Debian Bug report logs -
#821094
Security fixes from the April 2016 CPU
Reported by: "Norvald H. Ryeng" <norvald.ryeng@oracle.com>
Date: Fri, 15 Apr 2016 12:03:01 UTC
Severity: grave
Tags: fixed-upstream, security, upstream
Found in version mysql-5.6/5.6.28-1
Fixed in version mysql-5.6/5.6.30-1
Done: Robie Basak <robie.basak@ubuntu.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
:
Bug#821094
; Package src:mysql-5.6
.
(Fri, 15 Apr 2016 12:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to "Norvald H. Ryeng" <norvald.ryeng@oracle.com>
:
New Bug report received and forwarded. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
.
(Fri, 15 Apr 2016 12:03:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: mysql-5.6
Version: 5.6.28-1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for April 2016 will be released on
Tuesday, April 19. According to the pre-release announcement [1], it will
contain information about CVEs fixed in MySQL 5.6.29.
The CVE numbers will be available when the CPU is released.
Regards,
Norvald H. Ryeng
[1]
http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
:
Bug#821094
; Package src:mysql-5.6
.
(Wed, 20 Apr 2016 07:42:11 GMT) (full text, mbox, link).
Acknowledgement sent
to "Norvald H. Ryeng" <norvald.ryeng@oracle.com>
:
Extra info received and forwarded to list. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
.
(Wed, 20 Apr 2016 07:42:12 GMT) (full text, mbox, link).
Message #10 received at 821094@bugs.debian.org (full text, mbox, reply):
Vulnerabilities fixed by upgrading from 5.6.28 to 5.6.30:
CVE-2015-3194
CVE-2016-0639
CVE-2016-0640
CVE-2016-0641
CVE-2016-0642
CVE-2016-0643
CVE-2016-0644
CVE-2016-0646
CVE-2016-0647
CVE-2016-0648
CVE-2016-0649
CVE-2016-0650
CVE-2016-0655
CVE-2016-0661
CVE-2016-0665
CVE-2016-0666
CVE-2016-0668
CVE-2016-0705
CVE-2016-2047
Reply sent
to Robie Basak <robie.basak@ubuntu.com>
:
You have taken responsibility.
(Wed, 20 Apr 2016 16:45:11 GMT) (full text, mbox, link).
Notification sent
to "Norvald H. Ryeng" <norvald.ryeng@oracle.com>
:
Bug acknowledged by developer.
(Wed, 20 Apr 2016 16:45:11 GMT) (full text, mbox, link).
Message #15 received at 821094-close@bugs.debian.org (full text, mbox, reply):
Source: mysql-5.6
Source-Version: 5.6.30-1
We believe that the bug you reported is fixed in the latest version of
mysql-5.6, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 821094@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Robie Basak <robie.basak@ubuntu.com> (supplier of updated mysql-5.6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 20 Apr 2016 16:22:57 +0100
Source: mysql-5.6
Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-core-5.6 mysql-client-5.6 mysql-server-core-5.6 mysql-server-5.6 mysql-server mysql-client mysql-testsuite mysql-testsuite-5.6 mysql-source-5.6
Architecture: source
Version: 5.6.30-1
Distribution: unstable
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
Changed-By: Robie Basak <robie.basak@ubuntu.com>
Description:
libmysqlclient-dev - MySQL database development files
libmysqlclient18 - MySQL database client library
libmysqld-dev - MySQL embedded database development files
libmysqld-pic - PIC version of MySQL embedded server development files
mysql-client - MySQL database client (metapackage depending on the latest versio
mysql-client-5.6 - MySQL database client binaries
mysql-client-core-5.6 - MySQL database core client binaries
mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf
mysql-server - MySQL database server (metapackage depending on the latest versio
mysql-server-5.6 - MySQL database server binaries and system database setup
mysql-server-core-5.6 - MySQL database server binaries
mysql-source-5.6 - MySQL source
mysql-testsuite - MySQL regression tests
mysql-testsuite-5.6 - MySQL 5.6 testsuite
Closes: 821094
Changes:
mysql-5.6 (5.6.30-1) unstable; urgency=high (security fixes)
.
* New upstream release for security fixes (Closes: #821094).
* Drop d/libmysqlclient18.lintian-overrides as the problem is genuine
and should not be hidden. This addresses #812812 in part, but does
not close it.
Checksums-Sha1:
f65846b31962ae99df6787bb9fd63ee3fd77565f 3174 mysql-5.6_5.6.30-1.dsc
85d2370bce02b903e8f93964fa5f93c2f068bcaf 32223818 mysql-5.6_5.6.30.orig.tar.gz
71ea50758c9577070e1d738d00de8b31a7da3769 249084 mysql-5.6_5.6.30-1.debian.tar.xz
Checksums-Sha256:
a3de7306c443e46d1b4ed11ce837c48d8729c7da464e0866da1bbcb504499d35 3174 mysql-5.6_5.6.30-1.dsc
48464df00aad9b9dfc26c903529ddad944a7562aa28e66e98e4f3f0c35179deb 32223818 mysql-5.6_5.6.30.orig.tar.gz
fa1ef8d9a1a09a18ae8350d916a444f5486726651d25b8725f09e35430c3f486 249084 mysql-5.6_5.6.30-1.debian.tar.xz
Files:
0db5afb6ae9ffb499e4a84152372ca54 3174 database optional mysql-5.6_5.6.30-1.dsc
ac8ba1db4454d2c144c7d892185a9328 32223818 database optional mysql-5.6_5.6.30.orig.tar.gz
a914cb058f10406f8495a6133ea5304a 249084 database optional mysql-5.6_5.6.30-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJXF5+GAAoJEOVkucJ1vdUu+qgP/jB58DtUeSjwIojflfCeM0h4
tbCYvu2atKt4VloBT58D0sRAXQfbXQL1VRx9tMf5tcfibxYAGvMu/lbqDiAN1ctB
qGDuoxy6uAaoQaCb2KNCLVMjuR6JPmCbRa1WniT0aZdbmLtOOO81RIQSdO12EKWH
9lCOVTWey/8KPf9AeEbBZZy/y9+h438ZKAH/BGrwyp3WaZUqrygvpekILX+N71yy
g3/eNYfLK7Ff5ziCeWfIrPlH6w+WXPybwzaRxD9QK7QCMaF4zL+WcHUAi8LikeUx
69jIj57qK059pXVpEkIXI5/teE7vRxJeNDX0FR32QbzPFVj3HW5pP+Y5oLxCSGro
QGFY/1Oqpsdgtnj/JKD17ce2lB7IYxP23LPX0qVbU0496mQT/wDbI9+wS6lGYxFE
OkjxaWBcCCjk3La/SdLYx31WgnLgV0D/rgZE4tmUWFS4JcvGZoj0AXNx2fzfmu+i
pvQyQ1gOBWmWBuZdHlJsYShWF/kLOdqPYUx/gI7L61RiPZR+G0v/9rxzICaNRXVn
Mrx05MHaLx6dnxj7i6OayDSqp665CZoyT6ouzX9Zc9NPE4ncL00SMeD8kC2HT7Tg
TZzOoJqM+ggI4VRk0syCaZC+SUwM8uZMV6kjQ217nax95uih9risPcFlrYdqsDs2
gVHb5nIY0DvXclGlFoFK
=bWiS
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sat, 21 May 2016 07:36:06 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:34:24 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.