Merge lp:~clint-fewbar/ubuntu/karmic/mysql-dfsg-5.1/mysql-sru-343870 into lp:ubuntu/karmic-security/mysql-dfsg-5.1
Status: | Rejected |
---|---|
Rejected by: | Martin Pitt |
Proposed branch: | lp:~clint-fewbar/ubuntu/karmic/mysql-dfsg-5.1/mysql-sru-343870 |
Merge into: | lp:ubuntu/karmic-security/mysql-dfsg-5.1 |
Diff against target: |
66 lines (+43/-0) 3 files modified
debian/changelog (+7/-0) debian/patches/00list (+1/-0) debian/patches/10_fix_segfaults_lp343870.dpatch (+35/-0) |
To merge this branch: | bzr merge lp:~clint-fewbar/ubuntu/karmic/mysql-dfsg-5.1/mysql-sru-343870 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Artur Rona (community) | Approve | ||
Ubuntu branches | Pending | ||
Review via email: mp+42667@code.launchpad.net |
Description of the change
Re-submitting this as a merge proposal with karmic-security since that is the latest branch in the archive.
Unmerged revisions
- 22. By Clint Byrum
-
debian/
patches/ 10_fix_ segfaults_ lp343870. dpatch: fixes race
condition in libmysqlclient. Cherry pick from upstream. (LP: #343870) - 21. By Clint Byrum
-
fixing incorrectly merged changelog
- 20. By Clint Byrum
-
tidying up DEP-3 headers
- 19. By Clint Byrum
-
* SECURITY UPDATE: denial of service via UPGRADE DATA DIRECTORY NAME
command
- debian/patches/ 60_CVE- 2010-2008. dpatch: correctly filter prefixes
and paths in sql/table.cc, sql/sql_table.cc, sql/mysql_priv.h.
Add tests to mysql-test/*.
- CVE-2010-2008
* SECURITY UPDATE: denial of service via joins involving a table with a
unique SET column
- debian/patches/ 60_CVE- 2010-3677. dpatch: improve logic in
sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3677
* SECURITY UPDATE: denial of service via incorrect handling of NULL
arguments
- debian/patches/ 60_CVE- 2010-3678. dpatch: make sure items are valid in
sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3678
* SECURITY UPDATE: denial of service via malformed argument to the BINLOG
statement
- debian/patches/ 60_CVE- 2010-3679. dpatch: check lengths in
sql/sql_binlog. cc. Add tests to mysql-test/*.
- CVE-2010-3679
* SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
nullable columns
- debian/patches/ 60_CVE- 2010-3680. dpatch: check for null datatype in
storage/{innobase, innodb_ plugin} /handler/ ha_innodb. cc. Add tests to
mysql-test/*.
- CVE-2010-3680
* SECURITY UPDATE: denial of service via alternate reads from two indexes
on a table using the HANDLER interface
- debian/patches/ 60_CVE- 2010-3681. dpatch: check for the same index in
sql/sql_handler. cc. Add tests to mysql-test/*.
- CVE-2010-3681
* SECURITY UPDATE: denial of service via use of EXPLAIN with certain
queries
- debian/patches/ 60_CVE- 2010-3682. dpatch: improve conditional in
sql/sql_select. cc. Add tests to mysql-test/*.
- CVE-2010-3682
* SECURITY UPDATE: denial of service and incorrect error handling in
LOAD DATA INFILE.
- debian/patches/ 60_CVE- 2010-3683. dpatch: check for errors in
sql/sql_load. cc. Don't print error on server in sql/net_serv.cc.
Add tests to mysql-test/*.
- CVE-2010-3683
* SECURITY UPDATE: denial of service via incorrect propagation of type
errors.
- debian/patches/ 60_CVE- 2010-3833. dpatch: properly check for execution
errors in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3833
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/ 60_CVE- 2010-3834. dpatch: handle temporary tables in
sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via user-variable assignment
expression.
- debian/patches/ 60_CVE- 2010-3835. dpatch: fix logic in sql/item_func.*,
Add tests to mysql-test/*.
- CVE-2010-3835
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/ 60_CVE- 2010-3836. dpatch: make sure we're not in view
preparation mode in sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/ 60_CVE- 2010-3837. dpatch: create a copy of the order
structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/ 60_CVE- 2010-3838. dpatch: handle REAL_RESULT in
sql/item_func. cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via certain queries with nested
joins.
- debian/patches/ 60_CVE- 2010-3839. dpatch: fix nesting in
sql/sql_select. cc. Add tests to mysql-test/*.
- CVE-2010-3839
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/ 60_CVE- 2010-3840. dpatch: improve data handling in
sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
* Use debhelper where possible in rules
* Split binary packages into mysql-base, mysql-client, mysql-doc
* New upstream release - 18. By Clint Byrum
-
Fixing changelog and adding DEP3 headers to patch
- 17. By Clint Byrum
-
debian/
patches/ 10_fix_ segfaults_ lp343870. dpatch: fixes (LP: #343870)
Please fix debian/changelog, it looks pretty horrible.
Improve 'Description' tag:
#Description: Fixes race condition in libmysqlclient. Cherry-pick from upstream.
According to above, please add 'Forwarded' tag:
#Forwarded: not-needed
Short URLs in DEP3 tags: bugs.mysql. com/42850 /launchpad. net/bugs/ 343870
#Bug: http://
#Bug-Ubuntu: https:/
Rest hashed lines under DEP3 tag can be removed.
Why did you set merge to karmic-security, if in debian/changelog you are targetting to -proposed?