-
mysql-5.5 (5.5.37-0ubuntu0.13.10.1) saucy-security; urgency=medium
* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- CVE-2014-0001
- CVE-2014-0384
- CVE-2014-2419
- CVE-2014-2430
- CVE-2014-2431
- CVE-2014-2432
- CVE-2014-2436
- CVE-2014-2438
- CVE-2014-2440
* Drop creation of insecure database permissions:
- d/p/33_scripts__mysql_create_system_tables__no_test.patch,
d/p/41_scripts__mysql_install_db.sh__no_test.patch,
d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
package, inadvertently dropped in 5.5 transition. This
removes the global anonymous access to the database which
is a security concern.
-- Marc Deslauriers <email address hidden> Sat, 19 Apr 2014 20:45:09 -0400
-
mysql-5.5 (5.5.35-0ubuntu0.13.10.2) saucy; urgency=medium
[ Eduardo Damato ]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Dave Chiluk <email address hidden> Tue, 21 Jan 2014 13:06:45 -0500
-
mysql-5.5 (5.5.35-0ubuntu0.13.10.1) saucy-security; urgency=low
* SECURITY UPDATE: Update to 5.5.35 to fix security issues (LP: #1269993)
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- CVE-2013-5891
- CVE-2013-5908
- CVE-2014-0386
- CVE-2014-0393
- CVE-2014-0401
- CVE-2014-0402
- CVE-2014-0412
- CVE-2014-0420
- CVE-2014-0437
-- Marc Deslauriers <email address hidden> Thu, 16 Jan 2014 19:53:14 -0500
-
mysql-5.5 (5.5.34-0ubuntu0.13.10.2) saucy; urgency=low
[ Eduardo Damato ]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Dave Chiluk <email address hidden> Thu, 09 Jan 2014 09:58:09 -0600
-
mysql-5.5 (5.5.34-0ubuntu0.13.10.1) saucy-security; urgency=low
* SECURITY UPDATE: Update to 5.5.34 to fix security issues (LP: #1243253)
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- CVE-2013-3839
- CVE-2013-5807
-- Marc Deslauriers <email address hidden> Tue, 22 Oct 2013 15:14:10 -0400
-
mysql-5.5 (5.5.32-0ubuntu7) saucy; urgency=low
* d/rules, d/control: remove gcc-4.4 dependency and disable X86 assembly in
taocrypt (LP: #1162139).
- Cherry-pick from Debian svn r2231 with thanks to Clint Byrum.
-- Robie Basak <email address hidden> Wed, 18 Sep 2013 10:02:09 +0000
-
mysql-5.5 (5.5.32-0ubuntu6) saucy; urgency=low
* d/tests/upstream: Redirect stderr>stdout to fix DEP-8 test failure.
-- James Page <email address hidden> Fri, 30 Aug 2013 11:01:02 +0100
-
mysql-5.5 (5.5.32-0ubuntu5) saucy; urgency=low
* Drop unnecessary depends on versioned upstart. Apparmor loading helper
has been available for more than one LTS release now, so explicit
dependency is not required any more.
-- Dmitrijs Ledkovs <email address hidden> Thu, 29 Aug 2013 14:34:32 +0100
-
mysql-5.5 (5.5.32-0ubuntu4) saucy; urgency=low
* d/tests/upstream: Remove trailing / from --vardir to fix DEP-8 test
failures (LP: #1216008).
-- James Page <email address hidden> Thu, 29 Aug 2013 14:10:52 +0100
-
mysql-5.5 (5.5.32-0ubuntu3) saucy; urgency=low
* Revert 5.5.32-0ubuntu2, which caused a severe regression making the
package uninstallable. See LP: #1121874 for details.
-- Robie Basak <email address hidden> Tue, 27 Aug 2013 11:55:13 +0000
-
mysql-5.5 (5.5.32-0ubuntu2) saucy-proposed; urgency=low
[Eduardo Damato]
* Fix upstart script to account for datadir disk shortage (LP: #1121874)
-- Adam Stokes <email address hidden> Wed, 31 Jul 2013 15:21:15 -0400
-
mysql-5.5 (5.5.32-0ubuntu1) saucy; urgency=low
* SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
- http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
- CVE-2013-1861
- CVE-2013-3783
- CVE-2013-3793
- CVE-2013-3802
- CVE-2013-3804
- CVE-2013-3809
- CVE-2013-3812
* SECURITY UPDATE: insecure creation of debian.cnf file
- debian/mysql-server-5.5.postinst: set umask to 066 before creating
debian.cnf.
- CVE-2013-2162
* Fix FTBFS from test suite failure
- debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.
-- Marc Deslauriers <email address hidden> Tue, 23 Jul 2013 08:51:03 -0400
-
mysql-5.5 (5.5.31-0ubuntu1) saucy; urgency=low
* Adjust Apparmor profile to allow reading PID file (LP: #1185573)
-- Simon Deziel <email address hidden> Wed, 29 May 2013 16:14:02 -0400
-
mysql-5.5 (5.5.31-0ubuntu0.13.04.1) raring-security; urgency=low
* SECURITY UPDATE: Update to 5.5.31 to fix security issues (LP: #1170516)
- http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
* debian/patches/71_disable_rpl_tests.patch: refreshed.
* debian/patches/fix-mysqldump-test.patch: removed, fixed differently
upstream
-- Seth Arnold <email address hidden> Thu, 18 Apr 2013 18:25:54 -0700
-
mysql-5.5 (5.5.29-0ubuntu1) raring; urgency=low
* SECURITY UPDATE: Update to 5.5.29 to fix security issues (LP: #1100264)
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
* debian/patches/CVE-2012-5611.patch: removed, included upstream.
* debian/patches/38_scripts__mysqld_safe.sh__signals.patch: refreshed.
-- Marc Deslauriers <email address hidden> Wed, 16 Jan 2013 08:29:25 -0500