-
mysql-8.0 (8.0.37-0ubuntu0.20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.37 to fix security issues
- CVE-2024-20994, CVE-2024-20998, CVE-2024-21000, CVE-2024-21008,
CVE-2024-21009, CVE-2024-21013, CVE-2024-21047, CVE-2024-21054,
CVE-2024-21060, CVE-2024-21062, CVE-2024-21069, CVE-2024-21087,
CVE-2024-21096, CVE-2024-21102
- debian/patches/revert_faster_tls_model.patch: updated for new
version.
- debian/patches/disable_test_riscv64_ftbfs.patch: disable a test that
FTBFS on riscv64.
-- Marc Deslauriers <email address hidden> Wed, 22 May 2024 12:16:04 -0400
-
mysql-8.0 (8.0.36-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.36 to fix security issues
- CVE-2024-20960, CVE-2024-20961, CVE-2024-20962, CVE-2024-20963,
CVE-2024-20964, CVE-2024-20965, CVE-2024-20966, CVE-2024-20967,
CVE-2024-20969, CVE-2024-20970, CVE-2024-20971, CVE-2024-20972,
CVE-2024-20973, CVE-2024-20974, CVE-2024-20976, CVE-2024-20977,
CVE-2024-20978, CVE-2024-20981, CVE-2024-20982, CVE-2024-20983,
CVE-2024-20984, CVE-2024-20985
- debian/patches/revert_faster_tls_model.patch: updated for new
version.
* Removed patch no longer needed with 8.0.35+
- debian/patches/revert-be8348a7.patch: fix crash on startup on armhf
* Enable test suite on armhf (LP: #2024276)
- debian/rules: check for failures in armhf tests
- debian/patches/suppress_armhf_test_warning.patch: suppress warning
about the CYCLE timer not being available on armhf. (LP: #1999075)
- debian/patches/disable_64bits_time_armhf.patch: specify armhf doesn't
have a 64bit timer in mysql-test/include/have_64bits_time.inc.
-- Marc Deslauriers <email address hidden> Wed, 17 Jan 2024 15:13:42 -0500
-
mysql-8.0 (8.0.35-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.35 to fix security issues
- CVE-2023-22032, CVE-2023-22059, CVE-2023-22064, CVE-2023-22066,
CVE-2023-22068, CVE-2023-22070, CVE-2023-22078, CVE-2023-22079,
CVE-2023-22084, CVE-2023-22092, CVE-2023-22097, CVE-2023-22103,
CVE-2023-22112, CVE-2023-22114
-- Marc Deslauriers <email address hidden> Wed, 25 Oct 2023 13:34:23 -0400
-
mysql-8.0 (8.0.34-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.34 to fix security issues
- CVE-2023-22005, CVE-2023-22008, CVE-2023-22033, CVE-2023-22038,
CVE-2023-22046, CVE-2023-22048, CVE-2023-22053, CVE-2023-22054,
CVE-2023-22056, CVE-2023-22057, CVE-2023-22058
- d/p/fix_expired_date_in_test.patch: removed, no longer needed with
new version.
-- Marc Deslauriers <email address hidden> Fri, 21 Jul 2023 09:03:20 -0400
-
mysql-8.0 (8.0.33-0ubuntu0.20.04.4) focal; urgency=medium
* d/t/upstream: Ignore upstream tests due to s390x failure (LP: #2020910)
Due to slight variation in the optimization of join statements on s390x, a
few upstream tests fail as they show a cost slightly higher than expected.
The tests include main.subquery_sj_all_bka_nobnl and
main.subquery_sj_mat_bka_nobnl
mysql-8.0 (8.0.33-0ubuntu0.20.04.3) focal; urgency=medium
* d/p/mysql_secure_installation-remove-root-pw-creation.patch: Fix
mysql_secure_installation by removing root password creation (LP: #1980466)
-- Lena Voytek <email address hidden> Wed, 14 Jun 2023 12:45:13 -0700
-
mysql-8.0 (8.0.33-0ubuntu0.20.04.3) focal; urgency=medium
* d/p/mysql_secure_installation-remove-root-pw-creation.patch: Fix
mysql_secure_installation by removing root password creation (LP: #1980466)
-- Lena Voytek <email address hidden> Thu, 08 Jun 2023 07:53:54 -0700
-
mysql-8.0 (8.0.33-0ubuntu0.20.04.2) focal-security; urgency=medium
* Fix crash on startup on armhf (LP: #2019203)
- debian/patches/revert-be8348a7.patch: revert upstream commit.
