-
mysql-8.0 (8.0.25-0ubuntu0.20.10.1) groovy-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.25 to fix security issues
- CVE-2021-2146, CVE-2021-2162, CVE-2021-2164, CVE-2021-2166,
CVE-2021-2169, CVE-2021-2170, CVE-2021-2171, CVE-2021-2172,
CVE-2021-2179, CVE-2021-2180, CVE-2021-2193, CVE-2021-2194,
CVE-2021-2196, CVE-2021-2201, CVE-2021-2203, CVE-2021-2208,
CVE-2021-2212, CVE-2021-2215, CVE-2021-2217, CVE-2021-2226,
CVE-2021-2230, CVE-2021-2232, CVE-2021-2278, CVE-2021-2293,
CVE-2021-2298, CVE-2021-2299, CVE-2021-2300, CVE-2021-2301,
CVE-2021-2304, CVE-2021-2305, CVE-2021-2307, CVE-2021-2308
* Package new upstream files:
- debian/mysql-server-core-8.0.install: mysql_migrate_keyring,
component_keyring_file.so.
- debian/mysql-testsuite-8.0.install: mysql_keyring_encryption_test.
* debian/patches/fix_test_year.patch: removed, no longer needed.
-- Marc Deslauriers <email address hidden> Tue, 11 May 2021 08:49:41 -0400
-
mysql-8.0 (8.0.23-0ubuntu0.20.10.1) groovy-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.23 to fix security issues
- CVE-2021-2002, CVE-2021-2010, CVE-2021-2011, CVE-2021-2021,
CVE-2021-2022, CVE-2021-2024, CVE-2021-2031, CVE-2021-2032,
CVE-2021-2036, CVE-2021-2038, CVE-2021-2046, CVE-2021-2048,
CVE-2021-2056, CVE-2021-2058, CVE-2021-2060, CVE-2021-2061,
CVE-2021-2065, CVE-2021-2070, CVE-2021-2072, CVE-2021-2076,
CVE-2021-2081, CVE-2021-2087, CVE-2021-2088, CVE-2021-2122
* debian/patches/atomic-test-words.patch: updated.
* debian/patches/fix_test_year.patch: fix test with hardcoded date.
* debian/libmysqlclient21.symbols: added new symbol.
* debian/mysql-router.install: remove mysql_protocol.so, it has been
removed from the new version.
* debian/*.install: added some new files shipped in the new version.
-- Marc Deslauriers <email address hidden> Wed, 27 Jan 2021 09:25:29 -0500
-
mysql-8.0 (8.0.22-0ubuntu0.20.10.2) groovy-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.22 to fix security issues
- CVE-2019-14775, CVE-2020-14672, CVE-2020-14765, CVE-2020-14769,
CVE-2020-14771, CVE-2020-14773, CVE-2020-14775, CVE-2020-14776,
CVE-2020-14777, CVE-2020-14785, CVE-2020-14786, CVE-2020-14789,
CVE-2020-14790, CVE-2020-14791, CVE-2020-14793, CVE-2020-14794,
CVE-2020-14800, CVE-2020-14804, CVE-2020-14809, CVE-2020-14812,
CVE-2020-14814, CVE-2020-14821, CVE-2020-14827, CVE-2020-14828,
CVE-2020-14829, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837,
CVE-2020-14838, CVE-2020-14839, CVE-2020-14844, CVE-2020-14845,
CVE-2020-14846, CVE-2020-14848, CVE-2020-14852, CVE-2020-14853,
CVE-2020-14860, CVE-2020-14861, CVE-2020-14866, CVE-2020-14867,
CVE-2020-14868, CVE-2020-14869, CVE-2020-14870, CVE-2020-14873,
CVE-2020-14878, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893
* Removed patches included in new version:
- debian/patches/fix_mariadb_charset_segfault.patch
- debian/patches/fix_expired_test_certs.patch
* debian/mysql-router.install: adjust path to sample_mysqlrouter.conf.
* debian/mysql-router.install, debian/not-installed: added new files.
* debian/libmysqlclient21.symbols: added new symbol.
-- Marc Deslauriers <email address hidden> Thu, 22 Oct 2020 09:04:29 -0400
-
mysql-8.0 (8.0.21-1) unstable; urgency=medium
[ Robie Basak ]
* New upstream release.
[ Lars Tangvald ]
* Add patch for replacing expired test certificates.
* Disable unstable test main.mysql_client_test.
* Disable broken test main.mtr_unit_tests.
* Use system version of protobuf library. Closes: #968149.
* Override BCP78 lintian error.
[ Sergio Durigan Junior ]
* Fix FTBFS on RISC-V.
