Ubuntu
mariadb-10.0 package

Change logs for mariadb-10.0 source package in Xenial

  1. Xenial (16.04)
  2. Change log 
  • mariadb-10.0 (10.0.38-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.38. Includes fixes for
    the following security vulnerabilities (LP: #1814258):
    - CVE-2019-2537
    - CVE-2019-2529
  * Previous release 10.0.37 included fixes for the following security
    vulnerabilities:
    - CVE-2019-2503
    - CVE-2018-3282
    - CVE-2018-3251
    - CVE-2018-3174
    - CVE-2018-3156
    - CVE-2018-3143
    - CVE-2016-9843

 -- Otto Kekäläinen <email address hidden>  Fri, 01 Feb 2019 14:51:00 +0100
  • mariadb-10.0 (10.0.36-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.36. Includes fixes for
    the following security vulnerabilities (LP: #1779715):
    - CVE-2018-3066
    - CVE-2018-3064
    - CVE-2018-3063
    - CVE-2018-3058
  * Previous release 10.0.35 included included fixes for
    - CVE-2018-3081
    - CVE-2018-2819
    - CVE-2018-2817
    - CVE-2018-2813
    - CVE-2018-2787
    - CVE-2018-2784
    - CVE-2018-2782
    - CVE-2018-2781
    - CVE-2018-2771
    - CVE-2018-2766
    - CVE-2018-2761
    - CVE-2018-2755

 -- Otto Kekäläinen <email address hidden>  Thu, 02 Aug 2018 23:45:15 +0800
  • mariadb-10.0 (10.0.34-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.34. Includes fixes for
    the following security vulnerabilities (LP: #1751920):
    - CVE-2018-2668
    - CVE-2018-2665
    - CVE-2018-2640
    - CVE-2018-2622
    - CVE-2018-2612
    - CVE-2018-2562
  * Update git-buildpackage Debian branch setting so gbp import-orig works
  * Update VCS-* links to point to the new source repository

 -- Otto Kekäläinen <email address hidden>  Mon, 26 Feb 2018 18:07:48 -0500
  • mariadb-10.0 (10.0.33-0ubuntu0.16.04.1) xenial-security; urgency=high

  [ Otto Kekäläinen ]
  * SECURITY UPDATE: New upstream release 10.0.33. Includes fixes for the
    following security vulnerabilities (LP: #1740608):
    - CVE-2017-10378
    - CVE-2017-10268
    - MDEV-13819
  * Previous release 10.0.32 included included fixes for
    - CVE-2017-10384
    - CVE-2017-10379
    - CVE-2017-10286
    - CVE-2017-3636
    - CVE-2017-3641
    - CVE-2017-3653
  * Remove InnoDB build failure fix applied upstream

 -- Otto Kekäläinen <email address hidden>  Thu, 04 Jan 2018 11:44:00 +0200
  • mariadb-10.0 (10.0.31-0ubuntu0.16.04.2) xenial-security; urgency=high

  [ Otto Kekäläinen ]
  * SECURITY UPDATE: New upstream release 10.0.31. Includes fixes for the
    following security vulnerabilities (LP: #1698689):
    - CVE-2017-3464
    - CVE-2017-3456
    - CVE-2017-3453
    - CVE-2017-3309
    - CVE-2017-3308
  * Previous release 10.0.30 included included fixes for
    the following security vulnerabilities:
    - CVE-2017-3313
    - CVE-2017-3302
  * Includes upstream fix for Debian log rotate to not rotate binary/relay
    logs (MDEV-11610).

  [ Vicențiu Ciorbaru ]
  * Add patch that fixes upstream regression in 10.0.31 which made builds
    on powerpc fail (‘ib_mutex_t’ does not name a type).

 -- Otto Kekäläinen <email address hidden>  Wed, 28 Jun 2017 22:12:03 +0300
  • mariadb-10.0 (10.0.29-0ubuntu0.16.04.1) xenial-security; urgency=high

  * SECURITY UPDATE: New upstream release 10.0.29. Includes fixes for the
    following security vulnerabilities (LP: #1657594):
    - CVE-2017-3318
    - CVE-2017-3317
    - CVE-2017-3312
    - CVE-2017-3291
    - CVE-2017-3265
    - CVE-2017-3258
    - CVE-2017-3257
    - CVE-2017-3244
    - CVE-2017-3243
    - CVE-2017-3238
    - CVE-2016-6664

 -- Otto Kekäläinen <email address hidden>  Thu, 19 Jan 2017 08:58:35 +0200
  • mariadb-10.0 (10.0.28-0ubuntu0.16.04.1) xenial-security; urgency=low

  * SECURITY UPDATE: New upstream release 10.0.28. Includes fixes for the
    following security vulnerabilities (LP: #1638125):
    - CVE-2016-8283
    - CVE-2016-7440
    - CVE-2016-6663
    - CVE-2016-5629
    - CVE-2016-5626
    - CVE-2016-5624
    - CVE-2016-5616
    - CVE-2016-5584
    - CVE-2016-3492
  * Update old changelog entries to include new CVE identifiers

 -- Otto Kekäläinen <email address hidden>  Mon, 31 Oct 2016 22:34:22 +0200
  • mariadb-10.0 (10.0.27-0ubuntu0.16.04.1) xenial-security; urgency=low

  * SECURITY UPDATE: New upstream release 10.0.27. Includes fixes for the
    following security vulnerabilities (LP: #1605493):
    - CVE-2016-6662
  * Previous release 10.0.26 included included fixes for
    the following security vulnerabilities:
    - CVE-2016-3615
    - CVE-2016-3521
    - CVE-2016-3477
  * Update old changelog entries to include new CVE identifiers

 -- Otto Kekäläinen <email address hidden>  Wed, 14 Sep 2016 22:30:17 +0300
  • mariadb-10.0 (10.0.25-0ubuntu0.16.04.1) xenial-security; urgency=low

  * SECURITY UPDATE: New upstream release 10.0.25. Includes fixes for the
    following security vulnerabilities (LP: #1589302):
    - CVE-2016-0666
    - CVE-2016-0655
    - CVE-2016-0648
    - CVE-2016-0647
    - CVE-2016-0643
  * Includes fixes done in 10.0.24 for the following security vulnerabilities:
    - CVE-2016-0668
    - CVE-2016-0650
    - CVE-2016-0649
    - CVE-2016-0646
    - CVE-2016-0644
    - CVE-2016-0641
    - CVE-2016-0640
  * Updated old changelog entries to include new CVE identifiers.
  * Upstream included changes to logrotate script that supports systems that
    has multiple mysqld processes running (Closes: #810968).
  * Upstream included bugfix to mariadb-server-10.0 postinstall.
  * Update Maintainer in d/control to match Ubuntu conventions.

 -- Otto Kekäläinen <email address hidden>  Wed, 08 Jun 2016 11:31:46 -0400
  • mariadb-10.0 (10.0.24-7ubuntu0.1) xenial; urgency=medium

  * Recompile to resolve miscompilation on s390x architecture. LP:
    #1572613

 -- Dimitri John Ledkov <email address hidden>  Fri, 20 May 2016 04:29:54 +0100
  • mariadb-10.0 (10.0.24-7) unstable; urgency=low

  * Temporarily remove mariadb-plugin-cassandra as Debian FTP bot thinks
    it wasn't there before 10.0.24-6 and put the package in the NEW queue.

 -- Otto Kekäläinen <email address hidden>  Wed, 13 Apr 2016 13:24:28 +0300
  • mariadb-10.0 (10.0.24-5ubuntu2) xenial; urgency=medium

  * Again, don't run the tests in parallel.

 -- Matthias Klose <email address hidden>  Wed, 30 Mar 2016 13:25:55 +0100
  • mariadb-10.0 (10.0.24-5ubuntu1) xenial; urgency=medium

  * Again, don't run the tests in parallel.

 -- Matthias Klose <email address hidden>  Wed, 30 Mar 2016 13:25:55 +0100
  • mariadb-10.0 (10.0.24-5) unstable; urgency=low

  * Disable sporadically failing rpl_binlog_index test on PowerPC.
  * Disable another sporadic on amd64 and update all Jira links.
  * Fix typo in Mroonga prerm script.

 -- Otto Kekäläinen <email address hidden>  Sat, 12 Mar 2016 10:08:23 +0200
  • mariadb-10.0 (10.0.24-1ubuntu2) xenial; urgency=medium

  * Try to run tests sequentially on s390x.

 -- Matthias Klose <email address hidden>  Wed, 24 Feb 2016 23:25:46 +0100
  • mariadb-10.0 (10.0.24-1ubuntu1) xenial; urgency=medium

  * Don't set MAKEFLAGS.
  * On arm64, ppc64el and s390x, run test with --parallel=2 to reduce memory
    usage and build failures.

 -- Matthias Klose <email address hidden>  Wed, 24 Feb 2016 17:56:38 +0100
  • mariadb-10.0 (10.0.24-1) unstable; urgency=low

  [Otto Kekäläinen]
  * New upstream release 10.0.24
    - Drop auth_socket patches as MDEV-8375 was partially fixed upstream
    - Refresh other patches
  * Update filenames in d/copyright

  [Ian Gilfillan]
  * Add missing mysql_embedded man page

 -- Otto Kekäläinen <email address hidden>  Sat, 20 Feb 2016 14:23:50 +0200
  • mariadb-10.0 (10.0.23-3) unstable; urgency=low

  * Add Lintian overrides for TokuDB sources that indeed need autotools files
  * Split TokuDB, Mroonga, Spider and Cassandra into their own packages and
    start using new naming scheme 'mariadb-plugin-xzy' and rename existing
    Connect and OQGraph packages accordingly (Closes: #773727)
  * There is no need for mariadb-test packages to contain the version in the
    package name, so remove it. It only makes sense to keep the version number
    in the client and server packages, which users actually want to pin to.
  * Update standards version

 -- Otto Kekäläinen <email address hidden>  Tue, 26 Jan 2016 11:34:48 +0200
  • mariadb-10.0 (10.0.23-2) unstable; urgency=low

  * Skip unstable Spider tests on Launchpad s390x builds
  * Extend install lists with missing files after reviewing the list
    of files produced by the build process
  * Update server README.Debian to match current unix socekt authentication
  * Lintian fixes and more updates to TokuDB plugin copyright paths
  * Move mysql_upgrade to server core package so that Akonadi and similar
    core package consumers can upgrade the database. Also update control file
    with breaks/replaces to allow smooth upgrades (Closes: #793977).
  * Update slow_query_log_file configuration syntax to match upstream's. Also
    fixes #677222 in MariaDB packages.
  * Rename and install Apport hook correctly
  * Remove Taocrypt workaround fixed upstream long since #627208
  * Removed CFLAGS and CXXFLAGS as suggested by Lars Tangvald and also done
    in mysql-5.6 packaging commit id 16a64e810e28f1d0b66ede274cd4c2b1a425fecb
  * Unmask the systemd mysql.service if left behind by a mysql-server-5.6
    installation, otherwise the MariaDB service would remain masked too.
  * Add gdb to build-deps as suggested in #627208 to get automatic stack traces
  * Updated Turkish translation by Atila KOÇ (Closes: #811414)

 -- Otto Kekäläinen <email address hidden>  Sat, 23 Jan 2016 23:07:15 +0200
  • mariadb-10.0 (10.0.23-1) unstable; urgency=low

  * New upstream release
  * Ignore test suite exit code on unstable platforms (mips, mipsel)
  * Update TokuDB plugin install and copyright paths to match latest
    release done under Percona ownership

 -- Otto Kekäläinen <email address hidden>  Sun, 20 Dec 2015 14:18:33 +0200
  • mariadb-10.0 (10.0.22-6) unstable; urgency=low

  * Add patches to make passwordless root login default on all new
    installs in all situations. Make auth_socket a built-in plugin.
  * Clean up previous passwordless root implementation so that it
    applies only to new installs and existing databases continue
    to operate with the passwords defined in their user tables
  * As disabled.def intrepreted test names in a special way, switch
    back to using --skip-test-list option
  * Make the watch file to make it better suited for the
    git-buildpackage workflow and remove call to uupdate

 -- Otto Kekäläinen <email address hidden>  Sat, 19 Dec 2015 22:28:23 +0200
  • mariadb-10.0 (10.0.22-5) unstable; urgency=low

  * Fix non-working path of unstable-test in d/rules
  * Add unstable test for amd64 to fix reproducible builds

 -- Otto Kekäläinen <email address hidden>  Thu, 17 Dec 2015 13:31:56 +0200
  • mariadb-10.0 (10.0.22-4) unstable; urgency=low

  * Upload to unstable

 -- Otto Kekäläinen <email address hidden>  Mon, 14 Dec 2015 00:49:14 +0200
  • mariadb-10.0 (10.0.22-3) unstable; urgency=low

  * Fix typo in d/rules
  * Extend list of unstable tests for arch mips, mipsel64 and alpha

 -- Otto Kekäläinen <email address hidden>  Fri, 11 Dec 2015 21:57:23 +0200
  • mariadb-10.0 (10.0.22-2) unstable; urgency=low

  * Escape d/rules file correctly to avoid parse error.
  * Remove patches/os_sync_Free patch that is not intended for production use.

 -- Otto Kekäläinen <email address hidden>  Fri, 20 Nov 2015 23:11:09 +0200
  • mariadb-10.0 (10.0.22-1) unstable; urgency=low

  [ Otto Kekäläinen ]
  * New upstream release. Includes fixes for the following security
    vulnerabilities (Closes: #802874):
    - CVE-2015-4802
    - CVE-2015-4807
    - CVE-2015-4815
    - CVE-2015-4826
    - CVE-2015-4830
    - CVE-2015-4836
    - CVE-2015-4858
    - CVE-2015-4861
    - CVE-2015-4870
    - CVE-2015-4913
    - CVE-2015-4792
  * New release includes updated man pages (Closes: #779992)
  * Update the most recent patches with proper DEP-3 compliant headers
  * Add CVE IDs to previous changelog entries

  [ Jean Weisbuch ]
  * Update mysqlreport to version 4.0

 -- Otto Kekäläinen <email address hidden>  Thu, 29 Oct 2015 23:02:01 +0200
  • mariadb-10.0 (10.0.22-0ubuntu1) xenial; urgency=low

  * SECURITY UPDATE: Update to 10.0.22 fixes security issues:
    (LP: #1512241)
    - CVE-2015-4802
    - CVE-2015-4807
    - CVE-2015-4815
    - CVE-2015-4826
    - CVE-2015-4830
    - CVE-2015-4836
    - CVE-2015-4858
    - CVE-2015-4861
    - CVE-2015-4870
    - CVE-2015-4913
    - CVE-2015-4792
  * Includes security issues fixed in 10.0.21:
    - CVE-2015-4816
    - CVE-2015-4819
    - CVE-2015-4879
    - CVE-2015-4895
    (LP: #1512241)
  * Upstream changed mysqld_safe_syslog.cnf to fix logging error

 -- Otto Kekäläinen <email address hidden>  Mon, 02 Nov 2015 09:25:30 +0200
  • mariadb-10.0 (10.0.20-0ubuntu0.15.04.1) vivid-security; urgency=low

  * SECURITY UPDATE: Update to 10.0.20 (via .18 and .19) fixes security issues:
    - CVE-2015-3152: Client command line option --ssl-verify-server-cert (and
      MYSQL_OPT_SSL_VERIFY_SERVER_CERT option of the client API) when used
      together with --ssl will ensure that the established connection is
      SSL-encrypted and the MariaDB server has a valid certificate.
      (LP: #1464895)
    - CVE-2014-8964: bundled PCRE contained heap-based buffer overflow
      vulnerability that allowed the server to crash or have other unspecified
      impact via a crafted regular expression made possible with the
      REGEXP_SUBSTR function (MDEV-8006).
    - CVE-2015-0501
    - CVE-2015-2571
    - CVE-2015-0505
    - CVE-2015-0499
    (LP: #1451677)
  * New release includes fix for memory corruption on arm64 (LP: #1427406)
  * Upstream also includes lots of line ending changes (from CRLF -> LF)

 -- Otto Kekäläinen <email address hidden>  Fri, 03 Jul 2015 17:39:42 +0300