* Fix expired date in main.derived_condition_pushdown test
- debian/patches/fix_expired_date_in_test.patch: update expired date.
-- Marc Deslauriers <email address hidden> Thu, 11 May 2023 19:16:02 -0400
-
mysql-8.0 (8.0.33-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.33 to fix security issues
- CVE-2023-21911, CVE-2023-21919, CVE-2023-21920, CVE-2023-21929,
CVE-2023-21933, CVE-2023-21935, CVE-2023-21940, CVE-2023-21945,
CVE-2023-21946, CVE-2023-21947, CVE-2023-21953, CVE-2023-21955,
CVE-2023-21962, CVE-2023-21966, CVE-2023-21972, CVE-2023-21976,
CVE-2023-21977, CVE-2023-21980, CVE-2023-21982
- debian/*.install: Added new files.
- d/p/revert-router-to-8.0.31/*.patch: removed, no longer needed with
new version.
-- Marc Deslauriers <email address hidden> Fri, 21 Apr 2023 10:17:04 -0400
-
mysql-8.0 (8.0.32-0ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY REGRESSION: Regression with PyMySQL (LP: #2003835)
- d/p/revert-router-to-8.0.31/*.patch: Revert every patch that modified
the router directory in version 8.0.32, except for the following:
605df79542d, b806d2bbb2d, faabb6e7404, 1ae29236865, d03f34cd9fe.
- debian/mysql-router-8.0.install: Removed destination_status files.
-- Marc Deslauriers <email address hidden> Sat, 28 Jan 2023 09:44:32 -0500
-
mysql-8.0 (8.0.32-0buntu0.20.04.1) focal-security; urgency=medium
[ Lars Tangvald ]
* Imported upstream version 8.0.32 to fix security issues
- https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
- CVE-2022-32221 CVE-2023-21836 CVE-2023-21868 CVE-2023-21869
- CVE-2023-21871 CVE-2023-21875 CVE-2023-21877 CVE-2023-21863
- CVE-2023-21867 CVE-2023-21870 CVE-2023-21873 CVE-2023-21876
- CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881
- CVE-2023-21883 CVE-2023-21882 CVE-2023-21887
Upstream release notes:
- https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html
* Remove empty changelog file Docs/Changelog
* debian/mysql-router-8.0.install: Added new files
[ Marc Deslauriers ]
* debian/patches/disable_timestamping_test.path: disable test that fails
to build on certain archs because of the presence of sizeof in macros.
-- Marc Deslauriers <email address hidden> Fri, 20 Jan 2023 06:54:21 -0500
-
mysql-8.0 (8.0.31-0ubuntu0.20.04.2) focal; urgency=medium
* d/mysql-server-8.0.postinst: Confirm mysqld shuts down with stop_server
after initialization to avoid overlapping use of port 3306 (LP: #1921378)
-- Lena Voytek <email address hidden> Tue, 15 Nov 2022 13:42:17 -0700
-
mysql-8.0 (8.0.31-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.31 to fix security issues (LP: #1992453)
- debian/tests/upstream: disable main.derived_limit test that fails on
s390x.
- Remove d/p/fix_path_mysql_keyring_encryption_test.patch: Fixed
upstream.
- Remove d/p/lp1971565.patch: Fixed upstream.
- debian/mysql-testsuite-8.0.install: added new files.
- CVE-2022-21594, CVE-2022-21599, CVE-2022-21604, CVE-2022-21608,
CVE-2022-21611, CVE-2022-21617, CVE-2022-21625, CVE-2022-21632,
CVE-2022-21633, CVE-2022-21637, CVE-2022-21640, CVE-2022-39400,
CVE-2022-39408, CVE-2022-39410
-- Marc Deslauriers <email address hidden> Wed, 19 Oct 2022 07:35:39 -0400
-
mysql-8.0 (8.0.30-0ubuntu0.20.04.3) focal; urgency=medium
* d/mysql-server-8.0.postinst: Confirm mysqld shuts down with stop_server
after initialization to avoid overlapping use of port 3306 (LP: #1921378)
-- Lena Voytek <email address hidden> Mon, 08 Aug 2022 07:38:05 -0700
-
mysql-8.0 (8.0.30-0ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.30 to fix security issues
- debian/patches/fix_path_mysql_keyring_encryption_test.patch:
refreshed.
