-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu10.5) jaunty-security; urgency=low
* SECURITY UPDATE: privilege check bypass via crafted table name argument
to COM_FIELD_LIST
- debian/patches/102_CVE-2010-1848.dpatch: check table name in
sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/101_CVE-2010-1849.dpatch: handle big packets in
sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/100_CVE-2010-1850.dpatch: check table name length in
sql/sql_parse.cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/103_CVE-2010-1626.dpatch: check for symlinks in
myisam/mi_delete_table.c, add tests to mysql-test/*.
- CVE-2010-1626
-- Marc Deslauriers <email address hidden> Thu, 27 May 2010 11:52:10 -0400
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu10.3) jaunty-security; urgency=low
* SECURITY UPDATE: Cross-site scripting in the command-line client
- debian/patches/93_CVE-2008-4456.dpatch: use xmlencode_print in
client/mysql.cc, add test to mysql-test/*.
- CVE-2008-4456
* SECURITY UPDATE: format string vulnerabilities in the dispatch_command
function
- debian/patches/94_CVE-2009-2446.dpatch: use correct format string in
sql/sql_parse.cc, add test to tests/mysql_client_test.c.
- CVE-2009-2446
* SECURITY UPDATE: denial of service via certain SELECT statements with
subqueries and statements that use the GeomFromWKB function
- debian/patches/95_CVE-2009-4019.dpatch: return proper errors in
sql/sql_class.cc, handle errors in sql/sql_select.cc, set correct
null_value in sql/item_geofunc.cc, add tests to mysql-test/*.
- CVE-2009-4019
* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
of the mysql_unpacked_real_data_home value
- debian/patches/96_CVE-2009-4030.dpatch: fix initialization order in
sql/mysqld.cc.
- CVE-2009-4030
* SECURITY UPDATE: arbitrary code execution via yassl stack overflow
- debian/patches/97_CVE-2009-4484.dpatch: validate lengths in
extra/yassl/taocrypt/src/asn.*.
- CVE-2009-4484
* debian/patches/92_ssl_test_cert.dpatch: disabled patch as certs are now
expired.
* debian/patches/98_ssl_test_certs.dpatch: update certificates in the
test suite as they are expired. The new certs expire 2015-01-28.
-- Marc Deslauriers <email address hidden> Mon, 08 Feb 2010 08:50:16 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu10.2) jaunty-proposed; urgency=low
* debian/patches/38_scripts__mysqld_safe.sh__signals.dpatch: wait in the
SIGHUP trap to avoid killing an existing mysqld process when a HUP signal
is sent to mysqld_safe. (LP: #326768)
-- Mathias Gug <email address hidden> Mon, 11 May 2009 22:41:44 -0400
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu10.1) jaunty-proposed; urgency=low
* debian/patches/38_scripts__mysqld_safe.sh__signals.dpatch:
- Don't trap sighup as it's causing mysqld to refresh while it has
open connections. (LP: #326768)
-- Mario Limonciello <email address hidden> Tue, 05 May 2009 13:28:47 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu10) jaunty; urgency=low
* debian/mysql-server-5.0.postinst: Clear out the second password
when setting up mysql. (LP: #344816)
-- Chuck Short <email address hidden> Mon, 30 Mar 2009 14:59:35 -0400
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu9) jaunty; urgency=low
* debian/apparmor-profile: add 'network tcp' and access to
/var/run/samba/winbindd_privileged/pipe (LP: #306886)
* debian/apparmor-profile: add '/var/log/mysql.log rw' and
'/var/log/mysql.err rw' (LP: #348532)
-- Jamie Strandboge <email address hidden> Wed, 25 Mar 2009 11:47:10 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu8) jaunty; urgency=low
* debian/apparmor-profile: add 'capability sys_resource' so that
settings in /etc/mysql/my.cnf will work properly (LP: #306541)
-- Jamie Strandboge <email address hidden> Tue, 17 Mar 2009 18:04:05 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu7) jaunty; urgency=low
* Revert 56-mysqlhotcopy-invalid-dbtable.dpatch: The behavior of
$dbh->tables() has changed. Instead of returning a simple
"tablename" it returns a full "databasename.tablename". LP: #296952
-- Andreas Olsson <email address hidden> Sat, 31 Jan 2009 22:34:54 +0100
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu6) jaunty; urgency=low
[ Andreas Olsson <email address hidden> ]
* Modifies debian-start.inc.sh to support ANSI mode (LP: #310211)
-- Dustin Kirkland <email address hidden> Thu, 12 Feb 2009 14:39:04 -0600
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu5) jaunty; urgency=low
[ Andreas Olsson ]
* debian/patches/92_ssl_test_cert.dpatch: Re-generated the PKI files needed
for the tests.
(LP: #323755)
-- Mathias Gug <email address hidden> Tue, 03 Feb 2009 04:36:21 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu4) jaunty; urgency=low
* debian/additions/my.cnf: remove language option. Error message files are
located in a different directory in MySQL 5.1. Setting the language option
to use /usr/share/mysql/ breaks 5.1. Both 5.0 and 5.1 use a default value
that works. (LP: #316974).
-- Mathias Gug <email address hidden> Thu, 29 Jan 2009 16:01:31 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu3) jaunty; urgency=low
* debian/additions/my.cnf: remove skip-bdb option. This option is not
available in 5.1 anymore. Moreover 5.0 isn't build with the BerkeleyDB
engine. (LP: #316849)
* debian/mysql-sever-core-5.0.files: move character sets files to -core as
they're required for mysqld to properly support character sets.
-- Mathias Gug <email address hidden> Wed, 21 Jan 2009 19:41:14 -0500
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu2) jaunty; urgency=low
* Create mysql-server-core-5.0 package for files needed by Akonadi
-- Jonathan Riddell <email address hidden> Fri, 16 Jan 2009 11:34:29 +0000
-
mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu1) jaunty; urgency=low
* No change upload. Rebuild so that libmysqlclient15-dev is again available
in jaunty. mysql-dfsg-5.1_5.1.30-2ubuntu1 provided a libmysqlclient15-dev
transitional package. -2ubuntu2 doesn't provide libmysqlclient15-dev
anymore. (LP: #316280).
-- Mathias Gug <email address hidden> Tue, 13 Jan 2009 13:24:13 -0500
-
mysql-dfsg-5.0 (5.0.75-1ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes:
- Set maintainer to Ubuntu Core dev. Move Debian maintainer to
XSBC-Original-Maintainer.
- Add a mysql-doc-5.0 as a Suggest to mysql-client-5.0 mysql-server-5.0
and libmysql15-dev
- Prepend XS-Original- to Vcs-{Browser, SVN}.
- Fix man page conflicts with mysql-doc-5.0 when upgrading from gutsy
for mysql-server-5.0, mysql-client-5.0, and libmysqlclient15-dev
packages.
- Replaces and Conflicts apparmour-profiles << 2.1+1075-0ubuntu4 to allow
proper upgrades from gutsy.
- Lower mailx from a Recommends to a Suggests, which is pulling in
exim4 on all installs fo mysql-server. (LP: #259477)
* debian/rules:
- Apply same configuration options on lopia as for i386.
- Replace --with-comment="Debian" with --with-comment"Ubuntu".
* debian/additions/my.cnf:
- Add note about the "/etc/mysql/conf.d" directory in my.cnf.
- Add warning about apparmor. (LP: #201799)
* Follow ApparmorProfileMigration and force apparmor complain mode on some
upgrades (LP: #203531)
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/mysql-server-5.0.dirs: add etc/apparmor.d/force-complain
- debian/mysql-server-5.0.preinst: create symlink for force-complain/
on pre-feisty upgrades, upgrades where apparmor-profiles profile is
unchanged (ie non-enforcing) and upgrades where the profile doesn't
exist.
- debian/mysql-server-5.0.postrm: remove symlink in force-complain/ on
purge.
mysql-dfsg-5.0 (5.0.75-1) unstable; urgency=low
* New upstream release.
* Update patches:
+ debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch
* Remove patches:
+ debian/patches/50_fix_agg_functions.dpatch
-- Chuck Short <email address hidden> Tue, 06 Jan 2009 22:04:12 +0000
-
mysql-dfsg-5.0 (5.0.75-0ubuntu1) jaunty; urgency=low
* New upstream release.
* debian/rules
+ Add -fno-strict-aliasing to fix FTBFS failures in the mysql
testsuite.
* Dropped debian/patches/80_fix_user_setup_on_localhost.dpatch. Already
fixed upstream.
-- Chuck Short <email address hidden> Tue, 06 Jan 2009 08:59:29 -0500
-
mysql-dfsg-5.0 (5.0.67-0ubuntu6) intrepid; urgency=low
* Clean up mysql apparmor profile. (LP: #270663)
-- Chuck Short <email address hidden> Thu, 18 Sep 2008 09:37:56 -0400