Format: 1.7
Date: Thu, 13 Nov 2008 14:56:05 -0500
Source: mysql-dfsg-5.0
Binary: libmysqlclient15off libmysqlclient15-dev mysql-common mysql-client-5.0 mysql-server-5.0 mysql-server mysql-client
Architecture: all i386_translations i386
Version: 5.0.51a-3ubuntu5.4
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@rothera.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libmysqlclient15-dev - MySQL database development files
 libmysqlclient15off - MySQL database client library
 mysql-client - MySQL database client (meta package depending on the latest versi
 mysql-client-5.0 - MySQL database client binaries
 mysql-common - MySQL database common files
 mysql-server - MySQL database server (meta package depending on the latest versi
 mysql-server-5.0 - MySQL database server binaries
Launchpad-Bugs-Fixed: 254129
Changes: 
 mysql-dfsg-5.0 (5.0.51a-3ubuntu5.4) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via an empty bit-string literal (b'')
     - debian/patches/95_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string::
       Item_bin_string() in sql/item.cc to parse an empty bit-string literal
       as an empty string.
     - CVE-2008-3963
   * SECURITY UPDATE: privilege circumvention via the creation of MyISAM
     tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
     existing table files in the data directory. This update is a complete
     fix for the three CVE numbers listed below. This fix alters table creation
     behaviour by disallowing the use of the MySQL data directory in DATA
     DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
     - debian/patches/96_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL
       data directory in DATA DIRECTORY and INDEX DIRECTORY options.
     - CVE-2008-2079
     - CVE-2008-4097
     - CVE-2008-4098
   * debian/rules: do not update po tree for security updates.
Files: 
 8e8d4aa0af490eeadde3d1684c669de1 60302 misc optional mysql-common_5.0.51a-3ubuntu5.4_all.deb
 34a21b40b4e18dd8dbfbf5ca30fd8e53 54240 misc optional mysql-server_5.0.51a-3ubuntu5.4_all.deb
 8200893fa342e477a2af354d141015e7 52052 misc optional mysql-client_5.0.51a-3ubuntu5.4_all.deb
 9e11efc4c2afe4e9d2b052cde70b6919 37459 raw-translations - mysql-dfsg-5.0_5.0.51a-3ubuntu5.4_i386_translations.tar.gz
 247b3c027653b3f6cd9b89320ba7572e 1836766 libs optional libmysqlclient15off_5.0.51a-3ubuntu5.4_i386.deb
 f252c8299c00e805022a99374561eeba 7216262 libdevel optional libmysqlclient15-dev_5.0.51a-3ubuntu5.4_i386.deb
 f948d312520c64c0d73982e162201f09 7826312 misc optional mysql-client-5.0_5.0.51a-3ubuntu5.4_i386.deb
 090b315903161e7f72d0b7e2be804ee1 27427752 misc optional mysql-server-5.0_5.0.51a-3ubuntu5.4_i386.deb
Original-Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>