqld-ldflags=-all-static" as it causes sig11 crashes + if LDAP is used for groups in /etc/nsswitch.conf. Confirmed by Sean Finney + and Daniel Dehennin. Closes: #299382 + + -- Christian Hammers Mon, 14 Mar 2005 03:01:03 +0100 + +mysql-dfsg-4.1 (4.1.10a-1) unstable; urgency=high + + * SECURITY: + - The following security related updates are addressed: + CAN-2005-0711 (temporary file creation with "CREATE TEMPORARY TABLE") + CAN-2005-0709 (arbitrary library injection in udf_init()) + CAN-2005-0710 (arbitrary code execution via "CREATE FUNCTION") + Closes: #299029, #299031, #299065 + * New Upstream Release. + - Fixes some server crash conditions. + - Upstream includes fix for TMPDIR overriding my.cnf tmpdir setting + Closes: #294347 + - Fixes InnoDB error message. Closes: #298875 + - Fixes resouce limiting. Closes: #285044 + * Improved checking whether or not the server is alive in the init script + which should make it possible to run several mysqld instances in + different chroot environments. Closes: #297772 + * Fixed cron script name as dots are not allowed (thanks to Michel + v/d Ven). Closes: #298447 + * Added -O3 and --with-mysqld-ldflags=-all-static as MySQL recommends to + build the server binary statically in order to gain about 13% more + performance (thanks to Marcin Kowalski). + * Added patch to let mysqld_safe react to signals (thanks to Erich + Schubert). Closes: #208364 + * (Thanks to Sean Finney for doing a great share of work for this release!) + + -- Christian Hammers Thu, 3 Mar 2005 02:36:39 +0100 + +mysql-dfsg-4.1 (4.1.10-4) unstable; urgency=medium + + * Fixed bug that prevented MySQL from starting after upgrades. + Closes: #297198, #296403 + * Added comment about logging to syslog to the default my.cnf + and the logrotate script (thanks to Ryszard Lach). Closes: #295507 + + -- Christian Hammers Thu, 3 Mar 2005 00:28:02 +0100 + +mysql-dfsg-4.1 (4.1.10-3) unstable; urgency=low + + * Sean Finney: Cronjobs now exit silently when the server package + has been removed but not purged (thanks to Vineet Kumar). + Closes: #297404 + * Fixed comments of /etc/mysql/debian-log-rotate.conf (thanks to + Philip Ross). Closes: #297467 + * Made mysqld_safe reacting sane on signals (thanks to Erich Schubert). + Closes: #208364 + + -- Christian Hammers Tue, 1 Mar 2005 19:44:34 +0100 + +mysql-dfsg-4.1 (4.1.10-2) unstable; urgency=low + + * Converted to dpatch. + * debian/ is now maintained via Subversion on svn.debian.org. + + -- Christian Hammers Tue, 1 Mar 2005 02:16:36 +0100 + +mysql-dfsg-4.1 (4.1.10-1) unstable; urgency=low + + * New upstream version. + * Upstream fixed memleak bug. Closes: #205587 + * Added debian/copyright.more for personal reference. + * Lowered default query cache size as suggested by Arjen from MySQL. + * Switched from log to log-bin as suggested by Arjen from MySQL. + * Fixed typo in my.cnf (thanks to Sebastian Feltel). Closes: #295247 + * Replaced --defaults-extra-file by --defaults-file in Debian scripts + as former lets password/host etc be overwriteable by /root/.my.cnf. + Added socket to /etc/mysql/debian.cnf to let it work. (thanks to + SATOH Fumiyasu). Closes: #295170 + + -- Christian Hammers Tue, 15 Feb 2005 23:47:02 +0100 + +mysql-dfsg-4.1 (4.1.9-4) unstable; urgency=low + + * Improved the way mysqld is started and registered with update-rc.d + in cases where the admin modifies the runlevel configuration. + Most notably removed the debconf question whether or not mysql should + start on when booting. Closes: #274264 + * Renamed configuration option old-passwords to the more preferred + naming convention old_passwords. Same for some others (thanks to + Patrice Pawlak). Closes: #293983 + + -- Christian Hammers Tue, 8 Feb 2005 02:21:18 +0100 + +mysql-dfsg-4.1 (4.1.9-3) unstable; urgency=low + + * Renamed ca_ES.po to ca.po to reach a broader audience (thanks to + Christian Perrier). Closes: #293786 + * Expicitly disabled mysqlfs support as it has never been enabled by + configure during the autodetection but fails due to broken upstream + code when users try to build the package theirselves while having + liborbit-dev installed which triggers the mysqlfs autodetection + (thanks to Max Kellermann). Closes: #293431 + * Added dependencies to gawk as one script does not work with original-awk + (thanks to Petr Ferschmann). Closes: #291634 + + -- Christian Hammers Sun, 6 Feb 2005 23:33:11 +0100 + +mysql-dfsg-4.1 (4.1.9-2) unstable; urgency=high + + * SECURITY: + For historical reasons /usr/share/mysql/ was owned and writable by + the user "mysql". This is a security problem as some scripts that + are run by root are in this directory and could be modified and used + by a malicious user who already has mysql privileges to gain full root + rights (thanks to Matt Brubeck). Closes: #293345 + * Changed "skip-networking" to "bind-address 127.0.0.1" which is more + compatible and not less secure but maybe even more, as less people enable + networking for all interfaces (thanks to Arjen Lentz). + * Enabled InnoDB by default as recommended by Arjen Lentz from MySQL. + * Added remarks about hosts.allow to README.Debian (thanks to David + Chappell). Closes: #291300 + * mysql-server-4.1 now provides mysql-server (thanks to Paul van den Berg). + Closes: #287735 + + -- Christian Hammers Wed, 2 Feb 2005 23:31:55 +0100 + +mysql-dfsg-4.1 (4.1.9-1) unstable; urgency=low + + * New upstream version. + * mysql-client-4.1 now provides "mysql-client" so that packages depending + on mysql-client (ca. 40) can now be used with MySQL-4.1, too. + + -- Christian Hammers Sun, 23 Jan 2005 22:52:48 +0100 + +mysql-dfsg-4.1 (4.1.8a-6) unstable; urgency=high + + * SECURITY: + Javier Fernandez-Sanguino Pena from the Debian Security Audit Project + discovered a temporary file vulnerability in the mysqlaccess script of + MySQL that could allow an unprivileged user to let root overwrite + arbitrary files via a symlink attack and could also could unveil the + contents of a temporary file which might contain sensitive information. + (CAN-2005-0004, http://lists.mysql.com/internals/20600) Closes: #291122 + + -- Christian Hammers Tue, 18 Jan 2005 23:11:48 +0100 + +mysql-dfsg-4.1 (4.1.8a-5) unstable; urgency=medium + + * Fixed important upstream bug that causes from_unixtime(0) to return + NULL instead of "1970-01-01 00:00:00" which fails on NOT NULL columns. + Closes: #287792 + * Fixes upstream bug in mysql_list_fields() . Closes: #282486 + * Fixes bug that lead to double rotated logfiles when mysql-server 4.0 + was previously installed (thanks to Olaf van der Spek). Closes: #289851 + * Fixed typo in README.Debian (thanks to Mark Nipper). Closes: #289131 + * Changed max_allowed_packet in my.cnf to 16M as in 4.0.x (thanks to + Olaf van der Spek). Closes: #289840 + * Updated French debconf translation (thanks to Christian Perrier). + Closes: #287955 + + -- Christian Hammers Thu, 13 Jan 2005 01:29:05 +0100 + +mysql-dfsg-4.1 (4.1.8a-4) unstable; urgency=low + + * Broken patch again :-( + + -- Christian Hammers Sun, 9 Jan 2005 23:47:55 +0100 + +mysql-dfsg-4.1 (4.1.8a-3) unstable; urgency=low + + * The mutex patch was a bit too x86 centric. This broke the alpha build. + + -- Christian Hammers Sun, 9 Jan 2005 14:18:49 +0100 + +mysql-dfsg-4.1 (4.1.8a-2) unstable; urgency=medium + + * Some Makefiles that were patched by me got overwritten by the GNU + autotools, probably because I also patched ./configure. Fixed now, + the critical mutex patch is now back in again. Closes: #286961 + * Added patch to make MySQL compile on ARM (thanks to Adam Majer). + Closes: #285071 + + -- Christian Hammers Thu, 6 Jan 2005 09:30:13 +0100 + +mysql-dfsg-4.1 (4.1.8a-1) unstable; urgency=medium + + * Upstream 4.1.8 had some problems in their GNU Autotools files so they + released 4.1.8a. Debian's 4.1.8 was fixed by running autoreconf but this + again overwrote MySQL changes to ltmain.sh which are supposed to fix some + problems on uncommon architectures (maybe the FTBFS on alpha, arm, m68k + and sparc?). + * libmysqlclient_r.so.14 from 4.1.8-3 also missed a link dependency to + libz which lead to unresolved symbols visible with "ldd -r" (thanks + to Laurent Bonnaud). Closes: #287573 + + -- Christian Hammers Wed, 29 Dec 2004 14:26:33 +0100 + +mysql-dfsg-4.1 (4.1.8-3) unstable; urgency=low + + * Fixed checking for error messages by forcing english language + output by adding LC_ALL=C to debian-start (thanks to Rene + Konasz) Closes: #285709 + * Fixed bashisms in Debian scripts. Closes: #286863 + * Updated Japanese Debconf translation (thanks to Hideki Yamane). + Closes: #287003 + * Improved 4.0 to 4.1 upgrade if /var/lib/mysql is a symlink + (thanks to Thomas Lamy). Closes: #286560 + * Added patch for FTBFS problem where no LinuxThreads can be found. + I don't know if this still applies but it should not hurt. + The patch is debian/patches/configure__AMD64-LinuxThreads-vs-NPTL.diff + + -- Christian Hammers Sun, 26 Dec 2004 14:04:20 +0100 + +mysql-dfsg-4.1 (4.1.8-2) unstable; urgency=low + + * If /var/lib/mysql is a symlink then it is kept as such. + * Added the old-passwords option to the default my.cnf to stay + compatible to clients that are still compiled to libmysqlclient10 + and libmysqlclient12 for licence reasons. + * Adjusted tetex build-deps to ease backporting (thanks to Norbert + Tretkowski from backports.org). + + -- Christian Hammers Tue, 21 Dec 2004 01:00:27 +0100 + +mysql-dfsg-4.1 (4.1.8-1) unstable; urgency=medium + + * New upstream version. Closes: #286175 + * Added conflict to libmysqlclient-dev (thanks to Adam Majer). + Closes: #286538 + * Added debconf-updatepo to debian/rules:clean. + * Updated Japanese Debconf translation (thanks to Hideki Yamane). + Closes: #285107 + * Updated French Debconf translation (thanks to Christian Perrier). + Closes: #285977 + * Renamed cz.po to cs.po (thanks to Miroslav Kure). Closes: #285438 + * Aplied patch for changed server notice to debian-start (thanks to + Adam Majer). Closes: #286035 + * Changed nice value in default my.cnf as nohup changed its behaviour + (thanks to Dariush Pietrzak). Closes: #285446 + * Increased verbosity of preinst script in cases where it cannot stop + a running server (thanks to Jan Minar). Closes: #285982 + * Splitted the code parts of /etc/mysql/debian-start to + /usr/share/mysql/debian-start.inc.sh (thanks to Jan Minar). + Closes: #285988 + + -- Christian Hammers Mon, 20 Dec 2004 00:33:21 +0100 + +mysql-dfsg-4.1 (4.1.7-4) unstable; urgency=medium + + * Removed OpenSSL support. + After a short discussion with MySQL, I decided to drop OpenSSL support as + 1. MySQL started shipping their binaries without it, too and do not + seem to support it in favour of using a different library somewhen. + 2. MySQL did not adjust their licence to grant permission to link + against OpenSSL. + 3. Even if they did, third parties who use libmysqlclient.so often + do not realise licencing problems or even do not want OpenSSL. + (thanks to Jordi Mallach and the responders to MySQL bug #6924) + Closes: #283786 + * debian/control: Improved depends and conflicts to mysql-4.0. + + -- Christian Hammers Thu, 2 Dec 2004 22:02:28 +0100 + +mysql-dfsg-4.1 (4.1.7-3) unstable; urgency=low + + * Raised version to make it higher as the one in experimental. + + -- Christian Hammers Wed, 1 Dec 2004 21:09:20 +0100 + +mysql-dfsg-4.1 (4.1.7-2) unstable; urgency=low + + * Patched scripts/mysql_install_db so that it no longer creates a + passwordless test database during installation (thanks to Patrick + Schnorbus). Closes: #281158 + * Added Czech debconf translation (thanks to Miroslav Kure). + Closes: #283222 + + -- Christian Hammers Wed, 1 Dec 2004 01:29:31 +0100 + +mysql-dfsg-4.1 (4.1.7-1) unstable; urgency=low + + * New upstream branch! + * Adjusted debian/control to make this package suitable to get parallel + to version 4.0.x into unstable and sarge. The package names are + different so that "mysql-server" still defaults to the rock-stable + 4.0 instead to this announced-to-be-stable 4.1. + * Added --with-mutex=i86/gcc-assemler to the Berkeley-DB configure + to prevent the use of NPLT threads when compiling under kernel 2.6 + because the binaries are else not runable on kernel 2.4 hosts. + Closes: #278638, #274598 + + -- Christian Hammers Sun, 31 Oct 2004 20:15:03 +0100 + +mysql-dfsg (4.1.6-1) experimental; urgency=low + + * New upstream version. + * Fixed symlinks in libmysqlclient-dev package. Closes: #277028 + * This time I did not update the libtool files as they were pretty + up to date and I want to have a shorter diff file. + + -- Christian Hammers Wed, 20 Oct 2004 00:07:58 +0200 + +mysql-dfsg (4.1.5-3) experimental; urgency=low + + * debian/postinst: mysql_install_db changed parameter from --IN-RPM + to --rpm which caused problems during installs. Closes: #276320 + + -- Christian Hammers Sat, 16 Oct 2004 20:36:46 +0200 + +mysql-dfsg (4.1.5-2) experimental; urgency=low + + * Activated support for ndb clustering (thanks to Kevin M. Rosenberg). + Closes: #275109 + + -- Christian Hammers Wed, 6 Oct 2004 01:58:00 +0200 + +mysql-dfsg (4.1.5-1) experimental; urgency=low + + * WARNING: + The upstream branch 4.1 is still considered BETA. + The Debian packages for 4.1 were done without big testing. If you miss + a new functionality or binary, contact me and I check add the relevant + configure option or include the program. + * New MAJOR upstream version. + Thanks to the great demand here's now the first MySQL 4.1 experimental + release. FEEDBACK IS WELCOME. + * 4.0->4.1 notes: + - debian/patches/alpha.diff could not be applied, I fix that later + - debian/patches/scripts__mysql_install_db.sh.diff was obsolete + - debian/patches/scripts__Makefile.in was neccessary due to a dependency + to the removed non-free Docs/ directory. Upstream has been contacted. + - Build-Deps: += automake1.7 + - debian/rules: embedded servers examples did not compile, removed + + -- Christian Hammers Sun, 26 Sep 2004 19:46:47 +0200 + +mysql-dfsg (4.0.21-3) unstable; urgency=low + + * Upstream tried to fix a security bug in mysqlhotcopy and broke it :-) + Applied a patch (see debian/patches) from Martin Pitt. Closes: #271632 + * Between 4.0.20 and 4.0.21 the Debian specific changes in + /usr/bin/mysqld_safe that piped the error log to syslog got lost + and are now back again. + * Fixed capitalization in debconf headings. + * Changed wording of the initscript status message to make heartbeat + happier. Closes: #271591 + + -- Christian Hammers Fri, 17 Sep 2004 18:42:25 +0200 + +mysql-dfsg (4.0.21-2) unstable; urgency=medium + + * The dependencies between mysql-client and libmysqlclient12 were + too loose, when upgrading only the client this can lead to non working + binaries due to relocation errors (thanks to Dominic Cleal). + Closes: #271803 + * Fixed typo in mysqldump.1 manpage (thanks to Nicolas Francois). + Closes: #271334 + + -- Christian Hammers Wed, 15 Sep 2004 15:38:11 +0200 + +mysql-dfsg (4.0.21-1) unstable; urgency=high + + * SECURITY: + This upstream version fixes some security problems that might at least + allow a DoS attack on the server. + * Fixed an old bug in concurrent accesses to `MERGE' tables (even + one `MERGE' table and `MyISAM' tables), that could've resulted in + a crash or hang of the server. (Bug #2408) + * Fixed bug in privilege checking where, under some conditions, one + was able to grant privileges on the database, he has no privileges + on. (Bug #3933) + * Fixed crash in `MATCH ... AGAINST()' on a phrase search operator + with a missing closing double quote. (Bug #3870) + * Fixed potential memory overrun in `mysql_real_connect()' (which + required a compromised DNS server and certain operating systems). + (Bug #4017) + * New upstream version. + * Fixes bug that made x="foo" in WHERE sometimes the same as x="foo ". + Closes: #211618 + * Updated Japanese Debconf translation (thanks to Hideki Yamane). + Closes: #271097 + + -- Christian Hammers Sat, 11 Sep 2004 23:15:44 +0200 + +mysql-dfsg (4.0.20-14) unstable; urgency=low + + * Dave Rolsky spottet that -DBIG_JOINS was not properly enabled. + It allowes joining 64 instead of an 32 tables to join. + + -- Christian Hammers Thu, 9 Sep 2004 20:24:02 +0200 + +mysql-dfsg (4.0.20-13) unstable; urgency=medium + + * Fixed a bug in the initscript which caused the check for not properly + closed i.e. corrupt tables that is executed when the server starts + not to run in background as supposed. + Although the check does not repair anything on servers with several + thousand tables the script was reported to take some minutes which + is quite annoying. (Thanks to Jakob Goldbach). Closes: #270800 + + -- Christian Hammers Thu, 9 Sep 2004 17:11:05 +0200 + +mysql-dfsg (4.0.20-12) unstable; urgency=medium + + * Filter messages regarding table handles that do not support CHECK TABLE + in the script that checks for corrupted tables on every start which lead + to unnecessary mails (thanks to David Everly). Closes: #269811 + * Added a note to the corrupt-table-check mail which notes that a + false-positive is reported in the case that immediately after starting + the server a client starts using a table (thanks to Uwe Kappe). + Closes: #269985 + * Added "quote-names" as default to the [mysqldump] section in + /etc/mysql/my.cnf as too many users stumble over dump files that + could not be read in again due to the valid use of reserved words + as table names. This has also be done by upstream in 4.1.1 and has + no known drawbacks. Closes: #269865 + * Binary logs can now be rotated as well. Defaults to off, though, for + compatibilty reasons (thanks to Mark Ferlatte). Closes: #94230, #269110 + * The mysql user "debian-sys-maint" now gets all possible rights which + makes binary logging possible and helps other package maintainer who + wants to use it to create package specific databases and users. + * Added