-
mysql-5.1 (5.1.61-0ubuntu0.10.10.1) maverick-security; urgency=low
* SECURITY UPDATE: Update to 5.1.61 to fix multiple security issues
(LP: #937869)
- http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
- CVE-2011-2262
- CVE-2012-0075
- CVE-2012-0112
- CVE-2012-0113
- CVE-2012-0114
- CVE-2012-0115
- CVE-2012-0116
- CVE-2012-0117
- CVE-2012-0118
- CVE-2012-0119
- CVE-2012-0120
- CVE-2012-0484
- CVE-2012-0485
- CVE-2012-0486
- CVE-2012-0487
- CVE-2012-0488
- CVE-2012-0489
- CVE-2012-0490
- CVE-2012-0491
- CVE-2012-0492
- CVE-2012-0493
- CVE-2012-0494
- CVE-2012-0495
- CVE-2012-0496
* Dropped patches unnecessary with 5.1.61:
- debian/patches/61_CVE-2010-3833.dpatch
- debian/patches/61_CVE-2010-3834.dpatch
- debian/patches/61_CVE-2010-3835.dpatch
- debian/patches/61_CVE-2010-3836.dpatch
- debian/patches/61_CVE-2010-3837.dpatch
- debian/patches/61_CVE-2010-3838.dpatch
- debian/patches/61_CVE-2010-3839.dpatch
- debian/patches/61_CVE-2010-3840.dpatch
- debian/patches/60_abi-check-include.dpatch
- debian/patches/62_disable_longfilename_test.dpatch
- debian/patches/90_fix_testsuite_for_installed_env.dpatch
* debian/mysql-client-5.1.docs: removed EXCEPTIONS-CLIENT file
* debian/mysql-server-5.1.docs,debian/libmysqlclient16.docs,
debian/libmysqlclient-dev.docs: removed, no longer necessary.
-- Marc Deslauriers <email address hidden> Wed, 22 Feb 2012 14:16:05 -0500
-
mysql-5.1 (5.1.49-1ubuntu8.1) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect propagation of type
errors.
- debian/patches/61_CVE-2010-3833.dpatch: properly check for execution
errors in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3833
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/61_CVE-2010-3834.dpatch: handle temporary tables in
sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via user-variable assignment
expression.
- debian/patches/61_CVE-2010-3835.dpatch: fix logic in sql/item_func.*,
Add tests to mysql-test/*.
- CVE-2010-3835
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/61_CVE-2010-3836.dpatch: make sure we're not in view
preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/61_CVE-2010-3837.dpatch: create a copy of the order
structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/61_CVE-2010-3838.dpatch: handle REAL_RESULT in
sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via certain queries with nested
joins.
- debian/patches/61_CVE-2010-3839.dpatch: fix nesting in
sql/sql_select.cc. Add tests to mysql-test/*.
- CVE-2010-3839
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/61_CVE-2010-3840.dpatch: improve data handling in
sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
* debian/patches/62_disable_longfilename_test.dpatch: disable the
partition_rename_longfilename test as it fails when building with
sbuild and schroots.
-- Marc Deslauriers <email address hidden> Tue, 09 Nov 2010 12:58:03 -0500
-
mysql-5.1 (5.1.49-1ubuntu8) maverick; urgency=low
* raising kill timeout to 300 to help avoid table corruption (LP: #620441)
-- Clint Byrum <email address hidden> Wed, 08 Sep 2010 09:36:13 -0700
-
mysql-5.1 (5.1.49-1ubuntu7) maverick; urgency=low
* debian/apparmor-profile: fix syntax error introduced in last upload
and remove added redundant access rule. LP: #622010, LP: #594932
-- Jamie Strandboge <email address hidden> Sat, 21 Aug 2010 22:16:40 -0500
-
mysql-5.1 (5.1.49-1ubuntu6) maverick; urgency=low
[Clint Byrum]
* Installing mysql_config_pic in /usr/bin so users of libmysqld-pic
can extract the appropriate compile flags. (LP: #605021)
[Chuck Short]
* debian/mysql-server.5.1.postinst: Specify the mysql user when installing
the mysql databases. (LP: #591875)
* debian/apparmor-profile: Update apparmor profile for mysql plugins.
(LP: #594932, #619172)
-- Chuck Short <email address hidden> Fri, 20 Aug 2010 10:12:48 -0400
-
mysql-5.1 (5.1.49-1ubuntu5) maverick; urgency=low
* New patch: 99_fix_testsuite_for_installed_env.dpatch: fix
mysql-testsuite to work with the installation location (LP: #617461)
* debian/apparmor-profile: add mmap access to mysql plugin location
(LP: #617463)
-- Steve Beattie <email address hidden> Thu, 12 Aug 2010 15:44:46 -0700
-
mysql-5.1 (5.1.49-1ubuntu4) maverick; urgency=low
* debian/rules: doy. Put dh_apparmor in binary-arch so more than just
i386 has the benefit of AppArmor protection, really fixing LP: #616417
-- Jamie Strandboge <email address hidden> Thu, 12 Aug 2010 07:11:57 -0500
-
mysql-5.1 (5.1.49-1ubuntu3) maverick; urgency=low
* debian/control: Build-Depends on debhelper 7.4.20ubuntu6, which has a
fix that prevented debhelper from creating the necessary output in
postinst (LP: #616417)
-- Jamie Strandboge <email address hidden> Wed, 11 Aug 2010 15:08:12 -0500
-
mysql-5.1 (5.1.49-1ubuntu2) maverick; urgency=low
* convert to using dh_apparmor:
- debian/rules, debian/mysql-server-5.1.postinst: use dh_apparmor
- debian/control: Build-Depends on debhelper 7.4.20ubuntu5
* debian/mysql-server-5.1.postrm: since it doesn't use DEBHELPER, update
to what we have in debhelper
* debian/apparmor-profile: update for local include
-- Jamie Strandboge <email address hidden> Fri, 06 Aug 2010 14:13:29 -0500
-
mysql-5.1 (5.1.49-1ubuntu1) maverick; urgency=low
* Merge from debian unstable:
+ debian/control:
* Update maintainer according to spec.
* Move section from "misc" to "database".
* Added libmysqlclient16-dev an empty transitional package.
* Added mysql-client-core-5.1 package.
* Suggest mailx for mysql-server-5.1
* Add mysql-testsuite package so you can run the testsuite seperately.
+ debian/additions/my.cnf:
* Remove language options. Error message files are located in a different directory in Mysql
5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0
and 5.1 use a different value that works. (LP: #316974)
+ Add apparmor profile:
+ debian/apparmor-profile: apparmor-profile
+ debian/rules, debian/mysql-server-5.1.files: install apparmor profile
+ debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain
+ debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge.
+ debian/mysql-server-5.1.README.Debian: add apparmor documentation.
+ debian/additions/my.cnf: Add warning about apparmor. (LP: #201799)
+ debian/mysql-server-5.1.postinst: reload apparmor profiles
* Convert the package from sysvinit to upstart:
+ debian/mysql-server-5.1.mysql.upstart: Add upstart script.
+ debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart.
+ debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart.
+ debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since
we're not piping anything around logger anymore.
+ debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation},
debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe
+ debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped
* Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures.
* Add Apport hook (LP: #354188):
+ debian/mysql-server-5.1.py: apport package hook
+ debian/rules: Make it installable
* debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before
running logrotate. (LP: #513135)
* Make the testsuite installable. (LP: #530752)
+ debian/mysql-server-5.1.files, debian/rules: install apport package hook
* debian/mysql-server-5.1.preinst: Set mysql user's home directory
to /nonexistent to protect against having the /var/lib/mysql
user-writeable. If an attacker can trick mysqld into creating
dot files in the home directory, he could do .rhost-like attacks
on the system. (LP: #293258)
* debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1.
(LP: #590952)
-- Chuck Short <email address hidden> Wed, 04 Aug 2010 13:18:27 -0400
-
mysql-5.1 (5.1.48-1ubuntu5) maverick; urgency=low
* debian/mysql-server-5.1.mysql.upstart: Fix upstart init script. (LP: #608423)
-- Chuck Short <email address hidden> Sun, 01 Aug 2010 11:23:11 -0400
-
mysql-5.1 (5.1.48-1ubuntu4) maverick; urgency=low
* debian/mysql-server-5.1.mysql.upstart: Update upstart job again, simpilfy things again.
-- Chuck Short <email address hidden> Wed, 28 Jul 2010 08:23:13 -0400
-
mysql-5.1 (5.1.48-1ubuntu3) maverick; urgency=low
* debian/mysql-server-5.1.mysq.upstart: Update upstart job, thanks to sPOiDar.
(LP: #551130)
-- Chuck Short <email address hidden> Wed, 21 Jul 2010 09:29:19 -0400
-
mysql-5.1 (5.1.48-1ubuntu2) maverick; urgency=low
* New patch 60_abi-check-includ; fix build failure in abi_check with newer
GCCs which will exit with failure when an #include can't be found;
LP: #579909.
-- Loic Minier <email address hidden> Wed, 14 Jul 2010 00:13:00 +0200
-
mysql-5.1 (5.1.48-1ubuntu1) maverick; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/control:
* Update maintainer according to spec.
* Move section from "misc" to "database".
* Added libmysqlclient16-dev an empty transitional package.
* Added mysql-client-core-5.1 package.
* Suggest mailx for mysql-server-5.1
* Add mysql-testsuite package so you can run the testsuite seperately.
+ debian/additions/my.cnf:
* Remove language options. Error message files are located in a different directory in Mysql
5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0
and 5.1 use a different value that works. (LP: #316974)
+ Add apparmor profile:
+ debian/apparmor-profile: apparmor-profile
+ debian/rules, debian/mysql-server-5.1.files: install apparmor profile
+ debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain
+ debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge.
+ debian/mysql-server-5.1.README.Debian: add apparmor documentation.
+ debian/additions/my.cnf: Add warning about apparmor. (LP: #201799)
+ debian/mysql-server-5.1.postinst: reload apparmor profiles
* Convert the package from sysvinit to upstart:
+ debian/mysql-server-5.1.mysql.upstart: Add upstart script.
+ debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart.
+ debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart.
+ debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since
we're not piping anything around logger anymore.
+ debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation},
debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe
+ debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped
* Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures.
* Add Apport hook (LP: #354188):
+ debian/mysql-server-5.1.py: apport package hook
+ debian/rules: Make it installable
* debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before
running logrotate. (LP: #513135)
* Make the testsuite installable. (LP: #530752)
+ debian/mysql-server-5.1.files, debian/rules: install apport package hook
* debian/mysql-server-5.1.preinst: Set mysql user's home directory
to /nonexistent to protect against having the /var/lib/mysql
user-writeable. If an attacker can trick mysqld into creating
dot files in the home directory, he could do .rhost-like attacks
on the system. (LP: #293258)
* debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1.
(LP: #590952)
-- Chuck Short <email address hidden> Mon, 21 Jun 2010 15:31:05 -0400
-
mysql-5.1 (5.1.47-1ubuntu2) maverick; urgency=low
* debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1.
(LP: #590952)
* debian/mysql-server-5.1.mysql.upstart: Dont start mysqld on runlevel 1.
(LP: #559533)
-- Chuck Short <email address hidden> Tue, 15 Jun 2010 11:20:15 -0400
-
mysql-5.1 (5.1.47-1ubuntu1) maverick; urgency=low
* Merge from debian unstable, remaining changes:
+ debian/control:
* Update maintainer according to spec.
* Move section from "misc" to "database".
* Added libmysqlclient16-dev an empty transitional package.
* Added mysql-client-core-5.1 package.
* Suggest mailx for mysql-server-5.1
* Add mysql-testsuite package so you can run the testsuite seperately.
+ debian/additions/my.cnf:
* Remove language options. Error message files are located in a different directory in Mysql
5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0
and 5.1 use a different value that works. (LP: #316974)
+ Add apparmor profile:
+ debian/apparmor-profile: apparmor-profile
+ debian/rules, debian/mysql-server-5.1.files: install apparmor profile
+ debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain
+ debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge.
+ debian/mysql-server-5.1.README.Debian: add apparmor documentation.
+ debian/additions/my.cnf: Add warning about apparmor. (LP: #201799)
+ debian/mysql-server-5.1.postinst: reload apparmor profiles
* Convert the package from sysvinit to upstart:
+ debian/mysql-server-5.1.mysql.upstart: Add upstart script.
+ debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart.
+ debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart.
+ debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since
we're not piping anything around logger anymore.
+ debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation},
debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe
+ debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped
* Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures.
* Add Apport hook (LP: #354188):
+ debian/mysql-server-5.1.py: apport package hook
+ debian/rules: Make it installable
* debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before
running logrotate. (LP: #513135)
* Make the testsuite installable. (LP: #530752)
+ debian/mysql-server-5.1.files, debian/rules: install apport package hook
* debian/mysql-server-5.1.preinst: Set mysql user's home directory
to /nonexistent to protect against having the /var/lib/mysql
user-writeable. If an attacker can trick mysqld into creating
dot files in the home directory, he could do .rhost-like attacks
on the system. (LP: #293258)
* Dropped:
+ debian/patches/51_ssl_test_certs: Certs have been updated up until 2015.
-- Chuck Short <email address hidden> Wed, 26 May 2010 09:27:48 -0400
