-
mysql-5.5 (5.5.37-0ubuntu0.12.10.1) quantal-security; urgency=medium
* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- CVE-2014-0001
- CVE-2014-0384
- CVE-2014-2419
- CVE-2014-2430
- CVE-2014-2431
- CVE-2014-2432
- CVE-2014-2436
- CVE-2014-2438
- CVE-2014-2440
* Drop creation of insecure database permissions:
- d/p/33_scripts__mysql_create_system_tables__no_test.patch,
d/p/41_scripts__mysql_install_db.sh__no_test.patch,
d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
package, inadvertently dropped in 5.5 transition. This
removes the global anonymous access to the database which
is a security concern.
-- Marc Deslauriers <email address hidden> Sun, 20 Apr 2014 09:15:17 -0400
-
mysql-5.5 (5.5.35-0ubuntu0.12.10.2) quantal; urgency=medium
[ Eduardo Damato ]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Dave Chiluk <email address hidden> Tue, 21 Jan 2014 13:09:30 -0500
-
mysql-5.5 (5.5.35-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.35 to fix security issues (LP: #1269993)
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- CVE-2013-5891
- CVE-2013-5908
- CVE-2014-0386
- CVE-2014-0393
- CVE-2014-0401
- CVE-2014-0402
- CVE-2014-0412
- CVE-2014-0420
- CVE-2014-0437
-- Marc Deslauriers <email address hidden> Thu, 16 Jan 2014 19:54:22 -0500
-
mysql-5.5 (5.5.34-0ubuntu0.12.10.2) quantal; urgency=low
[ Eduardo Damato ]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Dave Chiluk <email address hidden> Thu, 09 Jan 2014 09:47:37 -0600
-
mysql-5.5 (5.5.34-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.34 to fix security issues (LP: #1243253)
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- CVE-2013-3839
- CVE-2013-5807
-- Marc Deslauriers <email address hidden> Tue, 22 Oct 2013 12:56:25 -0400
-
mysql-5.5 (5.5.32-0ubuntu0.12.10.2) quantal-proposed; urgency=low
[Eduardo Damato]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Adam Stokes <email address hidden> Wed, 31 Jul 2013 15:13:04 -0400
-
mysql-5.5 (5.5.32-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
- http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
- CVE-2013-1861
- CVE-2013-3783
- CVE-2013-3793
- CVE-2013-3802
- CVE-2013-3804
- CVE-2013-3809
- CVE-2013-3812
* SECURITY UPDATE: insecure creation of debian.cnf file
- debian/mysql-server-5.5.postinst: set umask to 066 before creating
debian.cnf.
- CVE-2013-2162
* Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
* Fix FTBFS from test suite failure
- debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.
-- Marc Deslauriers <email address hidden> Tue, 23 Jul 2013 19:08:38 -0400
-
mysql-5.5 (5.5.31-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.31 to fix security issues (LP: #1170516)
- http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
* debian/patches/71_disable_rpl_tests.patch: refreshed.
* debian/patches/fix-mysqldump-test.patch: removed, fixed differently
upstream
-- Seth Arnold <email address hidden> Thu, 18 Apr 2013 18:15:39 -0700
-
mysql-5.5 (5.5.29-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.29 to fix security issues (LP: #1100264)
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
* debian/patches/CVE-2012-5611.patch: removed, included upstream.
* debian/patches/38_scripts__mysqld_safe.sh__signals.patch: refreshed.
-- Marc Deslauriers <email address hidden> Wed, 16 Jan 2013 10:11:37 -0500
-
mysql-5.5 (5.5.28-0ubuntu0.12.10.2) quantal-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via long argument
- debian/patches/CVE-2012-5611.patch: don't overflow buffer in
sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test,
mysql-test/r/information_schema.result.
- CVE-2012-5611
-- Marc Deslauriers <email address hidden> Fri, 07 Dec 2012 09:32:27 -0500
-
mysql-5.5 (5.5.28-0ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Update to 5.5.28 to fix security issues (LP: #1068158)
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
* debian/patches/fix-mysqlhotcopy.patch: removed, included upstream.
