-
mysql-dfsg-5.0 (5.0.67-0ubuntu6.1) intrepid-security; urgency=low
* SECURITY UPDATE: privilege circumvention via the creation of MyISAM
tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
existing table files in the data directory. This fix alters table creation
behaviour by disallowing the use of the MySQL data directory in DATA
DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
- debian/patches/92_CVE-2008-4098.dpatch: Disallow use of MySQL
data directory in DATA DIRECTORY and INDEX DIRECTORY options.
- CVE-2008-4098
* SECURITY UPDATE: Cross-site scripting in the command-line client
- debian/patches/92_CVE-2008-4456.dpatch: use xmlencode_print in
client/mysql.cc, add test to mysql-test/*.
- CVE-2008-4456
* SECURITY UPDATE: format string vulnerabilities in the dispatch_command
function
- debian/patches/92_CVE-2009-2446.dpatch: use correct format string in
sql/sql_parse.cc, add test to tests/mysql_client_test.c.
- CVE-2009-2446
* SECURITY UPDATE: denial of service via certain SELECT statements with
subqueries and statements that use the GeomFromWKB function
- debian/patches/92_CVE-2009-4019.dpatch: return proper errors in
sql/sql_class.cc, handle errors in sql/sql_select.cc, set correct
null_value in sql/item_geofunc.cc, add tests to mysql-test/*.
- CVE-2009-4019
* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
of the mysql_unpacked_real_data_home value
- debian/patches/92_CVE-2009-4030.dpatch: fix initialization order in
sql/mysqld.cc.
- CVE-2009-4030
* SECURITY UPDATE: arbitrary code execution via yassl stack overflow
- debian/patches/93_CVE-2009-4484.dpatch: validate lengths in
extra/yassl/taocrypt/src/asn.*.
- CVE-2009-4484
* debian/patches/94_ssl_test_certs.dpatch: update certificates in the
test suite as they are expired. The new certs expire 2015-01-28.
(LP: #323755)
-- Marc Deslauriers <email address hidden> Mon, 08 Feb 2010 09:00:54 -0500
-
mysql-dfsg-5.0 (5.0.67-0ubuntu6) intrepid; urgency=low
* Clean up mysql apparmor profile. (LP: #270663)
-- Chuck Short <email address hidden> Thu, 18 Sep 2008 09:37:56 -0400
-
mysql-dfsg-5.0 (5.0.67-0ubuntu5) intrepid; urgency=low
* Add 91_ubuntu_buildd_testfailures.dpatch: disable tests that fail
randomly only on the amd64 buildd.
-- Kees Cook <email address hidden> Thu, 28 Aug 2008 09:39:05 -0700
-
mysql-dfsg-5.0 (5.0.67-0ubuntu4) intrepid; urgency=low
* Revert 99_incease_test_timeout.dpatch, and try upstream fixes for
random test failures as 90_upstream_bug_23921.dpatch (see
http://bugs.mysql.com/bug.php?id=23921). Fixes random build failures.
* Revert PIE hardening -- subselect test kills running server on i386.
-- Kees Cook <email address hidden> Wed, 27 Aug 2008 11:09:34 -0700
-
mysql-dfsg-5.0 (5.0.67-0ubuntu3) intrepid; urgency=low
* debian/patches/99_incease_test_timeout.dpatch: Increase the timeout
time for mysql-tests in build.
-- Chuck Short <email address hidden> Tue, 26 Aug 2008 10:57:12 -0400
-
mysql-dfsg-5.0 (5.0.67-0ubuntu2) intrepid; urgency=low
* debian/{control,rules}: enable PIE hardening
-- Kees Cook <email address hidden> Mon, 25 Aug 2008 13:53:36 -0700
-
mysql-dfsg-5.0 (5.0.67-0ubuntu1) intrepid; urgency=low
* debian/control:
- Set maintainer to Ubuntu Core dev. Move Debian maintainer to
XSBC-Original-Maintainer.
- Add a mysql-doc-5.0 as a Suggest to mysql-client-5.0 mysql-server-5.0
andd libmsqlclient15-dev
- Prepend XS-Original- to Vcs-{Browser,Svn}.
- Fix man page conflicts with mysql-doc-5.0 when upgrading from gutsy
for mysql-server-5.0, mysql-client-5.0 and libmysqlclient15-dev
packages.
- Replaces and Conflicts apparmor-profiles << 2.1+1075-0ubuntu4 to allow
proper upgrades from gutsy.
- Lower "mailx from a Recommends to a Suggests, which is pulling in
exim4 on all installs of mysql-server. (LP: #259477).
* debian/rules:
- Apply same configuration options on lpia as for i386.
- Replace --with-comment="Debian" --with-comment="Ubuntu".
* debian/additions/my.cnf:
- Add note about the "/etc/mysql/conf.d" directory in my.cnf.
- Add warning about apparmor (LP: #201799)
* Follow ApparmorProfileMigration and force apparmor complain mode on some
upgrades (LP: #203531)
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/mysql-server-5.0.dirs: add etc/apparmor.d/force-complain
- debian/mysql-server-5.0.preinst: create symlink for force-complain/
on pre-feisty upgrades, upgrades where apparmor-profiles profile is
unchanged (ie non-enforcing) and upgrades where the profile doesn't
exist.
- debian/mysql-server-5.0.postrm: remove symlink in force-complain/ on
purge.
* Dropped debian/patches/58-disable-ndb-backup-print.dpatch, no
longer needed.
* Dropped debian/patches/93_fix_user_setup_on_localhost.dpatch. use
Debian's instead.
-- Chuck Short <email address hidden> Fri, 22 Aug 2008 10:49:54 -0400
-
mysql-dfsg-5.0 (5.0.51a-6ubuntu4) intrepid; urgency=low
* debian/control: Lower "mailx" from a Recommends to a Suggests, which is
pulling in exim4 on all installs of mysql-server (LP: #259477).
-- Dustin Kirkland <email address hidden> Tue, 19 Aug 2008 17:49:12 +0100
-
mysql-dfsg-5.0 (5.0.51a-6ubuntu3) intrepid; urgency=low
* debian/mysql-server-5.0.config:
- Revert debian changes. Password dialog had disappeared. (LP: #239668)
-- Chuck Short <email address hidden> Mon, 23 Jun 2008 01:04:32 +0000
-
mysql-dfsg-5.0 (5.0.51a-6ubuntu2) intrepid; urgency=low
* Updated debian/patches/58-disable-ndb-backup-print.dpatch.
- Failed tests ndb_alter_table ndb_replace to fix a FTBFS.
-- Chuck Short <email address hidden> Thu, 05 Jun 2008 13:39:08 +0000
-
mysql-dfsg-5.0 (5.0.51a-6ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- debian/control:
- Set maintainer to Ubuntu Core dev. Move Debian maintainer to
XSBC-Original-Maintainer
- Add mysql-doc-.0 as a Suggest to mysql-client-5.0 mysql-server-5.0
and libmysqlcient15-dev.
- Prepared XS-Original to Vcs-{Browser,Svn}.
- Fix man pages conflicts with mysql-doc-5.0 when upgrading from gutsy
for mysql-server-5.0, mysql-client-5.0 and libmysqlclient15-dev
packages.
- Replaces and conflicts apparmor-profiles << 2.1+1075-0ubuntu4 to allow
proper upgrade from gutsy.
- debian/rules:
- Apply same configuration options on lipa for i386.
- Replace --with-comment="Debian" with --with-comment=Ubuntu".
