USN-3629-3: partially applies to MariaDB too
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| mariadb-10.0 (Ubuntu) |
Undecided
|
Steve Beattie | ||
| mariadb-10.1 (Ubuntu) |
Undecided
|
Unassigned | ||
| mariadb-5.5 (Ubuntu) |
Undecided
|
Steve Beattie |
Bug Description
https:/
https:/
The security notice above also affect MariaDB and the latest release includes fixes.
I will produce a security release soon and attach more information to this bug report for:
- mariadb.5.5 in Trusty
- mariadb-10.0 in Xenial
- mariadb-10.1 in Bionic
Cosmic can sync from Debian, so there is no need to prepare an upload for it. Artful is soon end-of-line, and the previous upload messed up things, so I don't plan touching it in this round.
description: | updated |
Otto Kekäläinen (otto) wrote : | #1 |
Otto Kekäläinen (otto) wrote : | #2 |
Correct URL for packaging source repo above is https:/
Leonidas S. Barbosa (leosilvab) wrote : | #3 |
Hi Otto,
I'm not sure what I did wrong:
Steps I did:
1. gbp clone --debian-
2. cd bionic-sponsoring
3. gbp buildpackage --git-builder="umt source"
Error> gbp:error: Pristine-tar couldn't checkout "mariadb-
pristine-tar: git show refs/heads/
From prestine branch:
(pristine-tar) ls
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
mariadb-
Otto Kekäläinen (otto) wrote : | #4 |
Sorry. Ran now git push --all so that all branches are published on salsa.debian.org
Leonidas S. Barbosa (leosilvab) wrote : | #5 |
Now I'm getting this:
gbp buildpackage --git-builder="umt source"
gbp:error: Pristine-tar couldn't checkout "mariadb-
pristine-tar: failed to generate tarbal
Otto Kekäläinen (otto) wrote : | #6 |
Hello!
I don't have umt installed, but I tested that a plain gbp buildpackage -S -d works for me. Using gbp version 0.9.8 (from Ubuntu Bionic). Are you running something older?
Leonidas S. Barbosa (leosilvab) wrote : | #7 |
Thanks Otto,
Yep it seems my old version (0.7.2) is the issue also "pristine-tar format 3 requires a newer version of pristine-tar than is in xenial".
Otto Kekäläinen (otto) wrote : | #8 |
Unmangled link:
https:/
Work-in-progress in repos:
https:/
https:/
In repo https:/
Test builds pending:
https:/
https:/
Marc Deslauriers (mdeslaur) wrote : | #9 |
Thanks Otto!
The bionic package is being built in the security team PPA and will likely get published today.
Launchpad Janitor (janitor) wrote : | #10 |
This bug was fixed in the package mariadb-10.1 - 1:10.1.
---------------
mariadb-10.1 (1:10.1.
* SECURITY UPDATE: New upstream release 10.1.34. Includes fixes for
the security vulnerabilities from previous releases (LP: #1779715).
* Previous upstream version 10.1.33 included fixes for the following
security vulnerabilities:
- CVE-2018-2819
- CVE-2018-2817
- CVE-2018-2813
- CVE-2018-2787
- CVE-2018-2784
- CVE-2018-2782
- CVE-2018-2781
- CVE-2018-2771
- CVE-2018-2766
- CVE-2018-2761
- CVE-2018-2755
* Previous upstream version 10.1.31 included fixes for the following
security vulnerabilities:
- CVE-2018-2668
- CVE-2018-2665
- CVE-2018-2640
- CVE-2018-2622
- CVE-2018-2612
- CVE-2018-2562
* Previous upstream version 10.1.30 included fixes for the following
security vulnerabilities:
- CVE-2017-15365
[ Otto Kekäläinen ]
* Update VCS-* links to point to the new source repository
* Update Maintainer in d/control for Ubuntu repositories
* Delete unnecessary systemd files introduced by upstream
* Add new files introduced by upstream to correct packages
[ Vicențiu Ciorbaru ]
* Extend libmariadbclien
* Disable disks.disks test
-- Otto Kekäläinen <email address hidden> Sun, 08 Jul 2018 11:14:42 +0300
Changed in mariadb-10.1 (Ubuntu): | |
status: | New → Fix Released |
Otto Kekäläinen (otto) wrote : | #11 |
MariaDB 5.5.61-
Otto Kekäläinen (otto) wrote : | #12 |
MariaDB 10.0.36-
Otto Kekäläinen (otto) wrote : | #13 |
Reminder that Trusty and Xenial are ready for upload, just waiting for security sponsoring.
Steve Beattie (sbeattie) wrote : | #14 |
Thanks Otto, sorry for the delay. I'll take this.
Changed in mariadb-10.0 (Ubuntu): | |
assignee: | nobody → Steve Beattie (sbeattie) |
Changed in mariadb-5.5 (Ubuntu): | |
assignee: | Otto Kekäläinen (otto) → Steve Beattie (sbeattie) |
Launchpad Janitor (janitor) wrote : | #15 |
This bug was fixed in the package mariadb-10.0 - 10.0.36-
---------------
mariadb-10.0 (10.0.36-
* SECURITY UPDATE: New upstream release 10.0.36. Includes fixes for
the following security vulnerabilities (LP: #1779715):
- CVE-2018-3066
- CVE-2018-3064
- CVE-2018-3063
- CVE-2018-3058
* Previous release 10.0.35 included included fixes for
- CVE-2018-3081
- CVE-2018-2819
- CVE-2018-2817
- CVE-2018-2813
- CVE-2018-2787
- CVE-2018-2784
- CVE-2018-2782
- CVE-2018-2781
- CVE-2018-2771
- CVE-2018-2766
- CVE-2018-2761
- CVE-2018-2755
-- Otto Kekäläinen <email address hidden> Thu, 02 Aug 2018 23:45:15 +0800
Changed in mariadb-10.0 (Ubuntu): | |
status: | New → Fix Released |
Launchpad Janitor (janitor) wrote : | #16 |
This bug was fixed in the package mariadb-5.5 - 5.5.61-
---------------
mariadb-5.5 (5.5.61-
* SECURITY UPDATE: New upstream release 5.5.61. Includes fixes for
the following security vulnerabilities (LP: #1779715):
- CVE-2018-3081
- CVE-2018-3066
- CVE-2018-3063
- CVE-2018-3058
* Previous release 5.5.60 included included fixes for
the following security vulnerabilities:
- CVE-2018-2819
- CVE-2018-2817
- CVE-2018-2813
- CVE-2018-2781
- CVE-2018-2771
- CVE-2018-2761
- CVE-2018-2755
-- Otto Kekäläinen <email address hidden> Thu, 02 Aug 2018 23:25:55 +0800
Changed in mariadb-5.5 (Ubuntu): | |
status: | New → Fix Released |
The 10.1 series update for 18.04 is now available.
Please use git-buildpackage to fetch and build from the ubuntu-18.04 branch at https:/ /salsa. debian. org/mariadb- team/mariadb- 10.1/tree/ ubuntu- 18.044
The repository uses pristine-tar, so there is no need to separately download the sources. You can just check the signature/SHA1SUM directly from the git-buildpackage generated tarball.
Test builds and testsuite passed on all platforms at /launchpad. net/~mysql- ubuntu/ +archive/ ubuntu/ mariadb- 10.1/+builds? build_text= &build_ state=all
https:/
Debdiffs can be created directly from the repo like in a local clone with 'git diff <tag1>..<tag2> debian/'
Security sponsor note these: https:/ /wiki.ubuntu. com/SecurityTea m/PublicationNo tes#Sponsoring_ MariaDB_ Security_ Updates? field.comment= The 10.1 series update for 18.04 is now available.
Please use git-buildpackage to fetch and build from the ubuntu-18.04 branch at https:/ /salsa. debian. org/mariadb- team/mariadb- 10.1/tree/ ubuntu- 18.044
The repository uses pristine-tar, so there is no need to separately download the sources. You can just check the signature/SHA1SUM directly from the git-buildpackage generated tarball.
Test builds and testsuite passed on all platforms at /launchpad. net/~mysql- ubuntu/ +archive/ ubuntu/ mariadb- 10.1/+builds? build_text= &build_ state=all
https:/
Debdiffs can be created directly from the repo like in a local clone with 'git diff <tag1>..<tag2> debian/'
Security sponsor note these: https:/ /wiki.ubuntu. com/SecurityTea m/PublicationNo tes#Sponsoring_ MariaDB_ Security_ Updates