Ubuntu

mysql 5.5.32, 5.1.70 security update tracking bug

Reported by Marc Deslauriers on 2013-07-22
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.5 (Ubuntu)
Medium
Marc Deslauriers
Lucid
Undecided
Unassigned
Precise
Medium
Marc Deslauriers
Quantal
Medium
Marc Deslauriers
Raring
Medium
Marc Deslauriers
Saucy
Medium
Marc Deslauriers
mysql-dfsg-5.1 (Ubuntu)
Undecided
Unassigned
Lucid
Medium
Marc Deslauriers
Precise
Undecided
Unassigned
Quantal
Undecided
Unassigned
Raring
Undecided
Unassigned
Saucy
Undecided
Unassigned
Changed in mysql-5.5 (Ubuntu Lucid):
status: New → Invalid
Changed in mysql-5.5 (Ubuntu Precise):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Quantal):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Raring):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Saucy):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Quantal):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Raring):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Saucy):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Precise):
importance: Undecided → Medium
Changed in mysql-5.5 (Ubuntu Quantal):
importance: Undecided → Medium
Changed in mysql-5.5 (Ubuntu Raring):
importance: Undecided → Medium
Changed in mysql-5.5 (Ubuntu Saucy):
importance: Undecided → Medium
Changed in mysql-dfsg-5.1 (Ubuntu Lucid):
assignee: nobody → Marc Deslauriers (mdeslaur)
importance: Undecided → Medium
status: New → Confirmed
Changed in mysql-dfsg-5.1 (Ubuntu Precise):
status: New → Invalid
Changed in mysql-dfsg-5.1 (Ubuntu Quantal):
status: New → Invalid
Changed in mysql-dfsg-5.1 (Ubuntu Raring):
status: New → Invalid
Changed in mysql-dfsg-5.1 (Ubuntu Saucy):
status: New → Invalid
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-dfsg-5.1 - 5.1.70-0ubuntu0.10.04.1

---------------
mysql-dfsg-5.1 (5.1.70-0ubuntu0.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: Update to 5.1.70 to fix security issues (LP: #1203828)
    - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
    - CVE-2013-1861
    - CVE-2013-3802
    - CVE-2013-3804
  * SECURITY UPDATE: insecure creation of debian.cnf file
    - debian/mysql-server-5.1.postinst: set umask to 066 before creating
      debian.cnf.
    - CVE-2013-2162
 -- Marc Deslauriers <email address hidden> Mon, 22 Jul 2013 15:07:29 -0400

Changed in mysql-dfsg-5.1 (Ubuntu Lucid):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.32-0ubuntu0.12.04.1

---------------
mysql-5.5 (5.5.32-0ubuntu0.12.04.1) precise-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
    - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
    - CVE-2013-1861
    - CVE-2013-3783
    - CVE-2013-3793
    - CVE-2013-3802
    - CVE-2013-3804
    - CVE-2013-3809
    - CVE-2013-3812
  * SECURITY UPDATE: insecure creation of debian.cnf file
    - debian/mysql-server-5.5.postinst: set umask to 066 before creating
      debian.cnf.
    - CVE-2013-2162
  * Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
  * Fix FTBFS from test suite failure
    - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
      from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.
 -- Marc Deslauriers <email address hidden> Tue, 23 Jul 2013 20:22:01 -0400

Changed in mysql-5.5 (Ubuntu Precise):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.32-0ubuntu0.12.10.1

---------------
mysql-5.5 (5.5.32-0ubuntu0.12.10.1) quantal-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
    - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
    - CVE-2013-1861
    - CVE-2013-3783
    - CVE-2013-3793
    - CVE-2013-3802
    - CVE-2013-3804
    - CVE-2013-3809
    - CVE-2013-3812
  * SECURITY UPDATE: insecure creation of debian.cnf file
    - debian/mysql-server-5.5.postinst: set umask to 066 before creating
      debian.cnf.
    - CVE-2013-2162
  * Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
  * Fix FTBFS from test suite failure
    - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
      from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.
 -- Marc Deslauriers <email address hidden> Tue, 23 Jul 2013 19:08:38 -0400

Changed in mysql-5.5 (Ubuntu Quantal):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.32-0ubuntu0.13.04.1

---------------
mysql-5.5 (5.5.32-0ubuntu0.13.04.1) raring-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828)
    - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
    - CVE-2013-1861
    - CVE-2013-3783
    - CVE-2013-3793
    - CVE-2013-3802
    - CVE-2013-3804
    - CVE-2013-3809
    - CVE-2013-3812
  * SECURITY UPDATE: insecure creation of debian.cnf file
    - debian/mysql-server-5.5.postinst: set umask to 066 before creating
      debian.cnf.
    - CVE-2013-2162
  * Adjust Apparmor profile to allow reading PID file. (LP: #1185573)
  * Fix FTBFS from test suite failure
    - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning
      from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql.
 -- Marc Deslauriers <email address hidden> Tue, 23 Jul 2013 16:40:38 -0400

Changed in mysql-5.5 (Ubuntu Raring):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.32-0ubuntu3

---------------
mysql-5.5 (5.5.32-0ubuntu3) saucy; urgency=low

  * Revert 5.5.32-0ubuntu2, which caused a severe regression making the
    package uninstallable. See LP: #1121874 for details.
 -- Robie Basak <email address hidden> Tue, 27 Aug 2013 11:55:13 +0000

Changed in mysql-5.5 (Ubuntu Saucy):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers