lp://staging/ubuntu/quantal-security/mysql-5.5

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

29. By Marc Deslauriers on 2014-04-20

* SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
  - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
  - CVE-2014-0001
  - CVE-2014-0384
  - CVE-2014-2419
  - CVE-2014-2430
  - CVE-2014-2431
  - CVE-2014-2432
  - CVE-2014-2436
  - CVE-2014-2438
  - CVE-2014-2440
* Drop creation of insecure database permissions:
  - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
    d/p/41_scripts__mysql_install_db.sh__no_test.patch,
    d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
    package, inadvertently dropped in 5.5 transition. This
    removes the global anonymous access to the database which
    is a security concern.

28. By Marc Deslauriers on 2014-01-16

* SECURITY UPDATE: Update to 5.5.35 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5891
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0420
  - CVE-2014-0437

27. By Marc Deslauriers on 2013-10-22

* SECURITY UPDATE: Update to 5.5.34 to fix security issues (LP: #1243253)
  - http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
  - CVE-2013-3839
  - CVE-2013-5807

26. By Marc Deslauriers on 2013-07-23

* SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
  - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
  - CVE-2013-1861
  - CVE-2013-3783
  - CVE-2013-3793
  - CVE-2013-3802
  - CVE-2013-3804
  - CVE-2013-3809
  - CVE-2013-3812
* SECURITY UPDATE: insecure creation of debian.cnf file
  - debian/mysql-server-5.5.postinst: set umask to 066 before creating
    debian.cnf.
  - CVE-2013-2162
* Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
* Fix FTBFS from test suite failure
  - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
    from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.

25. By Seth Arnold on 2013-04-18

* SECURITY UPDATE: Update to 5.5.31 to fix security issues (LP: #1170516)
  - http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
* debian/patches/71_disable_rpl_tests.patch: refreshed.
* debian/patches/fix-mysqldump-test.patch: removed, fixed differently
  upstream

24. By Marc Deslauriers on 2013-01-16

* SECURITY UPDATE: Update to 5.5.29 to fix security issues (LP: #1100264)
  - http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
* debian/patches/CVE-2012-5611.patch: removed, included upstream.
* debian/patches/38_scripts__mysqld_safe.sh__signals.patch: refreshed.

23. By Marc Deslauriers on 2012-12-07

* SECURITY UPDATE: arbitrary code execution via long argument
  - debian/patches/CVE-2012-5611.patch: don't overflow buffer in
    sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test,
    mysql-test/r/information_schema.result.
  - CVE-2012-5611

22. By Marc Deslauriers on 2012-10-18

* SECURITY UPDATE: Update to 5.5.28 to fix security issues (LP: #1068158)
  - http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
* debian/patches/fix-mysqlhotcopy.patch: removed, included upstream.

21. By Clint Byrum on 2012-08-23

New upstream release.

20. By Marc Deslauriers on 2012-08-20

[ Clint Byrum ]
* d/mysql-server-5.5.py: Update apport hook to add mysql error log.
  also fix small bug found in testing with missing string import.

[ Marc Deslauriers ]
* d/mysql-server-5.5.py: use attach_mac_events() to properly attach and
  tag AppArmor denied messages.