example how to change daemon nice level via /etc/mysql/my.cnf + * Updated French debconf translations (thanks to Christian Perrier). + Closes: #265811 + * Renamed options in the default config file that still had old names + (thanks to Yves Kreis). Closes: #266445 + * Fixed spelling in debconf note. + * Added -l and -L to dh_shlibdeps. + + -- Christian Hammers Fri, 3 Sep 2004 20:10:46 +0200 + +mysql-dfsg (4.0.20-11) unstable; urgency=high + + * SECURITY + This version fixes a security flaw in mysqlhotcopy which created + temporary files in /tmp which had predictable filenames and such + could be used for a tempfile run attack. + The issue has been recorded as CAN-2004-0457. + + -- Christian Hammers Sat, 14 Aug 2004 18:27:19 +0200 + +mysql-dfsg (4.0.20-10) unstable; urgency=low + + * MySQL finally updated their copyright page and installed v1.5 of + the "Free/Libre and Open Source Software License (FLOSS) - Exception" + which will hopefully end the license hell they created by putting the + client libraries under GPL instead of LGPL which conflicts with PHP and + other software that used to link against MySQL. + The license text is not yet in any release MySQL version but visible + on their web site and copied into the debian/copyright file. + Special thanks to Zak Greant and the debian-legal list + for helping to solve this release critical problem. + Closes: #242449 + * Updated Brazil debconf translation (thanks to Andre Luis Lopes). + Closes: #264233 + * Updated Japanese debconf translation (thanks to Hideki Yamane). + Closes: #264620 + * Fixed minor typo in debconf description (thanks to TROJETTE Mohammed + Adnene). Closes: #264840 + * Improved init and preinst script which now detects stalled servers which + do no longer communicate but are present in the process list (thanks to + Henrik Johansson). Closes: #263215 + + -- Christian Hammers Mon, 9 Aug 2004 19:44:28 +0200 + +mysql-dfsg (4.0.20-9) unstable; urgency=medium + + * Partly reverted the last patch which gave the mysql-user + "debian-sys-maint" more rights as there are old versions of MySQL which + have fewer privlige columns. Now only those are set (thanks to Alan Tam). + Closes: #263111 + + -- Christian Hammers Tue, 3 Aug 2004 13:03:02 +0200 + +mysql-dfsg (4.0.20-8) unstable; urgency=low + + * The mysqlcheck that is started from the initscript will now be + backgrounded because it might else prevent the boot process to continue. + It also now notifies root by mail and syslog if a table is corrupt. + * The "debian-sys-maint" MySQL user now has almost full rights so that other + packages might use this account to create databases and user (thanks to + Andreas Barth). Closes: #262541 + * Added paranoid rules for logcheck. + + -- Christian Hammers Sun, 1 Aug 2004 21:00:55 +0200 + +mysql-dfsg (4.0.20-8) unstable; urgency=low + + * Upload stalled. Not released. + + -- Christian Hammers Sun, 1 Aug 2004 20:27:55 +0200 + +mysql-dfsg (4.0.20-7) unstable; urgency=medium + + * Solved the upstream bug that error messages of the server are written + in a file that is then rotated away leaving mysqld logging effectively + to /dev/null. It now logs to a /usr/bin/logger process which puts the + messages into the syslog. + Modified files: /etc/init.d/mysql, /usr/bin/mysqld_safe and the + logchecker files. Closes: #254070 + * The initscript does no longer call mysqlcheck directly but via + /etc/mysql/debian-start which is a user customizable config script. + * Splitted the debconf "install and update notes" and only show them + when it is appropriate (thanks to Steve Langasek). Closes: #240515 + * Added NEWS.Debian. + * Added hint to -DBIG_ROWS, which is currently not used, to README.Debian. + * Corrected typo in myisampack manpage (thanks to Marc Lehmann). + Closes: #207090 + * Added Catalan debconf translation (thanks to Aleix Badia i Bosch). + Closes: #236651 + + -- Christian Hammers Wed, 28 Jul 2004 01:41:51 +0200 + +mysql-dfsg (4.0.20-6) unstable; urgency=low + + * The build arch detected by configure was "pc-linux-gnu (i686)" + instead of "pc-linux-gnu (i386)". Was no problem AFAIK but + Adam Majer asked me to explicitly change it to i386. Closes: #261382 + * Removed some unused shell scripts from /usr/share/mysql. + * Added lintian overrides. + * Removed rpath by using chrpath. + + -- Christian Hammers Mon, 26 Jul 2004 00:17:12 +0200 + +mysql-dfsg (4.0.20-5) unstable; urgency=medium + + * The mysqlcheck in the init script is only called when the server + is really alive. Also, the mysql-user 'debian-sys-maint' now has + global select rights (thanks to Nathan Poznick). Closes: #261130 + * Moved the debconf question whether to remove the databases or not + from mysql-server.config to mysql-server.postrm so that it shows + up on purge time and not months earlier (thanks to Wouter Verhelst). + Closes: #251838 + + -- Christian Hammers Fri, 23 Jul 2004 22:41:13 +0200 + +mysql-dfsg (4.0.20-4) unstable; urgency=low + + * Added a "mysqlcheck -A --fast" to the 'start' section of the + init script to help admins detect corrupt tables after a server crash. + Currently it exists with an error message but leaves the server + running. Feedback appreciated! + * Made postinst script more robust by calling db_stop earlier and + so prevent pipe-deadlocks. + * Fixed minor typos in initscript (thanks to "C.Y.M."). Closes: 259518 + * Added the undocumented "-DBIG_JOINS" that MySQL apparently uses in + their MAX binaries. It enables 62 instead of 30 tables in a "join". + (thanks to Dave Rolsky). Closes: #260843 + * Added a "df --portability /var/lib/mysql/." check to the preinst + script as users experienced hard to kill hanging mysqlds in such + a situation (thanks to Vaidas Pilkauskas). Closes: #260306 + + -- Christian Hammers Fri, 23 Jul 2004 00:51:32 +0200 + +mysql-dfsg (4.0.20-3) unstable; urgency=low + + * Improved tolerance if the init script has been deleted (thanks to + Leonid Shulov for spotting the problem). + * Minor wording changes to README.Debian generalizing /root/ by $HOME + (thanks to Santiago Vila). Closes: #257725 + * Added Japanese debconf translation (thanks to Hideki Yamane). + Closes: #256485 + * Fixed commend in my.cnf regarding logfile directory (thanks to Jayen + Ashar). Closes: #253434 + * Correted "ease to" by "ease of" in package description (thanks to + Johannes Berg). Closes: #253510 + + -- Christian Hammers Fri, 9 Jul 2004 00:57:42 +0200 + +mysql-dfsg (4.0.20-2) unstable; urgency=low + + * Removed RPM .spec file from the included documentation as it is pretty + useless (thanks to Loic Minier). + * Added turkish debconf translation (thanks to Recai Oktas). Closes: #252802 + + -- Christian Hammers Sun, 6 Jun 2004 14:48:26 +0200 + +mysql-dfsg (4.0.20-1) unstable; urgency=low + + * New upstream version. + + -- Christian Hammers Mon, 31 May 2004 23:36:39 +0200 + +mysql-dfsg (4.0.18-8) unstable; urgency=low + + * Updated french translation (thanks to Christian Perrier). Closes: #246789 + + -- Christian Hammers Tue, 4 May 2004 23:26:54 +0200 + +mysql-dfsg (4.0.18-7) unstable; urgency=low + + * Added CVE ids for the recent security fixes. + 4.0.18-4 is CAN-2004-0381 (mysqlbug) and + 4.0.18-6 is CAN-2004-0388 (mysql_multi) + + -- Christian Hammers Mon, 19 Apr 2004 18:32:03 +0200 + +mysql-dfsg (4.0.18-6) unstable; urgency=medium + + * SECURITY: + Fixed minor tempfile-run security problem in mysqld_multi. + Unprivileged users could create symlinks to files which were then + unknowingly overwritten by run when this script gets executed. + Upstream informed. Thanks to Martin Schulze for finding this. + + -- Christian Hammers Wed, 7 Apr 2004 01:28:22 +0200 + +mysql-dfsg (4.0.18-5) unstable; urgency=low + + * Little improvements in debian scripts for last upload. + * Added check to logrotate script for the case that a mysql + server is running but not be accessible with the username and + password from /etc/mysql/debian.conf (thanks to Jeffrey W. Baker). + Closes: 239421 + + -- Christian Hammers Sun, 4 Apr 2004 15:27:40 +0200 + +mysql-dfsg (4.0.18-4) unstable; urgency=medium + + * SECURITY: + Aplied fix for unprobable tempfile-symlink security problem in + mysqlbug reported by Shaun Colley on bugtraq on 2004-03-24. + * Updated french debconf translation (thanks to Christian Perrier). + Closes: #236878 + * Updated portugesian debconf translation (thanks to Nuno Senica). + Closes: #239168 + * Updated german debconf translation (thanks to Alwin Meschede). + Closes: #241749 + * Improved debconf template regarding fix_privileges_tables (thanks + to Matt Zimmermann for suggestions). Closes: #219400 + * Improved README.Debian regarding to password settings (thanks to + Yann Dirson). Closes: #241328 + + -- Christian Hammers Sat, 3 Apr 2004 19:52:15 +0200 + +mysql-dfsg (4.0.18-3) unstable; urgency=medium + + * Added Build-Depend to po-debconf to let it build everywhere. + + -- Christian Hammers Wed, 31 Mar 2004 23:43:33 +0200 + +mysql-dfsg (4.0.18-2) unstable; urgency=low + + * Added a "2>/dev/null" to a "which" command as there are two + "which" versions in Debian of which one needs it. Closes: #235363 + + -- Christian Hammers Tue, 2 Mar 2004 23:31:28 +0100 + +mysql-dfsg (4.0.18-1) unstable; urgency=low + + * New upstream version. + * Should now compile and run on ia64 (thanks to Thorsten Werner and + David Mosberger-Tang). Closes: #226863 #228834 + * Converted init scripts to invoce-rc.d (thanks to Erich Schubert). + Closes: 232118 + * Secondlast upload changed logfile location. Closes: #182655 + * Updated Brasilian translation (thanks to Andre Luis Lopes). Closes: + #219847 + + -- Christian Hammers Tue, 17 Feb 2004 23:44:58 +0100 + +mysql-dfsg (4.0.17-2) unstable; urgency=low + + * Improved manpage for mysqldumpslow.1 (thanks to Anthony DeRobertis). + Closes: #231039 + * Improved stopping of crashed daemons in init script (thanks to + Matthias Urlichs). Closes: #230327 + + -- Christian Hammers Mon, 9 Feb 2004 21:54:29 +0100 + +mysql-dfsg (4.0.17-1) unstable; urgency=low + + * Made logging into /var/log/mysql/ the default. Closes: #225206 + + * New upstream version. Closes: #225028 + * Turned on a 25MB query cache by default (thanks to Cyril Bouthors). + Closes: #226789 + * Updated russian translation (thanks to Ilgiz Kalmetev). Closes: #219263 + * Upstream fixes the problem that AND was not commutative (thanks for + Iain D Broadfoot for mentioning). Closes: #227927 + * Fixed minor typo in my.cnf comments (thanks to James Renken). + Closes: #221496 + * Better documents regex. Closes: #214952 + * Fixed minor germanism in debconf template (thanks to Marc Haber). + Closes: #224148 + * Added explaining comment to my.cnf regarding quoted passwords + (Thanks to Patrick von der Hagen). Closes: #224906 + * Changed "find -exec" to "find -print0 | xargs -0" in preinst to + speed it up. Thanks to Cyril Bouthors. Closes: #220229 + + -- Christian Hammers Sun, 18 Jan 2004 16:16:25 +0100 + +mysql-dfsg (4.0.16-2) unstable; urgency=low + + * Tried to repair undefined weak symbols by adding a little Makefile + patch. Closes: #215973 + + -- Christian Hammers Mon, 27 Oct 2003 22:52:10 +0100 + +mysql-dfsg (4.0.16-1) unstable; urgency=low + + * New upstream release. + (Mostly little memory problems and other bugfixes it seems) + * Replaced "." by ":" in chown calls to comply with the env setting + "_POSIX2_VERSION=2000112" (thanks to Robert Luberda). Closes: #217399 + * Adjusted syntax in my.cnf to 4.x standard (thanks to Guillaume Plessis). + Closes: #217273 + * Improved README.Debian password instructions (thanks to Levi Waldron). + Closes: #215046 + * Improved NIS warning debconf-template (thanks to Jeff Breidenbach). + Closes: #215791 + * Explicitly added libssl-dev to the libmysqlclient-dev package as it + is needed for mysql_config and the libmysqlclient package only depends + on libssl which has no unnumbered .so version (thanks to Simon Peter + and Davor Ocelic). Closes: #214436, #216162 + * Added "-lwrap" to "mysql_config --libmysqld-libs" and filed it as + upstream bug #1650 (thanks to Noah Levitt). Closes: #214636 + + -- Christian Hammers Sat, 25 Oct 2003 01:09:27 +0200 + +mysql-dfsg (4.0.15a-1) unstable; urgency=low + + * Same package as 4.0.15-2 but I could not convince the Debian + installer to move the packages out of incoming. + + -- Christian Hammers Tue, 7 Oct 2003 15:10:26 +0200 + +mysql-dfsg (4.0.15-2) unstable; urgency=low + + * Updated package description (thanks to Adrian Bunk). Closes: #210988 + * Fixed small typos in manpages (thanks to Nicolas Francois). + Closes: #211983 + * More updates to package description (thanks to Matthias Lutz/ddtp). + Closes: #213456 + * Updated standards to 3.6.1. + * Closes "new 4.0.15 available" bug. Closes: #213349 + * Updated README.Debian with notes regarding the MySQL manual section + "2.4 Post-installation Setup and Testing" (thanks to Daniel B.). + Closes: #210841 + + -- Christian Hammers Fri, 3 Oct 2003 15:59:39 +0200 + +mysql-dfsg (4.0.15-1) unstable; urgency=high + + * SECURITY: + Users who are able to use the "ALTER TABLE" command on the "mysql" + database may be able to exploit this vulnerability to gain a shell with + the privileges of the mysql server (usually running as the 'mysql' user). + Closes: #210403 + * Fixes small description typos (thanks to Oscar Jarkvik). + * Updated Brazilian Portuguese debconf translation. (thanks to Andre Luis + Lopes). Closes: 208030 + * Replaced depricated '.' by ':' in chown (thanks to Matt Zimmerman). + * Fixed manpage typo (thanks to Marc Lehmann). Closes: #207090 + + -- Christian Hammers Fri, 3 Oct 2003 15:59:35 +0200 + +mysql-dfsg (4.0.14-1) unstable; urgency=low + + * New upstream version. + + -- Christian Hammers Sun, 24 Aug 2003 16:40:36 +0200 + +mysql-dfsg (4.0.13-3) unstable; urgency=low + + * Now start mysqld as default unless you choose not when configurig + with debconf priority low. So packages depending on the server when + installing can access it. Thanks Matt Zimmermann (Closes: #200277) + * Made mysql-server de-installable if the config and database files were + removed by hand before. Thanks to Ard van Breemen (Closes: #200304) + + -- Christian Hammers Tue, 8 Jul 2003 22:30:40 +0200 + +mysql-dfsg (4.0.13-2) unstable; urgency=low + + * Added "nice" option for mysqld_safe to give mysqld a different priority. + Submitted to upstream as MySQL Bug #627. Closes: #192087 + * Fixed possible unbound variable in init script. Closes: #194621 + * Fixed french debconf translation (thx Christian Perrier) Closes: #194739 + * Get rid of automake1.5 (for Eric Dorland). + + -- Christian Hammers Wed, 11 Jun 2003 18:58:32 +0200 + +mysql-dfsg (4.0.13-1) unstable; urgency=medium + + * New upstream version. + !!! Fixes a very bad natural join bug which justifies the urgency=medium. + !!! http://bugs.mysql.com/bug.php?id=291 + * Fixed mysql_fix_privileges manpage (Frederic Briere) Closes: #191776 + * preinst: "which" is more chatty normal executable than as builtin. + (Thanks to David B Harris). Closes: #188659 + + -- Christian Hammers Tue, 6 May 2003 22:03:45 +0200 + +mysql-dfsg (4.0.12-3) unstable; urgency=medium + + * Reincluded new way of creating my debian-sys-maint user from + an old release from experimental. Now works again with old + and new privilege table format. (Thanks to Vincent Danjean + for spotting the problem) Closes: #188201 + * Reincluded hurd build dependency fix from 3.23 branch. + (Thanks to Robert Millan). Closes: #185929 + * Fixed soname in libmysqlclient-dev. Closes: #188160 + * Remove /var/log/mysql/ when purging the package. Closes: #188064 + * Removed /usr/share/doc/mysql/ from mysql-server. Closes: #188066 + * Let group "adm" be able to read logfiles. Closes: #188067 + * Do not call usermod on every upgrade. Closes: #188248 + (Thanks to Philippe Troin for the last three) + * Fixed mysql-server.preinst so that it works on shells where + which is a builtin, too. (Thanks to Erich Schubert) Closes: #181525 + + -- Christian Hammers Fri, 11 Apr 2003 11:32:45 +0200 + +mysql-dfsg (4.0.12-2) unstable; urgency=low + + * + * NEW MAJOR UPSTREAM RELEASE: + * + MySQL 4 has finally been declared as 'stable'. Hurray! Read changelogs. + Thanks to all testers, esp. Jose Luis Tallon, of the versions + that were in the "experimental" section before. + * Modified postinst script to run mysql_fix_privileges on every update. + IMPORTANT: Please report if this breaks anything, it is not supposed to. + * Wrote a SSL-MINI-HOWTO.txt! + * Added zlib1g-dev to libmysqlclient12-dev. Closes: 186656 + * Changed section of libmysqlclient12-dev to libdevel. + * Added even more selfwritten manpages. + * Fixed typos. + + -- Christian Hammers Sun, 6 Apr 2003 13:47:32 +0200 + +mysql-dfsg (4.0.10.gamma-1) experimental; urgency=low + + * New upstream version. + * They merged some of my patches from debian/patches. Whoa! + * This release should fix the error-logfile problem where mysqld + keeps the error.log open while logrotate removes it. + + -- Christian Hammers Wed, 12 Feb 2003 22:39:48 +0100 + +mysql-dfsg (4.0.9.gamma-1) experimental; urgency=low + + * New upstream version. + * Updated the GNU autoconf files to make building on MIPS work. + See bug #176829. + + -- Christian Hammers Wed, 29 Jan 2003 22:07:44 +0100 + +mysql-dfsg (4.0.8.gamma-1) experimental; urgency=low + + * New upstream release. + * Improved logging of init script. Closes: #174790 + * We have now libmysqlclient.so.12 instead of .11. + + -- Christian Hammers Thu, 9 Jan 2003 20:14:11 +0100 + +mysql-dfsg (4.0.7.gamma-1) experimental; urgency=high + + * SECURITY: This version fixes an upstream security release that is only + present in the 4.x branch which is currently only in the + experimental distribution and therefore will not get a DSA. + * New upstream release. + + -- Christian Hammers Sat, 28 Dec 2002 15:51:39 +0100 + +mysql-dfsg (4.0.6.gamma-2) experimental; urgency=low + + * Added --system to addgroup. Closes: #173866 + + -- Christian Hammers Sat, 21 Dec 2002 15:28:26 +0100 + +mysql-dfsg (4.0.6.gamma-1) experimental; urgency=low + + * New upstream version. Now Gamma! + * There are no longer changes to the .orig.tar.gz neccessary to make diff + happy. docs/ has still to be deleted, although, as it is non-free. + * Incorporated patches from unstable. + * Added mysqlmanager and a couple of other new scripts. + * Enabled libmysqld embedded server library. + * Enabled SSL and Virtual-IO support. + (CORBA based MySQL-FS seems to be not existing..) + + -- Christian Hammers Fri, 20 Dec 2002 22:30:51 +0100 + +mysql-dfsg (4.0.5a.beta-3) experimental; urgency=low + + * Modified postinst to work with old and new mysql.user table format + and fixed spelling typo in postinst. Thanks to Roger Aich. + * Updated config.{guess,sub} to make the mipsel porters happy. + Thanks to Ryan Murray. Closes: #173553 + + -- Christian Hammers Wed, 18 Dec 2002 15:56:34 +0100 + +mysql-dfsg (4.0.5a.beta-2) experimental; urgency=low + + * Upstream removed option "--skip-gemini". So did I. Closes: 173142 + + -- Christian Hammers Tue, 17 Dec 2002 10:35:49 +0100 + +mysql-dfsg (4.0.5a.beta-1) experimental; urgency=low + + * First 4.x experimental package due to continuous user requests :-) + Please test and report! + * upstream: safe_mysqld has been renamed to mysqld_safe + * upstream: new library soname version libmysqlclient.so.11 + * Renamed libmysqlclientXX-dev to libmysqlclient-dev as I don't plan to + support more than one development environment and this makes the + dependencies easier. + * FIXME: Skipped parts of the debian/patches/alpha patch as the global.h + is not existing. + * FIXME: How to get rid this? Old ltconfig patch already applied. + "lintian: binary-or-shlib-defines-rpath ./usr/bin/mysql /usr/lib/mysql" + + -- Christian Hammers Sun, 1 Dec 2002 18:32:32 +0100 + +mysql-dfsg (3.23.53-4) unstable; urgency=medium + + * Fixed errno.h problem. Closes: #168533, #168535 + + -- Christian Hammers Sun, 10 Nov 2002 18:32:08 +0100 + +mysql-dfsg (3.23.53-3) unstable; urgency=medium + + * Changed automake build-dep to unversioned automake1.4. Closes: #166391 + * Fixed description. Closes: #167270 + (Thanks to Soren Boll Overgaard) + + -- Christian Hammers Tue, 5 Nov 2002 01:25:01 +0100 + +mysql-dfsg (3.23.53-2) unstable; urgency=low + + * Reverted user creation in init scripts. Closes: #166432 + (Thanks to Birzan George Cristian) + + -- Christian Hammers Thu, 31 Oct 2002 15:36:25 +0100 + +mysql-dfsg (3.23.53-1) unstable; urgency=low + + * New upstream release. + + -- Christian Hammers Thu, 24 Oct 2002 23:04:16 +0200 + +mysql-dfsg (3.23.52-3) unstable; urgency=low + + * Substituted the first-install 'debian-sys-maint' user creation by + something ANSI SQL compliant. Closes: #163497 + (Thanks to Karl Hammar) + * Tightend dependency to debhelper (>= 4.0.12) to be sure that + debconf-utils gets installed, too, as I use dh_installdebconf. + * Fixed upstream manpage bug in mysqldump.1. Closes: #159779 + (Thanks to Colin Watson) + * Added comment about MIN_WORD_LEN to mysql-server.README.Debian + (Thanks to Philipp Dreimann) + * Added a dependency for zlib1g-dev to libmysqlclient10-dev. + (Thanks to Jordi Mallach) + + -- Christian Hammers Sun, 15 Sep 2002 17:14:44 +0200 + +mysql-dfsg (3.23.52-2) unstable; urgency=low + + * Fixed typo in preinst scripts. + * Removed bashism in init script. + * Fixed ambiguous debconf example. Closes: #158884 + + -- Christian Hammers Fri, 30 Aug 2002 00:51:29 +0200 + +mysql-dfsg (3.23.52-1) unstable; urgency=low + + * New upstream version. Closes: #157731 + * Clearified the meaning of the debian-sys-maint special user in the + README.Debian file. Closes: #153702 + * Wrote some words regarding the skip-networking in README.Debian. + Closes: #157038 + * Added dependency to passwd. + * Fixes typo and unnecessarily complication in is_mysql_alive(). + * Added check for /etc/mysql/my.cnf in init script. + + -- Christian Hammers Tue, 27 Aug 2002 01:53:32 +0200 + +mysql-dfsg (3.23.51-4) unstable; urgency=low + + * Added a compressed "nm mysqld" output to allow people to trace + core dumps with /usr/bin/resolve_stack_dump as suggested in the + INSTALL-SOURCE file. Thanks to atudor@labs.agilent.com for the hint. + + -- Christian Hammers Wed, 24 Jul 2002 20:44:55 +0200 + +mysql-dfsg (3.23.51-3) unstable; urgency=low + + * Corrected copyright file: the MySQL client library is licenced under + the LGPL-2 not the GPL. From version 4.x it actually will be GPL this + is why parts of http://www.mysql.com/ already say so. Closes: #153591 + * Corrected german translation. + Thanks to Roland Rosenfeld . Closes: #151903 + + -- Christian Hammers Thu, 11 Jul 2002 20:32:28 +0200 + +mysql-dfsg (3.23.51-2) unstable; urgency=low + + * Improved NIS tolerance in preinst script. + + -- Christian Hammers Sun, 7 Jul 2002 04:43:28 +0200 + +mysql-dfsg (3.23.51-1) unstable; urgency=medium + + * New upstream version. + * I applied a patch that fixes a binary imcompatibility in + the shared libary libmysqlclient.so.10 between 3.23.50 and + some versions earlier. Upstream has been contacted and asked + for clarification. Closes: #149952 + * Added support for NIS i.e. it shows a warning and fails if the + needed 'mysql' user does not exists but works if it does. + Closes: #143282, #147869 + * Substituted $0 in init scripts by something really weird so that + "./S20mysql restart" works now, too. (BTW: S20? install file-rc!!!) + Closes: #148658 + * Now postinst works even if /etc/init.d/mysql is removed. Closes: #151021 + * Decided to leave "set +x" in postinst but wrote comment. Closes: #151022 + + -- Christian Hammers Sun, 7 Jul 2002 04:43:25 +0200 + +mysql-dfsg (3.23.50-1) unstable; urgency=medium + + * New upstream version. + Fixes a very annoying and important bug that lets all mysql programs + including perl scripts etc. segfault when using the read_default_group() + function. 3.23.50 is currently a pre-release and expected to be released + next week. I plan to propose it for woody as soon as its stability has + been proven. The following bug reports are all regarding this issue. + Closes: #144960, #145322, #136798, #138143, + + -- Christian Hammers Sat, 18 May 2002 21:14:01 +0200 + +mysql-dfsg (3.23.49x-1) unstable; urgency=low + + * I had to split the package to seperate the manual as it is not GPL + like the rest of the software and docs but under a license that + e.g. forbids selling printed versions. + . + The upstream authors were contacted a while ago but did not like to + change the situation. + . + The names of the resulting packages have not changed as the manual + already was in a seperate mysql-doc package due to it's size. + The source packages are now splitted from one "mysql" to + "mysql-dfsg" in main and "mysql-nonfree" in non-free. + * No code change! + The "x" at the end of the version number ist just to be able to + upload a new source package. ("a" was already taken by upstream + for their binary upload correction) + + -- Christian Hammers Wed, 8 May 2002 02:01:41 +0200 + +mysql (3.23.49-8) unstable; urgency=low + + * Substituted $0 in init script to let e.g. "/etc# ./init.d/mysql restart" + works, too. Closes: #141555 + + -- Christian Hammers Sun, 7 Apr 2002 15:00:44 +0200 + +mysql (3.23.49-7) unstable; urgency=low + + * The Makefiles are totally broken for the --enable-local-infile + option. I now patched libmysql/libmysql.c#mysql_init() manually. + Closes: #138347 + + -- Christian Hammers Fri, 29 Mar 2002 23:55:15 +0100 + +mysql (3.23.49-6) unstable; urgency=low + + * Moved mysqlcheck from server to client package. Closes: #139799 + * Added manpage for mysqlhotcopy. Regarding: #87097 + * Added 'sharedscripts' directive to the logrotate script. + * Replaced grep by /usr/bin/getent to let the group/user checking work + on NIS/LDAP systems, too. Closes: #115677, #101529 + + -- Christian Hammers Fri, 22 Mar 2002 22:40:51 +0100 + +mysql (3.23.49-5) unstable; urgency=low + + * Added skip-innodb to default my.cnf. + * Enabled --enable-local-infile, it seems to be a new option that + defaults to disable a formerly enabled feaure. Closes: #137115 + + -- Christian Hammers Sat, 16 Mar 2002 00:29:10 +0100 + +mysql (3.23.49-4) unstable; urgency=medium + + * Recompiled against fixed libz. + + * Enabled --enable-local-infile, it seems to be a new option that + defaults to disable a formerly enabled feaure. Closes: #137115 + * Fixed README.compile_on_potato. Closes: #136529 + * Now a ext3 .jounal file in /var/lib/mysql does not prevent the + installation (happens when creating a jounal on an already mounted + partition). Closes: #137146 + + -- Christian Hammers Wed, 13 Mar 2002 13:34:24 +0100 + +mysql (3.23.49-3) unstable; urgency=low + + * Added Russian translation. Closes: #135846 + * Fixed installation of .info documents. Closes: #135030 + + -- Christian Hammers Wed, 27 Feb 2002 23:36:35 +0100 + +mysql (3.23.49-2) unstable; urgency=low + + * Updated french translation and split template files. Closes: #134754 + * Fixed a small debian.cnf related bug in mysql-server.postinst. + + -- Christian Hammers Tue, 19 Feb 2002 23:13:58 +0100 + +mysql (3.23.49-1) unstable; urgency=low + + * New upstream release. + (Mainly InnoDB related fixes) + * Exported a $HOME variable in the scripts so that /root/.my.cnf + is not read anymore. This will avoid problems when admins put + only passwords but no usernames in this file. Closes: #132048 + * New debian-sys-maint password algorithm (now ~96bit :-)) Closes: #133863 + * Recreating debian-sys-main pwd on every install to help people who + accidently delete user or password files... + * Added /var/log/mysql so that user can put the binary logs in there as + mysql cannot write the .001 etc files itself in /var/log which is + owned by root. + + -- Christian Hammers Thu, 14 Feb 2002 22:17:45 +0100 + +mysql (3.23.47-6) unstable; urgency=low + + * Dropped a sentence about the new debian-sys-maint user in the + debconf note and updated the README.Debian. Related: #132048 + * Added more french translation. Closes: #132390 + + -- Christian Hammers Wed, 6 Feb 2002 09:41:29 +0100 + +mysql (3.23.47-5) unstable; urgency=low + + * Fixed grammar error in template. Closes: #132238 + * Really fixed typo in logrotate script. Closes: #131711 + + -- Christian Hammers Tue, 5 Feb 2002 14:20:08 +0100 + +mysql (3.23.47-4) unstable; urgency=medium + + * Fixes typo in postinst that let init script fail. Closes: #131743 + * Fixed bashism bug that failed on ash. Closes: #131697 + * Fixed typo in logrotate script. Closes: #131711 + + -- Christian Hammers Thu, 31 Jan 2002 23:58:46 +0100 + +mysql (3.23.47-3) unstable; urgency=low + + * Added new Debian specific mysql user called 'debian-sys-maint' which + is used for pinging the server status, flushing the logs or shutting + down the server in maintenance scripts. The credentials of this user + are stored in the UID0-only readable file /etc/mysql/debian.cnf. + Closes: #129887, #130326, #99274 + * Fixed unintended server startup at boottime. Closes: #122676, #130105 + * New upstream fixes command line parsing bug: Closes: #128473 + * Fixed manpage headers to let apropos work: Closes: #119122 + * Added "status" options for /etc/init.d/mysql. Closes: #129020 + + -- Christian Hammers Sun, 27 Jan 2002 19:46:11 +0100 + +mysql (3.23.47-2) unstable; urgency=low + + * Enhanced init scripts by using mysqladmin instead of kill $pid. + Thanks to Aaron Brick. + + -- Christian Hammers Fri, 18 Jan 2002 01:42:23 +0100 + +mysql (3.23.47-1) unstable; urgency=low + + * New upstream release. + * Updated brazilian translation of debconf descriptions. Closes: #123332 + + -- Christian Hammers Sun, 6 Jan 2002 21:11:17 +0100 + +mysql (3.23.46-3) unstable; urgency=low + + * Fixed bug in postinst where a script was accidently called with + "bash -c