lp:ubuntu/gutsy-proposed/mysql-dfsg-5.0
- Get this branch:
- bzr branch lp:ubuntu/gutsy-proposed/mysql-dfsg-5.0
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 31. By Jamie Strandboge
-
* SECURITY UPDATE: buffer overflow via ProcessOldClien
tHello( ) in
handshake.cpp and input_buffer& operator>> in yassl_imp.cpp
* SECURITY UPDATE: buffer overread in HASHwithTransform::Update in hash.cpp
* debian/patches/ 95_SECURITY_ CVE-2008- 0226_0227. dpatch: properly verify
length of input (LP: #186978)
* SECURITY UPDATE: privilege escalation via crafted CREATE SQL SECURITY
DEFINER VIEW and ALTER VIEW statements
* debian/patches/ 96_SECURITY_ CVE-2007- 6303.dpatch: make sure lex->definer
is non-NULL in sql_view.cc (LP: #185039)
* debian/patches/ 97_view_ fix-now. dpatch: update view.test and view.result to
use a static year instead of now(). These tests are not part of the build
but helps with qa-regression-testing
* References
CVE-2008-0226
CVE-2008-0227
CVE-2007-6303 - 30. By Jamie Strandboge
-
* SECURITY UPDATE: denial of service via crafted CONTAINS operation when
using InnoDB
* debian/patches/ 91_SECURITY_ CVE-2007- 5925.dpatch: make sure innodb returns
error on unsupported operations (db0err.h, page0cur.h, ha_innodb.cc)
* SECURITY UPDATE: privilege escalation using symlinks when using DATA
DIRECTORY and INDEX DIRECTORY options via a RENAME TABLE statement
* debian/patches/ 92_SECURITY_ CVE-2007- 5969.dpatch: fix for my_symlink2.c to
properly check symlinks when performing a rename operation
* SECURITY UPDATE: denial of service via SHOW TABLE STATUS query in
federated engine
* debian/patches/ 94_SECURITY_ CVE-2007- 6304.dpatch: fix for ha_federated.cc
to to return error if the response doesn't have enough columns
* References
CVE-2007-5925
CVE-2007-5969
CVE-2007-6304
LP #172260 - 29. By Jamie Strandboge
-
fix for mysql bug 27383 which causes mysql-test 'mysql_client_test'
to fail due to gcc 4.x optimizations - 27. By Mathias Gug
-
* debian/
libmysqlclient1 5-dev.files, debian/ mysql-client- 5.0.files,
debian/mysql-server- 5.0.files: remove dummy man pages, as they are
shipped in mysql-doc-5.0 package in the restricted repository.
* debian/control:
- Set Maintainer to Ubuntu Core dev. Move Debian maintainer
to XSBC-Original-Maintainer.
- Add mysql-doc-5.0 as a Suggests to mysql-client-5.0, mysql-server-5.0
and libmysqlclient15-dev. - 26. By sean finney <email address hidden>
-
* New upstream release.
[sean finney]
* removed patches that are incorporated into the latest release:
- 70_cpuid_on_i486. dpatch
- 91_SECURITY_CVE-2007- 2691_alter- drop
* new patch 90_upstreamdebiandir.dpatch to keep a few lingering references
to the upstream ./debian dir out of the build, at least until we find
a nice way to collaborate on sharing the directory.
* updated CRUFT list to fix double-build breakage (closes: #424590).
* add conditional build-deps for linux-libc-dev to fix FTBFS for
non-linux arch's (closes: #431018).
* added notes to my.cnf and README.Debian about setting tmpdir when
configuring a replication slave. thanks to Rudy Gevaert for pointing
this out (closes: #431825). - 25. By Christian Hammers
-
[sean finney]
* SECURITY:
Fix for CVE-2007-2691: DROP/RENAME TABLE statements (closes: #424778).
[Christian Hammers]
* Removed all manpages from the source (therefore the "41a") as they
are not licensed under the GPL and redistribution is not permitted
(thanks to Mathias Gug). Closes: #430018
* Added linux-libc-dev to the build-depends as else an illegal dependency to
asm/atomic.h is generated in /usr/include/mysql/my_ global. h. Closes: 424276
[Christian Perrier]
* Debconf templates and debian/control reviewed by the debian-l10n-
english team as part of the Smith review project. Closes: #419974
* Debconf translation updates:
- French. Closes: #422187
- Galician. Closes: #420118
- Italian. Closes: #421349
- Brazilian Portuguese. Closes: #421516
- Arabic. Closes: #421751
- Czech. Closes: #421766
- Portuguese. Closes: #422428 - 24. By sean finney <email address hidden>
-
the previous "translation changes" inadvertently introduced unrelated
changes in the package control file. - 23. By Martin Pitt
-
Fake sync from Debian. All Ubuntu changes are in Debian, but we have a
md5sum mismatch on the orig.tar.gz. - 22. By Martin Pitt
-
* Package the Enterprise version again (.37 was a community version), since
Debian and we have always done so. This brings in a few more bug fixes and
makes functional derivations less likely.
* debian/README. Maintainer: Add pointer to upstream download URL, since it
is very hard to find the Enterprise versions.
* Disable 33_scripts__mysql_ create_ system_ tables_ _no_test. dpatch, since that
script was removed upstream.
* debian/patches/ 41_scripts_ _mysql_ install_ db.sh__ no_test. dpatch: Adapted to
changed formatting in new upstream version.
* Remove debian/patches/ 86_PATH_ MAX.dpatch, fixed upstream.
* Add debian/patches/ 90_org_ tables_ definition. dpatch: Fix local variable
declaration in libmysqld/sql_parse. cc to fix compilation with
EMBEDDED_LIBRARY.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/mysql-dfsg-5.0