- debian/mysql-testsuite-8.0.install: added conflicting_variables.so.
- debian/rules: use bundled zlib as it is required now.
- CVE-2022-21509, CVE-2022-21515, CVE-2022-21517, CVE-2022-21522,
CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528,
CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21534,
CVE-2022-21537, CVE-2022-21538, CVE-2022-21539, CVE-2022-21547,
CVE-2022-21553, CVE-2022-21569
-- Marc Deslauriers <email address hidden> Tue, 26 Jul 2022 12:14:25 -0400
-
mysql-8.0 (8.0.29-0ubuntu0.20.04.3) focal-security; urgency=medium
* SECURITY REGRESSION: 8.0.29 breaks existing charm configurations
(LP: #1971565)
- debian/patches/lp1971565.patch: add "name" to the supported global
options list so existing configurations keep working.
-- Marc Deslauriers <email address hidden> Wed, 04 May 2022 08:36:15 -0400
-
mysql-8.0 (8.0.29-0ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.29 to fix security issues
- debian/control, debian/tests/control: add libexpect-perl as required
by new test.
- debian/mysql-testsuite-8.0.install, debian/mysql-router.install:
added new files.
- CVE-2022-21412, CVE-2022-21413, CVE-2022-21414, CVE-2022-21415,
CVE-2022-21417, CVE-2022-21418, CVE-2022-21423, CVE-2022-21425,
CVE-2022-21427, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437,
CVE-2022-21438, CVE-2022-21440, CVE-2022-21444, CVE-2022-21451,
CVE-2022-21452, CVE-2022-21454, CVE-2022-21457, CVE-2022-21459,
CVE-2022-21460, CVE-2022-21462, CVE-2022-21478
* d/rules: increase build-time test timeouts to fix test failures that
were resulting in FTBFS.
* d/rules: Disable parallel builds on arm64
-- Marc Deslauriers <email address hidden> Mon, 02 May 2022 07:07:07 -0400
-
mysql-8.0 (8.0.28-0ubuntu0.20.04.4) focal; urgency=medium
* d/mysql-server-8.0.postinst:
- Increase stop_server timeout so shutdowns that last up to 3 minutes do not
trigger apport (LP: #1899248)
- Create and add correct permissions to the mysql socket directory before
running mysqld post-update. (LP: #1964969)
-- Lena Voytek <email address hidden> Thu, 10 Mar 2022 13:45:25 -0700
-
mysql-8.0 (8.0.28-0ubuntu0.20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.28 to fix security issues
- CVE-2022-21245, CVE-2022-21249, CVE-2022-21253, CVE-2022-21254,
CVE-2022-21256, CVE-2022-21264, CVE-2022-21265, CVE-2022-21270,
CVE-2022-21301, CVE-2022-21302, CVE-2022-21303, CVE-2022-21304,
CVE-2022-21339, CVE-2022-21342, CVE-2022-21344, CVE-2022-21348,
CVE-2022-21351, CVE-2022-21358, CVE-2022-21362, CVE-2022-21367,
CVE-2022-21368, CVE-2022-21370, CVE-2022-21372, CVE-2022-21374,
CVE-2022-21378, CVE-2022-21379
- debian/rules: build with -DWITH_FIDO=bundled and -DWITH_ICU=system
which are now required.
- debian/control: added libicu-dev to Build-Depends.
- debian/rules, debian/tests/upstream: disable main.index_merge_myisam
which now fails on i386.
- debian/tests/upstream: disable main.mem_cnt_common which fails.
-- Marc Deslauriers <email address hidden> Fri, 28 Jan 2022 14:36:12 -0500
-
mysql-8.0 (8.0.27-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.27 to fix security issues
- CVE-2021-2478, CVE-2021-2479, CVE-2021-2481, CVE-2021-35546,
CVE-2021-35575, CVE-2021-35577, CVE-2021-35584, CVE-2021-35591,
CVE-2021-35596, CVE-2021-35597, CVE-2021-35602, CVE-2021-35604,
CVE-2021-35607, CVE-2021-35608, CVE-2021-35610, CVE-2021-35612,
CVE-2021-35613, CVE-2021-35622, CVE-2021-35623, CVE-2021-35624,
CVE-2021-35625, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628,
CVE-2021-35630, CVE-2021-35631, CVE-2021-35632, CVE-2021-35633,
CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35637,
CVE-2021-35638, CVE-2021-35639, CVE-2021-35640, CVE-2021-35641,
CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645,
CVE-2021-35646, CVE-2021-35647, CVE-2021-35648
* debian/rules: disable innodb_fts.mecab_utf8 test, it hasn't run
successfully in a long time, but now gives an error.
* debian/patches/fix_ppc64el_longdouble_ftbfs.patch: removed, no longer
needed.
-- Marc Deslauriers <email address hidden> Fri, 22 Oct 2021 11:02:56 -0400
-
mysql-8.0 (8.0.26-0ubuntu0.20.04.3) focal; urgency=medium
* d/systemd: Disable service timeout
For large databases, the service could timeout on stop, possibly
leading to data corruption during a system shutdown.
(LP: #1882527)
-- Paride Legovini <email address hidden> Thu, 19 Aug 2021 15:32:33 +0200
-
mysql-8.0 (8.0.26-0ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.26 to fix security issues
- CVE-2021-2339, CVE-2021-2340, CVE-2021-2342, CVE-2021-2352,
CVE-2021-2354, CVE-2021-2356, CVE-2021-2357, CVE-2021-2367,
CVE-2021-2370, CVE-2021-2372, CVE-2021-2374, CVE-2021-2383,
CVE-2021-2384, CVE-2021-2385, CVE-2021-2387, CVE-2021-2389,
CVE-2021-2390, CVE-2021-2399, CVE-2021-2402, CVE-2021-2410,
CVE-2021-2417, CVE-2021-2418, CVE-2021-2422, CVE-2021-2424,
CVE-2021-2425, CVE-2021-2426, CVE-2021-2427, CVE-2021-2429,
CVE-2021-2437, CVE-2021-2440, CVE-2021-2441
* Fix test suite failures:
- mysql-testsuite-8.0.links: add link for mysql_migrate_keyring so the
binary can be located during tests.
- debian/patches/fix_path_mysql_keyring_encryption_test.patch: fix
location of mysql_keyring_encryption_test binary.
- debian/patches/disable_root_files.patch: disable files that require
root privileges during tests.
- debian/rules,debian/tests/upstream: disable newly-failing
main.slow_log test.
* Package new upstream files:
- debian/mysql-server-core-8.0.install: semisync_replica.so,
semisync_source.so.
- debian/mysql-testsuite-8.0.install: component_test_table_access.so,
component_test_mysql_system_variable_set.so.
* debian/patches/fix_ppc64el_longdouble_ftbfs.patch: disable long double
test on ppc64el.
-- Marc Deslauriers <email address hidden> Thu, 22 Jul 2021 07:53:03 -0400
-
mysql-8.0 (8.0.25-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.25 to fix security issues
- CVE-2021-2146, CVE-2021-2162, CVE-2021-2164, CVE-2021-2166,
CVE-2021-2169, CVE-2021-2170, CVE-2021-2171, CVE-2021-2172,
CVE-2021-2179, CVE-2021-2180, CVE-2021-2193, CVE-2021-2194,
CVE-2021-2196, CVE-2021-2201, CVE-2021-2203, CVE-2021-2208,
CVE-2021-2212, CVE-2021-2215, CVE-2021-2217, CVE-2021-2226,
CVE-2021-2230, CVE-2021-2232, CVE-2021-2278, CVE-2021-2293,
CVE-2021-2298, CVE-2021-2299, CVE-2021-2300, CVE-2021-2301,
CVE-2021-2304, CVE-2021-2305, CVE-2021-2307, CVE-2021-2308
* Package new upstream files:
- debian/mysql-server-core-8.0.install: mysql_migrate_keyring,
component_keyring_file.so.
- debian/mysql-testsuite-8.0.install: mysql_keyring_encryption_test.
* debian/patches/fix_test_year.patch: removed, no longer needed.
-- Marc Deslauriers <email address hidden> Tue, 11 May 2021 08:49:41 -0400
-
mysql-8.0 (8.0.23-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.23 to fix security issues
- CVE-2021-2002, CVE-2021-2010, CVE-2021-2011, CVE-2021-2021,
CVE-2021-2022, CVE-2021-2024, CVE-2021-2031, CVE-2021-2032,
CVE-2021-2036, CVE-2021-2038, CVE-2021-2046, CVE-2021-2048,
CVE-2021-2056, CVE-2021-2058, CVE-2021-2060, CVE-2021-2061,
CVE-2021-2065, CVE-2021-2070, CVE-2021-2072, CVE-2021-2076,
CVE-2021-2081, CVE-2021-2087, CVE-2021-2088, CVE-2021-2122
* debian/patches/atomic-test-words.patch: updated.
* debian/patches/fix_test_year.patch: fix test with hardcoded date.
* debian/libmysqlclient21.symbols: added new symbol.
* debian/mysql-router.install: remove mysql_protocol.so, it has been
removed from the new version.
* debian/*.install: added some new files shipped in the new version.
-- Marc Deslauriers <email address hidden> Wed, 27 Jan 2021 09:25:29 -0500
-
mysql-8.0 (8.0.22-0ubuntu0.20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: restrict open mysqlx port (LP: #1857584)
- debian/additions/mysql.conf.d/mysqld.cnf: bind mysqlx port to
127.0.0.1.
* WARNING: This change may impact certain environments where the mysqlx
port needs to be accessed from other hosts. A configuration change may
be required.
-- Marc Deslauriers <email address hidden> Thu, 26 Nov 2020 07:03:42 -0500
-
mysql-8.0 (8.0.22-0ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.22 to fix security issues
- CVE-2019-14775, CVE-2020-14672, CVE-2020-14765, CVE-2020-14769,
CVE-2020-14771, CVE-2020-14773, CVE-2020-14775, CVE-2020-14776,
CVE-2020-14777, CVE-2020-14785, CVE-2020-14786, CVE-2020-14789,
CVE-2020-14790, CVE-2020-14791, CVE-2020-14793, CVE-2020-14794,
CVE-2020-14800, CVE-2020-14804, CVE-2020-14809, CVE-2020-14812,
CVE-2020-14814, CVE-2020-14821, CVE-2020-14827, CVE-2020-14828,
CVE-2020-14829, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837,
CVE-2020-14838, CVE-2020-14839, CVE-2020-14844, CVE-2020-14845,
CVE-2020-14846, CVE-2020-14848, CVE-2020-14852, CVE-2020-14853,
CVE-2020-14860, CVE-2020-14861, CVE-2020-14866, CVE-2020-14867,
CVE-2020-14868, CVE-2020-14869, CVE-2020-14870, CVE-2020-14873,
CVE-2020-14878, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893
* Removed patches included in new version:
- debian/patches/charset_file_crash.patch
* debian/rules, debian/tests/upstream: re-enable tests that had expired
certificates, disable unstable test main.mysql_client_test.
* debian/mysql-router.install: adjust path to sample_mysqlrouter.conf.
* debian/mysql-router.install, debian/not-installed: added new files.
* debian/libmysqlclient21.symbols: added new symbol.
-- Marc Deslauriers <email address hidden> Thu, 22 Oct 2020 09:19:05 -0400
-
mysql-8.0 (8.0.21-0ubuntu0.20.04.4) focal-security; urgency=medium
* SECURITY REGRESSION: libmysqlclient loading issues (LP: #1889851)
- debian/patches/revert_faster_tls_model.patch: revert an upstream
commit that switches the tls-model to initial-exec. This is causing
"cannot allocate memory in static TLS block" errors when attempting
to load the library in certain scenarios.
-- Marc Deslauriers <email address hidden> Tue, 04 Aug 2020 07:39:21 -0400
-
mysql-8.0 (8.0.21-0ubuntu0.20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.21 to fix security issues
- CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550,
CVE-2020-14553, CVE-2020-14559, CVE-2020-14568, CVE-2020-14575,
CVE-2020-14576, CVE-2020-14586, CVE-2020-14591, CVE-2020-14597,
CVE-2020-14619, CVE-2020-14620, CVE-2020-14623, CVE-2020-14624,
CVE-2020-14631, CVE-2020-14632, CVE-2020-14633, CVE-2020-14634,
CVE-2020-14641, CVE-2020-14643, CVE-2020-14651, CVE-2020-14654,
CVE-2020-14656, CVE-2020-14663, CVE-2020-14678, CVE-2020-14680,
CVE-2020-14697, CVE-2020-14702
* debian/rules: disable some tests that have expired certificates until
new ones can be obtained from the upstream repo.
