mysql-5.7: Security fixes from the April 2018 CPU

Debian Bug report logs - #895997
mysql-5.7: Security fixes from the April 2018 CPU

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: mysql-5.7: Security fixes from the April 2018 CPU

Date: Wed, 18 Apr 2018 15:00:18 +0200

Source: mysql-5.7
Version: 5.7.21-1
Severity: grave
Tags: security upstream

Hi

Detail at
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL

Regards,
Salvatore

Message #10 received at 895997@bugs.debian.org (full text, mbox, reply):

From: Lars Tangvald <lars.tangvald@oracle.com>

To: Salvatore Bonaccorso <carnil@debian.org>, 895997@bugs.debian.org

Subject: Re: [debian-mysql] Bug#895997: mysql-5.7: Security fixes from the April 2018 CPU

Date: Thu, 19 Apr 2018 07:16:08 +0200

Hi,

We'll prepare the update once 5.7.22 has been released (the release is 
almost always before the advisory, but not this time).

--
Lars

On 04/18/2018 03:00 PM, Salvatore Bonaccorso wrote:
> Source: mysql-5.7
> Version: 5.7.21-1
> Severity: grave
> Tags: security upstream
>
> Hi
>
> Detail at
> http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
>
> Regards,
> Salvatore
>
> _______________________________________________
> pkg-mysql-maint mailing list
> pkg-mysql-maint@alioth-lists.debian.net
> https://urldefense.proofpoint.com/v2/url?u=https-3A__alioth-2Dlists.debian.net_cgi-2Dbin_mailman_listinfo_pkg-2Dmysql-2Dmaint&d=DwIGaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=M-8dedO8w3Vlx9Nb3v_HN_eQTPKU36yJj5mmQmreYMQ&m=4u-hjYaJFpbBqM1HT4QPVruRRxueCe_YeZ9D9iHlSNk&s=giGdjER9sPFOFvwIHCFZylKd-Z5TPXfU2B9xVfTo-D4&e=

Message #15 received at 895997-close@bugs.debian.org (full text, mbox, reply):

From: Lars Tangvald <lars.tangvald@oracle.com>

To: 895997-close@bugs.debian.org

Subject: Bug#895997: fixed in mysql-5.7 5.7.22-1

Date: Fri, 08 Jun 2018 15:36:56 +0000

Source: mysql-5.7
Source-Version: 5.7.22-1

We believe that the bug you reported is fixed in the latest version of
mysql-5.7, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 895997@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Lars Tangvald <lars.tangvald@oracle.com> (supplier of updated mysql-5.7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 23 Apr 2018 08:20:42 +0200
Source: mysql-5.7
Binary: libmysqlclient20 libmysqld-dev libmysqlclient-dev mysql-client-core-5.7 mysql-client-5.7 mysql-server-core-5.7 mysql-server-5.7 mysql-server mysql-client mysql-testsuite mysql-testsuite-5.7 mysql-source-5.7
Architecture: source
Version: 5.7.22-1
Distribution: unstable
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
Changed-By: Lars Tangvald <lars.tangvald@oracle.com>
Description:
 libmysqlclient-dev - MySQL database development files
 libmysqlclient20 - MySQL database client library
 libmysqld-dev - MySQL embedded database development files
 mysql-client - MySQL database client (metapackage depending on the latest versio
 mysql-client-5.7 - MySQL database client binaries
 mysql-client-core-5.7 - MySQL database core client binaries
 mysql-server - MySQL database server (metapackage depending on the latest versio
 mysql-server-5.7 - MySQL database server binaries and system database setup
 mysql-server-core-5.7 - MySQL database server binaries
 mysql-source-5.7 - MySQL source
 mysql-testsuite - MySQL regression tests
 mysql-testsuite-5.7 - MySQL 5.7 testsuite
Closes: 895997
Changes:
 mysql-5.7 (5.7.22-1) unstable; urgency=high (security fixes)
 .
   * Imported upstream version 5.7.22 to fix security issues:
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
     - CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761
     - CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771
     - CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777
     - CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781
     - CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787
     - CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2817
     - CVE-2018-2816 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839
     - CVE-2018-2846
     (Closes: #895997)
   * d/tests: Broken test main.ssl_ca disabled for dep8
     Upstream report: https://bugs.mysql.com/bug.php?id=90749
   * d/copyright: Added entry for new file .gitreview
   * d/control: Replace obsolete build-dep on dh-systemd
     Dependency is replaced by debhelper (>= 9.20160709)
Checksums-Sha1:
 2cafefd0e09a988eca132a957ec124cc42346cfa 3240 mysql-5.7_5.7.22-1.dsc
 f4a65a2789cb2f697178327623407f7314b65faf 48985783 mysql-5.7_5.7.22.orig.tar.gz
 dfbce56a592cfa09ec1d614e13997a8da8e76446 153880 mysql-5.7_5.7.22-1.debian.tar.xz
Checksums-Sha256:
 fccfac28a873255b61fb0ac27e42f35f54758ea0ef71fb565ca099ef185e652c 3240 mysql-5.7_5.7.22-1.dsc
 5b2a61700af7c99f5630a7dfdb099af9283c3029843cddd9e123bcdbcc4aad03 48985783 mysql-5.7_5.7.22.orig.tar.gz
 3598c15fdff340747d024a3d618287dde86787defb55f91f1f4f87f418175300 153880 mysql-5.7_5.7.22-1.debian.tar.xz
Files:
 9655d793b89ebaf0d3e72cd0967b7b3f 3240 database optional mysql-5.7_5.7.22-1.dsc
 4af7ca82eb0dfd4cfb23fe6ea28a2fae 48985783 database optional mysql-5.7_5.7.22.orig.tar.gz
 fc9f74a806c900ef90166c6bd077afcd 153880 database optional mysql-5.7_5.7.22-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJbGpozAAoJEOVkucJ1vdUu0QkP/A2n623XqcxYMT1vhaPj2sq1
Nhu7mhh4WVvxEAG96z38oQJh/Thu5qXCChuCXjOZp6CioU39/3KDJuTRhkPCha1r
Y0RZzNQ3TbZVjgUk7y40UsWxjBxzZla911d0fF6LlvqjtBgRamymVkC91eSL50lo
QZGGNg7urqbZjaOcyZVRWTLexHRRQAKsOo7MS1skfNYD/OTdseqdEnY8Xm5kEF/v
Na/KJCWW9+T3FhBs1Gdek192q8KmgJljL2TIVndcwI4tDfd27f9HTf+tQC0WzZdh
e+2j+JiQE5uyJ/sYCStR15OIT19OnsJKdtiuYG2NXV6+StgMf3wDIoSD2Adp9HEf
x2gjMoM35mfzsizlijrFa+6bgur+ZUiqzWZ7xR++Ro7ZTw+xNybYob+Rp4gaWkf9
flQhTNraky9YgMY590eoY0IzN5lAFWtP3qS/pQPD2uL+oWhuL6fd3i38YYBzDwMg
wxairUIhUMbQX0V5cmEL4XlZ5Og0s41WXe3FyWhri6CKfQXaz6j7gzIYCywJKKtw
NIkVRR8yw0IwldGSZt42txOgSoOKF04Li6fhdJyIkEj4RZsytRlWMu8c1uuQdHIa
M2uCwJOlTVARRHFFgBt5FtsNOKVspzoOdsb5GeAdCDx6Dcy0wlzY2CBV2p2VD8ba
4D+F2H78kQNVt8ByxkgH
=eMCG
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.