Your message dated Sat, 12 Jan 2013 00:18:28 +0000
with message-id <e1ttons-00034n...@franck.debian.org>
and subject line Bug#695001: fixed in mysql-5.5 5.5.29+dfsg-1
has caused the Debian Bug report #695001,
regarding mysql-5.5: New MySQL issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
695001: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695001
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mysql-5.5
Severity: grave
Tags: security
Justification: user security hole
Exploits for new MySQL issues have been posted to the full-disclosure mailing
list.
This mail summarises the current state of affairs:
CVE-2012-5611 (formerly tracked as CVE-2012-5579)
Exploit: http://seclists.org/fulldisclosure/2012/Dec/4
Patch already available through mariadb.
CVE-2012-5612
Exploit: http://seclists.org/fulldisclosure/2012/Dec/5
mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3908
CVE-2012-5613
Exploit: http://seclists.org/fulldisclosure/2012/Dec/6
This was discussed to be intended behaviour:
http://seclists.org/oss-sec/2012/q4/388
CVE-2012-5614
Exploit: http://seclists.org/fulldisclosure/2012/De
mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3910
CVE-2012-5615
Exploit: http://seclists.org/fulldisclosure/2012/Dec/9
mariadb bug: https://mariadb.atlassian.net/browse/MDEV-3909
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: mysql-5.5
Source-Version: 5.5.29+dfsg-1
We believe that the bug you reported is fixed in the latest version of
mysql-5.5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 695...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nicholas Bamber <nicho...@periapt.co.uk> (supplier of updated mysql-5.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 11 Jan 2013 15:29:53 +0000
Source: mysql-5.5
Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev
mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5
mysql-server mysql-client mysql-testsuite-5.5 mysql-source-5.5
Architecture: source all i386
Version: 5.5.29+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org>
Changed-By: Nicholas Bamber <nicho...@periapt.co.uk>
Description:
libmysqlclient-dev - MySQL database development files
libmysqlclient18 - MySQL database client library
libmysqld-dev - MySQL embedded database development files
libmysqld-pic - PIC version of MySQL embedded server development files
mysql-client - MySQL database client (metapackage depending on the latest
versio
mysql-client-5.5 - MySQL database client binaries
mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf
mysql-server - MySQL database server (metapackage depending on the latest
versio
mysql-server-5.5 - MySQL database server binaries and system database setup
mysql-server-core-5.5 - MySQL database server binaries
mysql-source-5.5 - MySQL source
mysql-testsuite-5.5 - MySQL testsuite
Closes: 692871 695001
Changes:
mysql-5.5 (5.5.29+dfsg-1) unstable; urgency=low
.
[ Clint Byrum ]
* d/mysql-server-5.5.postinst: Patch from Alex Bligh to fix privilege
regression that was introduced in the switch from 5.1 to 5.5.
(Closes: #692871)
* New upstream release. (Closes: #695001) Refreshed patches.
Checksums-Sha1:
43779be62bdd8a86901204749cae1e5204c94e33 2954 mysql-5.5_5.5.29+dfsg-1.dsc
df1f3af8caf6b14813b4e0789ab6c0379e5de1e1 21199752
mysql-5.5_5.5.29+dfsg.orig.tar.gz
a523271db0d7262da3cff95484f8e237608bce9f 304465
mysql-5.5_5.5.29+dfsg-1.debian.tar.gz
ad0008d06a1411f0dd760cd1b001be64848b3d3e 108602
mysql-common_5.5.29+dfsg-1_all.deb
8b247ab02c592d393f50f6868a3b62bdaec4f09e 106816
mysql-server_5.5.29+dfsg-1_all.deb
6d4a30ae400e91490298217d756a51e41c83afcf 106692
mysql-client_5.5.29+dfsg-1_all.deb
17bee4c439dec9c9efbc021b17217ccf7e711262 690422
libmysqlclient18_5.5.29+dfsg-1_i386.deb
0cd0f151ac8afa510eb92e4dabadd8419277bd46 3099864
libmysqld-pic_5.5.29+dfsg-1_i386.deb
b08c678793a66e425b4e0fa857bbb549d7f14122 3096076
libmysqld-dev_5.5.29+dfsg-1_i386.deb
5be77033e57c4049ea6f1a640c62755dd00ee6d3 963548
libmysqlclient-dev_5.5.29+dfsg-1_i386.deb
2fd8c1d005baffb9ef0741b64f14a9f40206a9ca 1745422
mysql-client-5.5_5.5.29+dfsg-1_i386.deb
f35af946fe929ec6e67c254fba2d9fb91ca23919 3646514
mysql-server-core-5.5_5.5.29+dfsg-1_i386.deb
0908f54f4a450680a38918ef78da05c27f9c7ad6 2028340
mysql-server-5.5_5.5.29+dfsg-1_i386.deb
9f29d13b8f21d1b68d675ead07800303a798a99e 4318232
mysql-testsuite-5.5_5.5.29+dfsg-1_i386.deb
d77fab4a138d8b64460b3eb15e6daf25296c73c5 22710606
mysql-source-5.5_5.5.29+dfsg-1_i386.deb
Checksums-Sha256:
7be3a558757c99affbbff47bb2b534e8e9b1ec4c80ab4d5af6367438dd01346b 2954
mysql-5.5_5.5.29+dfsg-1.dsc
c67ce550fbb2a7fe3e838f292c9d301fcef83b2ca595ad751e9a4d305c348af7 21199752
mysql-5.5_5.5.29+dfsg.orig.tar.gz
387703e3195dedbd6a35df193ad5a7a4f45aeac77c4d70a7ad2a16ec43069136 304465
mysql-5.5_5.5.29+dfsg-1.debian.tar.gz
a5be57697a5f2281f80401c357e9a44ecf4d78b0dd099dde8e69e3e24291442e 108602
mysql-common_5.5.29+dfsg-1_all.deb
d89662d751f7785f819b757bd86fd7512ba70c447986f2110580f62d827338cd 106816
mysql-server_5.5.29+dfsg-1_all.deb
10b688a5196b103fd481af9d402203d87e03b5cd6b15d483e3fe77df003bb488 106692
mysql-client_5.5.29+dfsg-1_all.deb
013598bd31122ea8771d75e3a3e533d9e324c6d0dce5f6aa5a66d56e73fe662d 690422
libmysqlclient18_5.5.29+dfsg-1_i386.deb
b924cb65b7dc0c19293decdb065d4a947afe16caa67e4f0fc86b6107fe52d2bd 3099864
libmysqld-pic_5.5.29+dfsg-1_i386.deb
3e50e790014f7236251a07e9f9d07b8e7b12a05f72d7ee480567f0fdd890e26c 3096076
libmysqld-dev_5.5.29+dfsg-1_i386.deb
cb180eab7aca91826e73dbd1b1351aedaa042c898e3add6eb60f788e27049d1c 963548
libmysqlclient-dev_5.5.29+dfsg-1_i386.deb
7333c3cea3571a9d0b7f70317becdbe1657c1d2d14f6f04394eecb63114ea9cc 1745422
mysql-client-5.5_5.5.29+dfsg-1_i386.deb
9aea29344c4954acb0ba99a42036a8269c3a7f5f4f01dc9613c71219674ef0a0 3646514
mysql-server-core-5.5_5.5.29+dfsg-1_i386.deb
5bd5388c7475c56e8c7ac8a3a075ff3ecf4f86cb10137de0c74a76de61dfc593 2028340
mysql-server-5.5_5.5.29+dfsg-1_i386.deb
413668e5cbc4b2f45c08563ca5f2e7a4176fbdb413318d6729329f550ae659ba 4318232
mysql-testsuite-5.5_5.5.29+dfsg-1_i386.deb
02b821181398f7f25ce831810d42e33af2febbbeb66f2ca264f27df495187603 22710606
mysql-source-5.5_5.5.29+dfsg-1_i386.deb
Files:
d5b8a7c3bbcf933b1378867fe15d571b 2954 database optional
mysql-5.5_5.5.29+dfsg-1.dsc
85adedbcb966d2c192e04881d8820147 21199752 database optional
mysql-5.5_5.5.29+dfsg.orig.tar.gz
122906b2f52d799dd38ba16a82c1a933 304465 database optional
mysql-5.5_5.5.29+dfsg-1.debian.tar.gz
514ed478843bf065ee2ac6ad44d2c9f6 108602 database optional
mysql-common_5.5.29+dfsg-1_all.deb
8c6d73d94aa6328d84e3f0c8ce3bcbee 106816 database optional
mysql-server_5.5.29+dfsg-1_all.deb
30308b0b972abdbae4553986392318fa 106692 database optional
mysql-client_5.5.29+dfsg-1_all.deb
b5cc58a793fa5903f534d18ab23f4f00 690422 libs optional
libmysqlclient18_5.5.29+dfsg-1_i386.deb
8b9494619d7e5552a65d14850fe3d7f4 3099864 libdevel optional
libmysqld-pic_5.5.29+dfsg-1_i386.deb
3bf2f373578b9cd3ae20d9e45ccff25a 3096076 libdevel optional
libmysqld-dev_5.5.29+dfsg-1_i386.deb
2dc49bbab1a301e452cd1a3358102eaa 963548 libdevel optional
libmysqlclient-dev_5.5.29+dfsg-1_i386.deb
c63461b8b5038245028282b9759b67e8 1745422 database optional
mysql-client-5.5_5.5.29+dfsg-1_i386.deb
3a789c5054943a49c76110fa88894067 3646514 database optional
mysql-server-core-5.5_5.5.29+dfsg-1_i386.deb
17ec0665b68d45db73bddbe5fac34dda 2028340 database optional
mysql-server-5.5_5.5.29+dfsg-1_i386.deb
441aa762e0ec0e7f59d8aa4a5b4572ea 4318232 database optional
mysql-testsuite-5.5_5.5.29+dfsg-1_i386.deb
d3190a715e0d9790c94691a325ace649 22710606 database optional
mysql-source-5.5_5.5.29+dfsg-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJQ8J6hAAoJELbE2bY7/+c8GTEQALGrw5GmxIb7NDgEu5pFcJru
e4mlaK0Axod1pkjeTvQL0zztAD7KvYehr3RRMtsg3X3Ut6grugDlThaWhPHWHwib
R6cbl866+prXx4YCGzPBeouuXSm2s/crNYBjKh05l9mxXhd8OUZfQf5hJVfmqst6
s8upX+ekHADjSVGLhryaA0vfycv6V3qHkbnz2xZS7A+68FJ/+9/LNgMHSkK1/bVe
A7dwJQbn+KRdgTmR3CW1FpQ1r26m9xHRC4+Et2xIJQVt69LVBT5njg3MI2EMsI6s
GvzTnjXppgE1/UJpqIP+bncJK1J9MdSim7Y3ugSQbrR8QYHB5VMITIkr6IaiQJmC
ecF5C31v/xlfwRr+YtTRpnBHqCc0s78eUy8N8BCjQez2/T+CkaVZy4PulRoJUc7f
hYQekBV/jy4Yv9H5f2MXpEZ2IhskTl74kQncbwB6xwXnXZQ78ydhhPsWD9NVIir3
14RyECQ1umF5UE0F0EB+kDVtDSC/bHHGBN082z5XupFO5cjZ8nmjSdfgdHrUtZ7J
++AR2dMAnHezCGGpt0nLd4Y68BU71xP3058dttl6Ox1jhD/7/O9z6PE4N2iCReKM
0vbFi/Ese5JfqR7RTxb2IIotrXmhErVlgXvi0x1uxL+GqysUlfnI4mPJQRbgecTH
gvlRLunf90x0jZhGdtMN
=UejU
-----END PGP SIGNATURE-----
--- End Message ---