* debian/tests/upstream: disable some tests that have expired
certificates until new ones can be obtained from the upstream repo.
* debian/tests/upstream: disable new test that can't locate
mysqltest_safe_process binary.
* debian/mysql-router.install, debian/mysql-server-core-8.0.install,
debian/mysql-testsuite-8.0.install: use wildcard for libprotobuf-lite
library version.
* debian/mysql-router.install: added router_protobuf.so.
* debian/mysql-testsuite-8.0.install: added
component_test_component_deinit.so.
* debian/patches/charset_file_crash.patch: don't crash on malformed
charset files in mysys/charset.cc (LP: #1884809)
* Fix FTBFS on RISC-V.
- d/p/use-largest-lock-free-type-selector-on-riscv.patch: Force
the use of Largest_lock_free_type_selector instead of
Lock_free_type_selector when compiling for RISC-V, since the
latter will cause a compilation failure due to RISC-V's
inability to provide the always-lock-free property for some
specific types.
-- Marc Deslauriers <email address hidden> Mon, 27 Jul 2020 11:58:55 -0400
-
mysql-8.0 (8.0.20-0ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Update to 8.0.20 to fix security issues
- CVE-2020-2759, CVE-2020-2760, CVE-2020-2762, CVE-2020-2763,
CVE-2020-2765, CVE-2020-2780, CVE-2020-2804, CVE-2020-2812,
CVE-2020-2892, CVE-2020-2893, CVE-2020-2895, CVE-2020-2896,
CVE-2020-2897, CVE-2020-2898, CVE-2020-2901, CVE-2020-2903,
CVE-2020-2904, CVE-2020-2921, CVE-2020-2923, CVE-2020-2924,
CVE-2020-2925, CVE-2020-2926, CVE-2020-2928, CVE-2020-2930
* debian/patches/year2020.patch: Dropped, no longer needed
* debian/mysql-router.install: updated paths for library locations.
-- Marc Deslauriers <email address hidden> Mon, 27 Apr 2020 12:48:11 -0400
-
mysql-8.0 (8.0.19-0ubuntu5) focal; urgency=medium
* debian/patches/atomic-test-words.patch: Adjust
HAVE_IB_GCC_ATOMIC_COMPARE_EXCHANGE test to use atomic builtins on ints
rather than chars, like the code that it enables. riscv64 needs -latomic
for atomic operations on chars, but MySQL doesn't actually need them.
* Link with -pthread everywhere on riscv64.
-- William Grant <email address hidden> Wed, 11 Mar 2020 12:34:54 +1100
-
mysql-8.0 (8.0.19-0ubuntu4) focal; urgency=medium
* d/p/my_bool.patch: drop the my_bool workaround typedef
(LP: #1863026)
-- Andreas Hasenack <email address hidden> Mon, 17 Feb 2020 11:04:18 -0300
-
mysql-8.0 (8.0.19-0ubuntu3) focal; urgency=medium
* Bump some more tests that assume 2020 is in the future (LP: #1862364)
-- Rafael David Tinoco <email address hidden> Wed, 12 Feb 2020 19:26:03 +0000
-
mysql-8.0 (8.0.19-0ubuntu2) focal; urgency=medium
* d/mysql-{server,server-core,testsuite}-8.0.install: move testsuite-only
files to mysql-testsuite-8.0. No Breaks/Replaces since the previous upload
adding them never migrated to the release pocket.
* d/mysql-testsuite-8.0.links: install mysqld_safe symlink into
usr/lib/mysql-test/bin/ so that the testsuite can find it. This fixes
autopkgtest.
-- Robie Basak <email address hidden> Thu, 23 Jan 2020 14:50:43 +0000
-
mysql-8.0 (8.0.19-0ubuntu1) focal; urgency=medium
* SECURITY UPDATE: Update to 8.0.19 to fix security issues
- CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2588,
CVE-2020-2589, CVE-2020-2627, CVE-2020-2660, CVE-2020-2679,
CVE-2020-2686, CVE-2020-2694
* Removed patches no longer required:
- debian/patches/fix-test-mysql_os_user.patch
- debian/patches/new_lz4_compat.patch
* debian/mysql-server-8.0.install: switch errmsg-utf8.txt to new files.
* debian/mysql-server-core-8.0.install: add comp_err binary.
* debian/mysql-testsuite-8.0.install: added
component_test_udf_services.so.
-- Marc Deslauriers <email address hidden> Mon, 20 Jan 2020 13:07:23 -0500
-
mysql-8.0 (8.0.18-0ubuntu5) focal; urgency=medium
* Bump tests that assume 2020 is in the future, to use 2037 as the
future date.
-- Dimitri John Ledkov <email address hidden> Wed, 15 Jan 2020 12:51:30 +0000
-
mysql-8.0 (8.0.18-0ubuntu4) focal; urgency=medium
* Depend on perl:any instead of perl, so that mysql-server-8.0 is
cross-installable (mostly interesting for testing purposes).
-- Steve Langasek <email address hidden> Sat, 07 Dec 2019 11:59:09 -0800
-
mysql-8.0 (8.0.18-0ubuntu3) focal; urgency=medium
* debian/patches/new_lz4_compat.patch: fix patch to actually work with
the old lz4 also.
-- Marc Deslauriers <email address hidden> Tue, 19 Nov 2019 07:20:22 -0500
-
mysql-8.0 (8.0.18-0ubuntu2) focal; urgency=medium
* debian/patches/new_lz4_compat.patch: fix compatibility with lz4 1.9.2
(LP: #1851696)
-- Marc Deslauriers <email address hidden> Mon, 18 Nov 2019 14:42:20 -0500
-
mysql-8.0 (8.0.18-0ubuntu1) focal; urgency=medium
* SECURITY UPDATE: Update to 8.0.18 to fix security issues
- CVE-2019-2911, CVE-2019-2914, CVE-2019-2920, CVE-2019-2922,
CVE-2019-2923, CVE-2019-2924, CVE-2019-2938, CVE-2019-2946,
CVE-2019-2948, CVE-2019-2950, CVE-2019-2957, CVE-2019-2960,
CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968,
CVE-2019-2969, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991,
CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3003,
CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018
* Removed patches no longer required:
- fix_tests_ppc64el.patch
- fix-test-binary-path.patch
* debian/*install: Install new files:
- usr/lib/mysql/private/libprotobuf-lite.so.3.6.1
- usr/lib/mysql/private/libprotobuf.so.3.6.1
- usr/lib/mysql/plugin/component_mysqlbackup.so
- usr/lib/mysql-router/mysqlrouter/libprotobuf-lite.so.3.6.1
- usr/bin/mysqlrouter_keyring
* debian/libmysqlclient21.symbols: added new 8.0.18 symbols.
-- Marc Deslauriers <email address hidden> Tue, 22 Oct 2019 09:50:59 -0400
-
mysql-8.0 (8.0.17-0ubuntu3) focal; urgency=medium
* No-change rebuild for libevent soname changes.
-- Matthias Klose <email address hidden> Sat, 19 Oct 2019 19:56:42 +0000
-
mysql-8.0 (8.0.17-0ubuntu2) eoan; urgency=medium
[ Robie Basak ]
* Ship missing files newly built since MySQL 8.0:
libmysqlrouter_http.so.1, various MySQL Router plugins,
mysqlrouter_passwd.
* Ship missing mysql_clone.so MySQL plugin, newly built since
8.0.17.
* Protect against future new build files from being missed:
- Add debian/not-installed
- Switch from --list-missing to --fail-missing
[ Lars Tangvald ]
* Fix failing autopkgtest mysql_os_user.
* d/mysql-server-8.0.postinst: switch from mysql_native_password to
the upstream recommended mechanism caching_sha2_password for the
default root user when a default root password is set via debconf
(this is not the default case).
* d/mysql-server-8.0.postinst: drop mysql_upgrade since this is now
done automatically by the MySQL daemon on startup.
* d/additions/apparmor-profile: add missing AppArmor rules
(LP: #1658233).
* d/copyright: add missing entries for clone and ddl_rewriter plugins.
-- Robie Basak <email address hidden> Wed, 09 Oct 2019 14:03:12 +0100