lp:~clint-fewbar/ubuntu/lucid/mysql-dfsg-5.1/increase-killtimeout
- Get this branch:
- bzr branch lp:~clint-fewbar/ubuntu/lucid/mysql-dfsg-5.1/increase-killtimeout
Branch merges
- Bryce Harrington: Approve (packaging)
- Ubuntu branches: Pending requested
-
Diff: 27 lines (+9/-0)2 files modifieddebian/changelog (+6/-0)
debian/mysql-server-5.1.mysql.upstart (+3/-0)
Related bugs
Bug #620441: MySQL upstart stop job does not cleanly shutdown mysql | High | Fix Released |
Related blueprints
Branch information
- Owner:
- Clint Byrum
- Status:
- Development
Recent revisions
- 30. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via UPGRADE DATA DIRECTORY NAME
command
- debian/patches/ 60_CVE- 2010-2008. dpatch: correctly filter prefixes
and paths in sql/table.cc, sql/sql_table.cc, sql/mysql_priv.h.
Add tests to mysql-test/*.
- CVE-2010-2008
* SECURITY UPDATE: denial of service via joins involving a table with a
unique SET column
- debian/patches/ 60_CVE- 2010-3677. dpatch: improve logic in
sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3677
* SECURITY UPDATE: denial of service via incorrect handling of NULL
arguments
- debian/patches/ 60_CVE- 2010-3678. dpatch: make sure items are valid in
sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3678
* SECURITY UPDATE: denial of service via malformed argument to the BINLOG
statement
- debian/patches/ 60_CVE- 2010-3679. dpatch: check lengths in
sql/sql_binlog. cc. Add tests to mysql-test/*.
- CVE-2010-3679
* SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
nullable columns
- debian/patches/ 60_CVE- 2010-3680. dpatch: check for null datatype in
storage/{innobase, innodb_ plugin} /handler/ ha_innodb. cc. Add tests to
mysql-test/*.
- CVE-2010-3680
* SECURITY UPDATE: denial of service via alternate reads from two indexes
on a table using the HANDLER interface
- debian/patches/ 60_CVE- 2010-3681. dpatch: check for the same index in
sql/sql_handler. cc. Add tests to mysql-test/*.
- CVE-2010-3681
* SECURITY UPDATE: denial of service via use of EXPLAIN with certain
queries
- debian/patches/ 60_CVE- 2010-3682. dpatch: improve conditional in
sql/sql_select. cc. Add tests to mysql-test/*.
- CVE-2010-3682
* SECURITY UPDATE: denial of service and incorrect error handling in
LOAD DATA INFILE.
- debian/patches/ 60_CVE- 2010-3683. dpatch: check for errors in
sql/sql_load. cc. Don't print error on server in sql/net_serv.cc.
Add tests to mysql-test/*.
- CVE-2010-3683
* SECURITY UPDATE: denial of service via incorrect propagation of type
errors.
- debian/patches/ 60_CVE- 2010-3833. dpatch: properly check for execution
errors in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3833
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/ 60_CVE- 2010-3834. dpatch: handle temporary tables in
sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via user-variable assignment
expression.
- debian/patches/ 60_CVE- 2010-3835. dpatch: fix logic in sql/item_func.*,
Add tests to mysql-test/*.
- CVE-2010-3835
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/ 60_CVE- 2010-3836. dpatch: make sure we're not in view
preparation mode in sql/item_cmpfunc. cc. Add tests to mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/ 60_CVE- 2010-3837. dpatch: create a copy of the order
structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/ 60_CVE- 2010-3838. dpatch: handle REAL_RESULT in
sql/item_func. cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via certain queries with nested
joins.
- debian/patches/ 60_CVE- 2010-3839. dpatch: fix nesting in
sql/sql_select. cc. Add tests to mysql-test/*.
- CVE-2010-3839
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/ 60_CVE- 2010-3840. dpatch: improve data handling in
sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
* debian/patches/ 61_disable_ longfilename_ test.dpatch: disable the
partition_rename_ longfilename test as it fails when building with
sbuild and schroots. - 29. By Marc Deslauriers
-
* SECURITY UPDATE: missing privilege check when uninstalling plugins
- debian/patches/ 55_CVE- 2010-1621. dpatch: check access rights in
sql/sql_plugin. cc, added tests to mysql-test/*.
- CVE-2010-1621
* SECURITY UPDATE: privilege check bypass via crafted table name argument
to COM_FIELD_LIST
- debian/patches/ 58_CVE- 2010-1848. dpatch: check for path chars in
sql/table.cc, sql/sql_yacc.yy, sql/sql_yacc.cc, sql/sql_table.cc,
sql/sql_parse. cc, sql/partition_ info.cc, sql/mysql_priv.h. Add tests
to tests/mysql_client_ test.c and mysql-test/*.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/ 57_CVE- 2010-1849. dpatch: handle big packets in
sql/sql_connect. cc, include/ mysql_com. h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/ 56_CVE- 2010-1850. dpatch: check table name length in
sql/sql_parse. cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/ 59_CVE- 2010-1626. dpatch: check for symlinks in
storage/myisam/ mi_delete_ table.c, add tests to mysql-test/*.
- CVE-2010-1626 - 28. By Harald Sitter
-
* Also move usr/bin/
mysql_upgrade to the core package, as addition to the
previous upload.
* Add new mysql-client-core-5. 1 package
+ Move mysqlcheck and mysql from mysql-client-5.1 to te new package - 27. By Harald Sitter
-
* Move mysql_install_db and required .sql files from the server package
to the server-core package. Akonadi now executes aforementioned script
to ensure the mysql system tables are available and mysqld does not cry
about them (LP: #448705).
resolveip was *not* moved. The install_db script gets executed using --force
* server-core replaces << this version of server - 26. By Steve Langasek
-
[ Mathias Gug ]
* Ship mysqld_safe script (LP: #552053).
* debian/control: Use database for the package section (LP: #498939).
* debian/mysql-server- 5.1.templates: fix MySQL Cluster package name to
mention mysql-cluster-server (LP: #394515).
* debian/mysql-common. preinst: delete skip-bdb option if upgrading from 5.0
since 5.1 fails to start if skip-bdb is in the configuration file.
(LP: #444349).[ Steve Langasek ]
* un-fuzzy the translations, which were only fuzzied due to a changed
package name. - 24. By Chuck Short
-
* debian/control: Add replaces mysql-server-5.0 for mysql-server-
core-5. 1 (LP: #537470)
* debian/mysql-server- 5.1.mysql- server. logrotate: Check to see if mysql is running before
running logrotate. (LP: #513135)
* Make the testsuite installable. (LP: #530752) - 23. By Marc Deslauriers
-
* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
of the mysql_unpacked_real_data_ home value
- debian/patches/ 52_CVE- 2009-4030. dpatch: fix initialization order in
sql/mysqld.cc.
- CVE-2009-4030
* SECURITY UPDATE: arbitrary code execution via yassl stack overflow
- debian/patches/ 53_CVE- 2009-4484. dpatch: validate lengths in
extra/yassl/taocrypt/ src/asn. *.
- CVE-2009-4484
* SECURITY UPDATE: access restriction bypass via symlink
- debian/patches/ 54_CVE- 2008-7247. dpatch: improve symlink handling in
sql/sql_table. cc.
- CVE-2008-7247 - 22. By Chuck Short
-
debian/
apparmor- profile: Upate apparmor profile. Get rid of annoying warning
when starting mysql. (LP: #444479)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/mysql-dfsg-5.1