-- Marc Deslauriers <email address hidden> Thu, 18 Oct 2012 11:09:57 -0400
-
mysql-5.5 (5.5.27-0ubuntu2) quantal; urgency=low
* Fix mysqlhotcopy for databases containing views (LP: #1015033):
- d/patches/fix-mysqlhotcopy.patch: Fix picked from upstream bug
tracker which is included in mysql >= 5.6.
* Enable use of native AIO (LP: #999766):
- d/rules,control: BD on libaio-dev, Enable AIO flags during package
build process.
* Make innotop usable without installing Suggests (LP: #1000605):
- d/control: Promote libterm-readkey-perl from Suggests to Depends.
-- James Page <email address hidden> Fri, 07 Sep 2012 08:06:13 +0100
-
mysql-5.5 (5.5.27-0ubuntu1) quantal-proposed; urgency=low
* New upstream release.
-- Clint Byrum <email address hidden> Thu, 23 Aug 2012 13:44:28 -0700
-
mysql-5.5 (5.5.25a-0ubuntu2) quantal-proposed; urgency=low
[ Clint Byrum ]
* d/mysql-server-5.5.py: Update apport hook to add mysql error log.
also fix small bug found in testing with missing string import.
[ Marc Deslauriers ]
* d/mysql-server-5.5.py: use attach_mac_events() to properly attach and
tag AppArmor denied messages.
-- Marc Deslauriers <email address hidden> Mon, 20 Aug 2012 12:36:05 -0400
-
mysql-5.5 (5.5.25a-0ubuntu1) quantal; urgency=low
[ Clint Byrum ]
* New upstream release.
* d/additions/my.cnf: Ensure mysql errors are written to log file.
(LP: #1014732)
* d/mysql-server-5.5.mysql-server.logrotate: Add
/var/log/mysql/error.log so it is rotated properly. (LP: #879560)
* d/control: remove Vcs-* as they are inaccurate in Ubuntu.
* d/rules: use WITH_SSL=bundled to ensure that we do not accidentally
build against openssl.
* d/control, d/rules: cherry pick fix from Debian to use gcc 4.4 only
for i386 to work around problems with yaSSL assembly (LP: #1012139)
[ Matthieu Baerts (matttbe) ]
* Update apport hook for python3 ; patch by Edward Donovan (LP: #1013171)
-- Clint Byrum <email address hidden> Thu, 19 Jul 2012 16:14:50 -0700
-
mysql-5.5 (5.5.25-0ubuntu2) quantal; urgency=low
* d/control,d/rules: Revert to gcc 4.5 to workaround bug #1012139
-- Clint Byrum <email address hidden> Tue, 12 Jun 2012 11:25:22 -0700
-
mysql-5.5 (5.5.25-0ubuntu1) quantal; urgency=low
* New upstream release (LP: #1011371, LP: #986892)
* d/rules: change get-orig-source to pull from a working mirror.
* d/control: Build with default compiler instead of gcc 4.5
-- Clint Byrum <email address hidden> Mon, 11 Jun 2012 23:34:14 -0700
-
mysql-5.5 (5.5.22-0ubuntu1) precise; urgency=low
* New upstream release (LP: #965523)
* d/mysql-server-5.5.mysql.upstart: Add respawn limit and code
to exit ping loop if mysqld needs to be respawned. (LP: #711635)
* New upstream bugfix release.
* Refreshed patches
* d/control: Build-Dep on dh-apparmor (LP: #948481)
* d/p/fix-mysqldump-test.patch: Fixes unreliable test introduced in
new upstream version. http://bugs.mysql.com/bug.php?id=64401
* d/control: Re-add empty meta-package for mysql-testsuite so users
will get the 5.5 version on upgrade and when installing
mysql-testsuite. (LP: #959683)
-- Clint Byrum <email address hidden> Thu, 29 Mar 2012 17:31:30 -0700
