lp:ubuntu/maverick/mysql-dfsg-5.1

Created by James Westby on 2010-05-01 and last modified on 2010-05-25
Get this branch:
bzr branch lp:ubuntu/maverick/mysql-dfsg-5.1
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

31. By Chuck Short on 2010-05-20

[Marc Deslauriers]
* debian/mysql-server-5.0.preinst: Set mysql user's home directory
  to /nonexistent to protect against having the /var/lib/mysql
  user-writeable. If an attacker can trick mysqld into creating
  dot files in the home directory, he could do .rhost-like attacks
  on the system. (LP: #293258)

[Chuck Short]
* debian/mysql-server-5.1.mysql.upstart: Dont wait forever for a ping from
  the mysql server. It might not be configured properly. (LP: #551097)

30. By Chuck Short on 2010-05-18

* Merge from debian unstable. Remaining changes:
  - debian/control:
    + Don't provide a libmysqlclient15-dev package as long as there
      are packages still build-depending on libmysqlclient15-dev and
      mysql-dfsg-5.0 is in the archive.
    + Lower mailx from a Recommends to a Suggests to avoid pulling in a
      full MTA on all installs of mysql-server (LP: #259477)
    + Make mysql-server-5.1 depend on mysql-server-core-5.1. (LP: #509667)
  - debian/rules:
  - debian/additions/debian-start.inc.sh: support ANSI mode (LP: #310211)
  - Add AppArmor profile:
    + debian/apparmor-profile: apparmor profile
    + debian/rules, debian/mysql-server-5.1.files: install apparmor profile.
    + debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain
    + debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge.
    + debian/mysql-server-5.1.README.Debian: add apparmor documentation.
    + debian/additions/my.cnf: Add warning about apparmor. (LP: #201799)
    + debian/mysql-server-5.1.postinst: reload apparmor profiles
  - debian/additions/my.cfn: remove language options. Error message files are
    located in a different direction in Mysql 5.0. Setting the language option
    to use /usr/share/mysql/english breaks 5.0. Both 5.0 and 5.1 use a
    default value that works. (LP: #316974)
  - mysql-server-core-5.1 package for files needed by Akonadi:
    + debian/control: create mysql-server-core-5.1 package
    + debian/mysql-server-core-5.1.files, debian/mysql-server-5.1.files:
      move core mysqld files to mysql-server-core-5.1 package.
  - debian/libmysqlclient16.symbols.amd64: remove amd64 symbols as it has
    not been correctly generated in Debian.
  - Add Apport hook (LP: #354188):
    + debian/mysql-server-5.1.py: apport package hook
    + debian/mysql-server-5.1.files, debian/rules: install apport package hook
  - debian/addtions/my.cnf:
    + drop old_password option.
    + fix commentened logging options to use general_log and general_log_file.
  - Don't upgrade if there is an ndb management node configured (LP: #413792)
  - Set thread stack size to 192K rather than 128K. 128K is only useful on
    systems with < 64M RAM and causes stack overrides with some SQL commands.
    See http://dev.mysql.com/doc/refman/5.1/en/server-system-varriables.html
    for more details. (LP: #426919)
  - Convert to upstart:
    + Add mysql-server-5.1.mysql.upstart
    + Dropped debian/mysql-server-5.1.mysql.init,
      debian/additions/mysqld_safe_syslog.cnf
    + debian/additions/my.cnf:
      * Removed pid declaration
      * Set up error logging to /var/log/mysql since we're not piping anything
        around logger anymore.
    + Remove references to mysqld_safe in these files:
      * debian/rules, mysql-server-5.1.logcheck.ignore.paranoid
        mysql-server-5.1.logcheck.ignore.workstation,
        mysql-server-5.1.logcheck.ignore.server
    + debian/mysql-server-5.1.postinst:
      * Replace calls to /etc/init.d with regular upstart calls
      * Remove reference to mysqld_safe
    + Dropped debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch
    + Load apparmor when loading upstart.
   - debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before
     running logrotate. (LP: #513135)
   - Make the testsuite installable. (LP: #530752)
   - debian/control: Use database for the package section (LP: #498939).
   - debian/mysql-server-5.1.templates: fix MySQL Cluster package name to
   - Move mysql_install_db and required .sql files from the server package to the
     server-core package.
   - Dropped:
     + debian/patches/90_mysql_safer_strmov: Merged upstream.
     + debian/patches/52_CVE-2009-4030.dpatch: Merged usptream.
     + debian/patches/53_CVE-2009-4484.dpatch: Merged upstream.
     + debian/patches/54_CVE-2008-7247.dpatch: Merged upstream.

29. By Kees Cook on 2010-05-01

debian/mysql-server-5.1.mysql.upstart: load AppArmor profile since
mysql can start before AppArmor now (LP: #573206).

28. By Harald Sitter on 2010-04-12

* Also move usr/bin/mysql_upgrade to the core package, as addition to the
  previous upload.
* Add new mysql-client-core-5.1 package
  + Move mysqlcheck and mysql from mysql-client-5.1 to te new package

27. By Harald Sitter on 2010-04-01

* Move mysql_install_db and required .sql files from the server package
  to the server-core package. Akonadi now executes aforementioned script
  to ensure the mysql system tables are available and mysqld does not cry
  about them (LP: #448705).
  resolveip was *not* moved. The install_db script gets executed using --force
* server-core replaces << this version of server

26. By Steve Langasek on 2010-03-31

[ Mathias Gug ]
* Ship mysqld_safe script (LP: #552053).
* debian/control: Use database for the package section (LP: #498939).
* debian/mysql-server-5.1.templates: fix MySQL Cluster package name to
  mention mysql-cluster-server (LP: #394515).
* debian/mysql-common.preinst: delete skip-bdb option if upgrading from 5.0
  since 5.1 fails to start if skip-bdb is in the configuration file.
  (LP: #444349).

[ Steve Langasek ]
* un-fuzzy the translations, which were only fuzzied due to a changed
  package name.

25. By Chuck Short on 2010-03-25

debian/{control, rules, mysql-testsuite.*}: Fix up testsuite package.

24. By Chuck Short on 2010-03-24

* debian/control: Add replaces mysql-server-5.0 for mysql-server-core-5.1 (LP: #537470)
* debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before
  running logrotate. (LP: #513135)
* Make the testsuite installable. (LP: #530752)

23. By Marc Deslauriers on 2010-02-22

* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
  of the mysql_unpacked_real_data_home value
  - debian/patches/52_CVE-2009-4030.dpatch: fix initialization order in
    sql/mysqld.cc.
  - CVE-2009-4030
* SECURITY UPDATE: arbitrary code execution via yassl stack overflow
  - debian/patches/53_CVE-2009-4484.dpatch: validate lengths in
    extra/yassl/taocrypt/src/asn.*.
  - CVE-2009-4484
* SECURITY UPDATE: access restriction bypass via symlink
  - debian/patches/54_CVE-2008-7247.dpatch: improve symlink handling in
    sql/sql_table.cc.
  - CVE-2008-7247

22. By Chuck Short on 2010-02-18

debian/apparmor-profile: Upate apparmor profile. Get rid of annoying warning
when starting mysql. (LP: #444479)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/mysql-dfsg-5.1
This branch contains Public information 
Everyone can see this information.

Subscribers