[ Marc Deslauriers ]
* Revert an upstream commit that switches the tls-model to
initial-exec. This is causing "cannot allocate memory in static TLS
block" errors when attempting to load the library in certain
scenarios.
-- Robie Basak <email address hidden> Tue, 18 Aug 2020 15:34:21 +0100
-
mysql-8.0 (8.0.21-0ubuntu4) groovy; urgency=medium
* SECURITY REGRESSION: libmysqlclient loading issues (LP: #1889851)
- debian/patches/revert_faster_tls_model.patch: revert an upstream
commit that switches the tls-model to initial-exec. This is causing
"cannot allocate memory in static TLS block" errors when attempting
to load the library in certain scenarios.
-- Marc Deslauriers <email address hidden> Tue, 04 Aug 2020 07:39:21 -0400
-
mysql-8.0 (8.0.21-0ubuntu3) groovy; urgency=medium
* Fix FTBFS on RISC-V.
- d/p/use-largest-lock-free-type-selector-on-riscv.patch: Force
the use of Largest_lock_free_type_selector instead of
Lock_free_type_selector when compiling for RISC-V, since the
latter will cause a compilation failure due to RISC-V's
inability to provide the always-lock-free property for some
specific types.
-- Sergio Durigan Junior <email address hidden> Mon, 27 Jul 2020 09:00:46 -0400
-
mysql-8.0 (8.0.21-0ubuntu2) groovy; urgency=medium
* debian/tests/upstream: disable some tests that have expired
certificates until new ones can be obtained from the upstream repo.
* debian/tests/upstream: disable new test that can't locate
mysqltest_safe_process binary.
-- Marc Deslauriers <email address hidden> Mon, 20 Jul 2020 10:04:27 -0400
-
mysql-8.0 (8.0.21-0ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: Update to 8.0.21 to fix security issues
- CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550,
CVE-2020-14553, CVE-2020-14559, CVE-2020-14568, CVE-2020-14575,
CVE-2020-14576, CVE-2020-14586, CVE-2020-14591, CVE-2020-14597,
CVE-2020-14619, CVE-2020-14620, CVE-2020-14623, CVE-2020-14624,
CVE-2020-14631, CVE-2020-14632, CVE-2020-14633, CVE-2020-14634,
CVE-2020-14641, CVE-2020-14643, CVE-2020-14651, CVE-2020-14654,
CVE-2020-14656, CVE-2020-14663, CVE-2020-14678, CVE-2020-14680,
CVE-2020-14697, CVE-2020-14702
* debian/rules: disable some tests that have expired certificates until
new ones can be obtained from the upstream repo.
* debian/mysql-router.install, debian/mysql-server-core-8.0.install,
debian/mysql-testsuite-8.0.install: use wildcard for libprotobuf-lite
library version.
* debian/mysql-router.install: added router_protobuf.so.
* debian/mysql-testsuite-8.0.install: added
component_test_component_deinit.so.
* debian/patches/charset_file_crash.patch: don't crash on malformed
charset files in mysys/charset.cc (LP: #1884809)
-- Marc Deslauriers <email address hidden> Sun, 19 Jul 2020 09:40:56 -0400
-
mysql-8.0 (8.0.20-0ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: Update to 8.0.20 to fix security issues
- CVE-2020-2759, CVE-2020-2760, CVE-2020-2762, CVE-2020-2763,
CVE-2020-2765, CVE-2020-2780, CVE-2020-2804, CVE-2020-2812,
CVE-2020-2892, CVE-2020-2893, CVE-2020-2895, CVE-2020-2896,
CVE-2020-2897, CVE-2020-2898, CVE-2020-2901, CVE-2020-2903,
CVE-2020-2904, CVE-2020-2921, CVE-2020-2923, CVE-2020-2924,
CVE-2020-2925, CVE-2020-2926, CVE-2020-2928, CVE-2020-2930
* debian/patches/year2020.patch: Dropped, no longer needed
* debian/mysql-router.install: updated paths for library locations.
-- Marc Deslauriers <email address hidden> Mon, 27 Apr 2020 12:48:11 -0400
-
mysql-8.0 (8.0.19-0ubuntu5) focal; urgency=medium
* debian/patches/atomic-test-words.patch: Adjust
HAVE_IB_GCC_ATOMIC_COMPARE_EXCHANGE test to use atomic builtins on ints
rather than chars, like the code that it enables. riscv64 needs -latomic
for atomic operations on chars, but MySQL doesn't actually need them.
* Link with -pthread everywhere on riscv64.
-- William Grant <email address hidden> Wed, 11 Mar 2020 12:34:54 +1100
