lp://staging/ubuntu/quantal-security/mysql-5.5

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://staging/ubuntu/quantal-security/mysql-5.5
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

29. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
  - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
  - CVE-2014-0001
  - CVE-2014-0384
  - CVE-2014-2419
  - CVE-2014-2430
  - CVE-2014-2431
  - CVE-2014-2432
  - CVE-2014-2436
  - CVE-2014-2438
  - CVE-2014-2440
* Drop creation of insecure database permissions:
  - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
    d/p/41_scripts__mysql_install_db.sh__no_test.patch,
    d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
    package, inadvertently dropped in 5.5 transition. This
    removes the global anonymous access to the database which
    is a security concern.

28. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.35 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5891
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0420
  - CVE-2014-0437

27. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.34 to fix security issues (LP: #1243253)
  - http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
  - CVE-2013-3839
  - CVE-2013-5807

26. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
  - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
  - CVE-2013-1861
  - CVE-2013-3783
  - CVE-2013-3793
  - CVE-2013-3802
  - CVE-2013-3804
  - CVE-2013-3809
  - CVE-2013-3812
* SECURITY UPDATE: insecure creation of debian.cnf file
  - debian/mysql-server-5.5.postinst: set umask to 066 before creating
    debian.cnf.
  - CVE-2013-2162
* Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
* Fix FTBFS from test suite failure
  - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
    from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.

25. By Seth Arnold

* SECURITY UPDATE: Update to 5.5.31 to fix security issues (LP: #1170516)
  - http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
* debian/patches/71_disable_rpl_tests.patch: refreshed.
* debian/patches/fix-mysqldump-test.patch: removed, fixed differently
  upstream

24. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.29 to fix security issues (LP: #1100264)
  - http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
* debian/patches/CVE-2012-5611.patch: removed, included upstream.
* debian/patches/38_scripts__mysqld_safe.sh__signals.patch: refreshed.

23. By Marc Deslauriers

* SECURITY UPDATE: arbitrary code execution via long argument
  - debian/patches/CVE-2012-5611.patch: don't overflow buffer in
    sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test,
    mysql-test/r/information_schema.result.
  - CVE-2012-5611

22. By Marc Deslauriers

* SECURITY UPDATE: Update to 5.5.28 to fix security issues (LP: #1068158)
  - http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
* debian/patches/fix-mysqlhotcopy.patch: removed, included upstream.

21. By Clint Byrum

New upstream release.

20. By Marc Deslauriers

[ Clint Byrum ]
* d/mysql-server-5.5.py: Update apport hook to add mysql error log.
  also fix small bug found in testing with missing string import.

[ Marc Deslauriers ]
* d/mysql-server-5.5.py: use attach_mac_events() to properly attach and
  tag AppArmor denied messages.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/raring/mysql-5.5
This branch contains Public information 
Everyone can see this information.

Subscribers