Debian Bug report logs -
#868798
Security fixes from the July 2017 CPU
Reported by: Lars Tangvald <lars.tangvald@oracle.com>
Date: Tue, 18 Jul 2017 18:30:02 UTC
Severity: grave
Tags: fixed-upstream, security, upstream
Found in version mysql-5.7/5.7.18-1
Fixed in version mysql-5.7/5.7.20-1
Done: Robie Basak <robie.basak@ubuntu.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#868798; Package src:mysql-5.7.
(Tue, 18 Jul 2017 18:30:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Lars Tangvald <lars.tangvald@oracle.com>:
New Bug report received and forwarded. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>.
(Tue, 18 Jul 2017 18:30:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: mysql-5.7
Version: 5.7.18-1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for July 2017 will be released on
Tuesday, July 18. According to the pre-release announcement [1], it
will contain information about CVEs fixed in MySQL 5.7.19.
We will update the bug with CVE numbers when they become available, and
test the update to ensure there are no packaging issues that need
addressing.
Regards,
Lars Tangvald
[1]
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#868798; Package src:mysql-5.7.
(Wed, 19 Jul 2017 10:27:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Lars Tangvald <lars.tangvald@oracle.com>:
Extra info received and forwarded to list. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>.
(Wed, 19 Jul 2017 10:27:09 GMT) (full text, mbox, link).
Message #10 received at 868798@bugs.debian.org (full text, mbox, reply):
CVE List for 5.7:
CVE-2017-3529
CVE-2017-3633
CVE-2017-3634
CVE-2017-3635
CVE-2017-3637
CVE-2017-3638
CVE-2017-3639
CVE-2017-3640
CVE-2017-3641
CVE-2017-3642
CVE-2017-3643
CVE-2017-3644
CVE-2017-3645
CVE-2017-3646
CVE-2017-3647
CVE-2017-3648
CVE-2017-3649
CVE-2017-3650
CVE-2017-3651
CVE-2017-3652
CVE-2017-3653
CVE-2017-3732
--
Lars
Reply sent
to Robie Basak <robie.basak@ubuntu.com>:
You have taken responsibility.
(Tue, 02 Jan 2018 13:03:03 GMT) (full text, mbox, link).
Notification sent
to Lars Tangvald <lars.tangvald@oracle.com>:
Bug acknowledged by developer.
(Tue, 02 Jan 2018 13:03:03 GMT) (full text, mbox, link).
Message #15 received at 868798-done@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
5.7.20-1 includes security fixes from previous upstream releases. It was
uploaded in November. No other 5.7 exists in any other Debian release.
[signature.asc (application/pgp-signature, inline)]
Marked as fixed in versions mysql-5.7/5.7.20-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 17 Jan 2018 05:57:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 01 Mar 2018 07:29:30 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:14:48 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon