Security fixes from the April 2016 CPU

Debian Bug report logs - #821094
Security fixes from the April 2016 CPU

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Norvald H. Ryeng" <norvald.ryeng@oracle.com>

To: submit@bugs.debian.org

Subject: Security fixes from the April 2016 CPU

Date: Fri, 15 Apr 2016 14:02:17 +0200

Source: mysql-5.6
Version: 5.6.28-1
Severity: grave
Tags: security upstream fixed-upstream

The Oracle Critical Patch Update for April 2016 will be released on  
Tuesday, April 19. According to the pre-release announcement [1], it will  
contain information about CVEs fixed in MySQL 5.6.29.

The CVE numbers will be available when the CPU is released.

Regards,

Norvald H. Ryeng

[1]  
http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html

Message #10 received at 821094@bugs.debian.org (full text, mbox, reply):

From: "Norvald H. Ryeng" <norvald.ryeng@oracle.com>

To: 821094@bugs.debian.org

Subject: Re: [debian-mysql] Bug#821094: Security fixes from the April 2016 CPU

Date: Wed, 20 Apr 2016 09:28:43 +0200

Vulnerabilities fixed by upgrading from 5.6.28 to 5.6.30:

CVE-2015-3194
CVE-2016-0639
CVE-2016-0640
CVE-2016-0641
CVE-2016-0642
CVE-2016-0643
CVE-2016-0644
CVE-2016-0646
CVE-2016-0647
CVE-2016-0648
CVE-2016-0649
CVE-2016-0650
CVE-2016-0655
CVE-2016-0661
CVE-2016-0665
CVE-2016-0666
CVE-2016-0668
CVE-2016-0705
CVE-2016-2047

Message #15 received at 821094-close@bugs.debian.org (full text, mbox, reply):

From: Robie Basak <robie.basak@ubuntu.com>

To: 821094-close@bugs.debian.org

Subject: Bug#821094: fixed in mysql-5.6 5.6.30-1

Date: Wed, 20 Apr 2016 16:42:01 +0000

Source: mysql-5.6
Source-Version: 5.6.30-1

We believe that the bug you reported is fixed in the latest version of
mysql-5.6, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 821094@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robie Basak <robie.basak@ubuntu.com> (supplier of updated mysql-5.6 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 20 Apr 2016 16:22:57 +0100
Source: mysql-5.6
Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-core-5.6 mysql-client-5.6 mysql-server-core-5.6 mysql-server-5.6 mysql-server mysql-client mysql-testsuite mysql-testsuite-5.6 mysql-source-5.6
Architecture: source
Version: 5.6.30-1
Distribution: unstable
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
Changed-By: Robie Basak <robie.basak@ubuntu.com>
Description:
 libmysqlclient-dev - MySQL database development files
 libmysqlclient18 - MySQL database client library
 libmysqld-dev - MySQL embedded database development files
 libmysqld-pic - PIC version of MySQL embedded server development files
 mysql-client - MySQL database client (metapackage depending on the latest versio
 mysql-client-5.6 - MySQL database client binaries
 mysql-client-core-5.6 - MySQL database core client binaries
 mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf
 mysql-server - MySQL database server (metapackage depending on the latest versio
 mysql-server-5.6 - MySQL database server binaries and system database setup
 mysql-server-core-5.6 - MySQL database server binaries
 mysql-source-5.6 - MySQL source
 mysql-testsuite - MySQL regression tests
 mysql-testsuite-5.6 - MySQL 5.6 testsuite
Closes: 821094
Changes:
 mysql-5.6 (5.6.30-1) unstable; urgency=high (security fixes)
 .
   * New upstream release for security fixes (Closes: #821094).
   * Drop d/libmysqlclient18.lintian-overrides as the problem is genuine
     and should not be hidden. This addresses #812812 in part, but does
     not close it.
Checksums-Sha1:
 f65846b31962ae99df6787bb9fd63ee3fd77565f 3174 mysql-5.6_5.6.30-1.dsc
 85d2370bce02b903e8f93964fa5f93c2f068bcaf 32223818 mysql-5.6_5.6.30.orig.tar.gz
 71ea50758c9577070e1d738d00de8b31a7da3769 249084 mysql-5.6_5.6.30-1.debian.tar.xz
Checksums-Sha256:
 a3de7306c443e46d1b4ed11ce837c48d8729c7da464e0866da1bbcb504499d35 3174 mysql-5.6_5.6.30-1.dsc
 48464df00aad9b9dfc26c903529ddad944a7562aa28e66e98e4f3f0c35179deb 32223818 mysql-5.6_5.6.30.orig.tar.gz
 fa1ef8d9a1a09a18ae8350d916a444f5486726651d25b8725f09e35430c3f486 249084 mysql-5.6_5.6.30-1.debian.tar.xz
Files:
 0db5afb6ae9ffb499e4a84152372ca54 3174 database optional mysql-5.6_5.6.30-1.dsc
 ac8ba1db4454d2c144c7d892185a9328 32223818 database optional mysql-5.6_5.6.30.orig.tar.gz
 a914cb058f10406f8495a6133ea5304a 249084 database optional mysql-5.6_5.6.30-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXF5+GAAoJEOVkucJ1vdUu+qgP/jB58DtUeSjwIojflfCeM0h4
tbCYvu2atKt4VloBT58D0sRAXQfbXQL1VRx9tMf5tcfibxYAGvMu/lbqDiAN1ctB
qGDuoxy6uAaoQaCb2KNCLVMjuR6JPmCbRa1WniT0aZdbmLtOOO81RIQSdO12EKWH
9lCOVTWey/8KPf9AeEbBZZy/y9+h438ZKAH/BGrwyp3WaZUqrygvpekILX+N71yy
g3/eNYfLK7Ff5ziCeWfIrPlH6w+WXPybwzaRxD9QK7QCMaF4zL+WcHUAi8LikeUx
69jIj57qK059pXVpEkIXI5/teE7vRxJeNDX0FR32QbzPFVj3HW5pP+Y5oLxCSGro
QGFY/1Oqpsdgtnj/JKD17ce2lB7IYxP23LPX0qVbU0496mQT/wDbI9+wS6lGYxFE
OkjxaWBcCCjk3La/SdLYx31WgnLgV0D/rgZE4tmUWFS4JcvGZoj0AXNx2fzfmu+i
pvQyQ1gOBWmWBuZdHlJsYShWF/kLOdqPYUx/gI7L61RiPZR+G0v/9rxzICaNRXVn
Mrx05MHaLx6dnxj7i6OayDSqp665CZoyT6ouzX9Zc9NPE4ncL00SMeD8kC2HT7Tg
TZzOoJqM+ggI4VRk0syCaZC+SUwM8uZMV6kjQ217nax95uih9risPcFlrYdqsDs2
gVHb5nIY0DvXclGlFoFK
=bWiS
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.