- debian/patches/93_fix_user_setup_on_localhost.dpatch
- Fix setup of user table, if hostname is "localhost". Thanks to
Daniel Hahler. (LP: #223836)
- debian/patches/56-mysqlhotcopy-invalid-dbtable.dpatch
- Update patch to address mysqlhotcopy issues. (LP: #197606)
- Folow ApparmorProfileMigration and force apparmor complain mode on some
upgrades. (LP: #203531)
- debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6
- debian/mysql-server-5.0.dirs: add etc/apparmor.d/force-complain
- debian/mysql-server-5.0.preinst: create symlink for force-complain/
on pre-feisty upgrades, upgrades where apparmor-profiles profile is unchanged
(ie non-enforcing) and upgrades where the profile doesn't exist.
- debian/mysql-server-5.0.postrm: remove symlink in force-complain/ on purge
- debian/additions/my.cnf: add warning about apparmor (LP: #201799)
- Disable ndb_backup_print tests as it fails sometimes (LP: #194542).
Patch taken from 5.0.54.
* Dropped:
- debian/patches/92_fix_order_by32202.dpatch. In favour of 56_fix_order_by.dpatch
from debian
- confirming password on install if given. Already used upstream.
- debian/patches/59-fix-mysql-replication-logs.dpatch. In favour of
of 57_fix_mysql_replication.dpatch from debian.
mysql-dfsg-5.0 (5.0.51a-6) unstable; urgency=low
* Fix debian-start.inc.sh to not print the row counts of the tables
queried. (closes: #478256, #479697)
mysql-dfsg-5.0 (5.0.51a-5) unstable; urgency=medium
* New patch 57_fix_mysql_replication.dpatch from 5.0.54 to fix directory for
relay logs when using replication.
mysql-dfsg-5.0 (5.0.51a-4) unstable; urgency=low
[ Monty Taylor ]
* Add Sphinx SE integration.
* Remove build of ndb docs, since they are not installed. Removed build deps
on TeX and doxygen since that's all they were there for.
* Replace script in check_for_crashed_tables with a myisam-recover option
and a script to trigger a check of those tables. (thanks HarrisonF and
kolbe)
* Replace direct calls to test suite with calls to the make targets used by
the MySQL build and qa teams for releases.
* Add information about Sphinx to README.Maintainer.
* Add --skip-ndbcluster to the postinst bootstrap command. It's really a
workaround for a bug in 5.1, but it's probably a good idea anyway since we
certainly don't need cluster to spin up, and if people have enabled
cluster in their my.cnf file, there could be postinst issues if cluster
isn't running.
* Remove reference to configure options that no longer exist.
* Add myself to uploaders.
[ Norbert Tretkowski ]
* New patch 56_fix_order_by.dpatch from Ubuntu to fix ORDER BY not working
with GROUP BY. (closes: #471737)
* Add note about filename extensions in the /etc/mysql/conf.d/ directory in
my.cnf. (closes: #461759)
* Confirm password on install, patch from Nicolas Valcárcel.
(closes: #471887)
* Remove Adam Conrad from uploaders on his request. Thanks for your work in
the past!
* Use lsb_release to detect distribution.
-- Chuck Short <email address hidden> Fri, 30 May 2008 17:08:41 +0100
-
mysql-dfsg-5.0 (5.0.51a-3ubuntu5.1) hardy-proposed; urgency=low
* debian/patches/93_fix_user_setup_on_localhost.dpatch
- Fix setup of user table, if hostname is "localhost". Thanks
to Daniel Hahler (LP: #223836)
* debian/patches/56-mysqlhotcopy-invalid-dbtable.dpatch
- Update patch to address mysqlhotcopy issues. (LP: #197606)
-- Chuck Short <email address hidden> Tue, 29 Apr 2008 15:09:33 -0400
-
mysql-dfsg-5.0 (5.0.51a-3ubuntu5) hardy; urgency=low
* debian/patches/59-fix-mysql-replication-logs.dpatch:
Fix mysql replication: relay-logs were stored in /var/run. (LP: #119271).
Patch taken from 5.0.54.
* debian/patches/58-disable-ndb-backup-print.dpatch:
update description of ndb_backup_print patch.
-- Mathias Gug <email address hidden> Thu, 27 Mar 2008 19:02:38 -0400
