mysql 5.5.37 security update tracking bug

Bug #1309662 reported by Marc Deslauriers on 2014-04-18
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.5 (Ubuntu)
Undecided
Marc Deslauriers
Precise
Undecided
Marc Deslauriers
Quantal
Undecided
Marc Deslauriers
Saucy
Undecided
Marc Deslauriers
Trusty
Undecided
Marc Deslauriers
Changed in mysql-5.5 (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Quantal):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Saucy):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in mysql-5.5 (Ubuntu Precise):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Quantal):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Saucy):
status: New → Confirmed
Changed in mysql-5.5 (Ubuntu Trusty):
status: New → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.13.10.1

---------------
mysql-5.5 (5.5.37-0ubuntu0.13.10.1) saucy-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440
  * Drop creation of insecure database permissions:
    - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
      d/p/41_scripts__mysql_install_db.sh__no_test.patch,
      d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
      package, inadvertently dropped in 5.5 transition. This
      removes the global anonymous access to the database which
      is a security concern.
 -- Marc Deslauriers <email address hidden> Sat, 19 Apr 2014 20:45:09 -0400

Changed in mysql-5.5 (Ubuntu Saucy):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.12.10.1

---------------
mysql-5.5 (5.5.37-0ubuntu0.12.10.1) quantal-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440
  * Drop creation of insecure database permissions:
    - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
      d/p/41_scripts__mysql_install_db.sh__no_test.patch,
      d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
      package, inadvertently dropped in 5.5 transition. This
      removes the global anonymous access to the database which
      is a security concern.
 -- Marc Deslauriers <email address hidden> Sun, 20 Apr 2014 09:15:17 -0400

Changed in mysql-5.5 (Ubuntu Quantal):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.14.04.1

---------------
mysql-5.5 (5.5.37-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440
 -- Marc Deslauriers <email address hidden> Fri, 18 Apr 2014 13:37:55 -0400

Changed in mysql-5.5 (Ubuntu Trusty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-5.5 - 5.5.37-0ubuntu0.12.04.1

---------------
mysql-5.5 (5.5.37-0ubuntu0.12.04.1) precise-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440
  * Drop creation of insecure database permissions:
    - d/p/33_scripts__mysql_create_system_tables__no_test.patch,
      d/p/41_scripts__mysql_install_db.sh__no_test.patch,
      d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1
      package, inadvertently dropped in 5.5 transition. This
      removes the global anonymous access to the database which
      is a security concern.
 -- Marc Deslauriers <email address hidden> Sun, 20 Apr 2014 13:03:23 -0400

Changed in mysql-5.5 (Ubuntu Precise):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers