2017-03-01 10:33:57 |
James Page |
bug |
|
|
added bug |
2017-03-01 10:46:46 |
James Page |
bug task added |
|
percona-galera-3 (Ubuntu) |
|
2017-03-01 10:47:09 |
James Page |
bug task added |
|
percona-xtrabackup (Ubuntu) |
|
2017-03-01 10:47:50 |
James Page |
description |
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream. |
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.
https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes/release-notes_index.html |
|
2017-03-01 11:00:53 |
James Page |
summary |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19 |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19 |
|
2017-03-01 11:05:27 |
James Page |
summary |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19 |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.5 |
|
2017-03-01 11:29:45 |
James Page |
summary |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.5 |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7 |
|
2017-03-01 11:45:27 |
James Page |
percona-galera-3 (Ubuntu): importance |
Undecided |
High |
|
2017-03-01 11:45:29 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu): importance |
Undecided |
High |
|
2017-03-01 11:45:31 |
James Page |
percona-xtrabackup (Ubuntu): importance |
Undecided |
High |
|
2017-03-01 11:45:34 |
James Page |
percona-xtrabackup (Ubuntu): status |
New |
Triaged |
|
2017-03-01 11:45:35 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu): status |
New |
Triaged |
|
2017-03-01 11:46:13 |
James Page |
percona-galera-3 (Ubuntu): status |
New |
Triaged |
|
2017-03-01 13:15:36 |
James Page |
nominated for series |
|
Ubuntu Zesty |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtrabackup (Ubuntu Zesty) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtradb-cluster-5.6 (Ubuntu Zesty) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-galera-3 (Ubuntu Zesty) |
|
2017-03-01 13:15:36 |
James Page |
nominated for series |
|
Ubuntu Xenial |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtrabackup (Ubuntu Xenial) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtradb-cluster-5.6 (Ubuntu Xenial) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-galera-3 (Ubuntu Xenial) |
|
2017-03-01 13:15:36 |
James Page |
nominated for series |
|
Ubuntu Yakkety |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtrabackup (Ubuntu Yakkety) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-xtradb-cluster-5.6 (Ubuntu Yakkety) |
|
2017-03-01 13:15:36 |
James Page |
bug task added |
|
percona-galera-3 (Ubuntu Yakkety) |
|
2017-03-03 09:21:44 |
James Page |
summary |
[SRU] percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7 |
percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7 |
|
2017-03-03 09:23:52 |
James Page |
bug |
|
|
added subscriber Ubuntu Release Team |
2017-03-03 09:24:04 |
James Page |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2017-03-03 09:28:05 |
James Page |
description |
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.
https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes/release-notes_index.html |
[Impact]
The version of percona-xtradb-cluster-5.6 in xenial and later is out of date with know security vulnerabilities; users of this package are a risk of compromise.
[Test Case]
To verify the upgrade to the newer versions is OK, deployment of a three unit pxc cluster with sample date, upgrade to new version and re-verification of data will be undertaken.
[Regression Potential]
Medium; we're re-aligning across all three packages with Percona's upstream repositories however this will require a version dependency bump in percona-xtrabackup (2.2.x -> 2.3.x); this should be fine, but this tool has potential use outside of percona-xtradb-server-5.6 (its great for online backups of MySQL generally).
The test plan covers its use in PXC; however I would propose an extended bake period in -proposed with a call for testing on the ubuntu-server list prior to release to -updates.
[Original Bug Report]
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.
https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes/release-notes_index.html |
|
2017-03-03 09:28:42 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu Yakkety): importance |
Undecided |
High |
|
2017-03-03 09:28:42 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu Yakkety): status |
New |
Triaged |
|
2017-03-03 09:28:50 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu Xenial): importance |
Undecided |
High |
|
2017-03-03 09:28:50 |
James Page |
percona-xtradb-cluster-5.6 (Ubuntu Xenial): status |
New |
Triaged |
|
2017-03-03 09:29:00 |
James Page |
percona-xtrabackup (Ubuntu Xenial): importance |
Undecided |
High |
|
2017-03-03 09:29:00 |
James Page |
percona-xtrabackup (Ubuntu Xenial): status |
New |
Triaged |
|
2017-03-03 09:29:10 |
James Page |
percona-xtrabackup (Ubuntu Yakkety): importance |
Undecided |
High |
|
2017-03-03 09:29:10 |
James Page |
percona-xtrabackup (Ubuntu Yakkety): status |
New |
Triaged |
|
2017-03-03 09:29:20 |
James Page |
percona-galera-3 (Ubuntu Xenial): importance |
Undecided |
High |
|
2017-03-03 09:29:20 |
James Page |
percona-galera-3 (Ubuntu Xenial): status |
New |
Triaged |
|
2017-03-03 09:29:30 |
James Page |
percona-galera-3 (Ubuntu Yakkety): importance |
Undecided |
High |
|
2017-03-03 09:29:30 |
James Page |
percona-galera-3 (Ubuntu Yakkety): status |
New |
Triaged |
|
2017-03-03 10:37:18 |
James Page |
bug |
|
|
added subscriber George Ormond Lorch III |
2017-03-03 15:46:51 |
James Page |
bug |
|
|
added subscriber Ubuntu Security Team |
2017-03-06 10:33:34 |
Launchpad Janitor |
percona-galera-3 (Ubuntu Zesty): status |
Triaged |
Fix Released |
|
2017-03-06 10:52:37 |
Launchpad Janitor |
percona-xtrabackup (Ubuntu Zesty): status |
Triaged |
Fix Released |
|
2017-03-06 10:52:37 |
Launchpad Janitor |
cve linked |
|
2016-6225 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
percona-xtradb-cluster-5.6 (Ubuntu Zesty): status |
Triaged |
Fix Released |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4766 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4792 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4800 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4802 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4815 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4819 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4826 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4830 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4833 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4836 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4858 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4861 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4862 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4864 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4866 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4870 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4879 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4890 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4895 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4904 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4905 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4910 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-4913 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2015-7744 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0503 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0504 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0505 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0546 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0594 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0595 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0596 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0597 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0598 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0600 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0605 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0606 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0607 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0608 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0609 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0610 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0611 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0616 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0640 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0641 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0642 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0643 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0644 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0646 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0647 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0648 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0649 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0650 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0655 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0661 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0665 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0666 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-0668 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-2047 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3452 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3459 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3471 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3477 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3486 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3492 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3501 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3521 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3614 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-3615 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5439 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5440 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5444 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5507 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5584 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5609 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5612 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5626 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5627 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5629 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-5630 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-6662 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-6663 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-8283 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-8284 |
|
2017-03-06 11:20:42 |
Launchpad Janitor |
cve linked |
|
2016-8288 |
|
2017-03-06 12:48:49 |
James Page |
bug |
|
|
added subscriber Ubuntu Security Sponsors Team |
2017-03-13 10:03:48 |
Iain Lane |
removed subscriber Ubuntu Release Team |
|
|
|
2017-03-16 09:14:22 |
James Page |
tags |
|
verification-done |
|
2017-03-22 12:33:59 |
Launchpad Janitor |
percona-xtradb-cluster-5.6 (Ubuntu Yakkety): status |
Triaged |
Fix Released |
|
2017-03-22 12:34:06 |
Chris J Arges |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2017-03-22 12:34:13 |
Launchpad Janitor |
percona-galera-3 (Ubuntu Yakkety): status |
Triaged |
Fix Released |
|
2017-03-22 12:34:20 |
Launchpad Janitor |
percona-xtrabackup (Ubuntu Yakkety): status |
Triaged |
Fix Released |
|
2017-03-22 12:34:27 |
Launchpad Janitor |
percona-xtradb-cluster-5.6 (Ubuntu Xenial): status |
Triaged |
Fix Released |
|
2017-03-22 12:34:33 |
Launchpad Janitor |
percona-galera-3 (Ubuntu Xenial): status |
Triaged |
Fix Released |
|
2017-03-22 12:34:39 |
Launchpad Janitor |
percona-xtrabackup (Ubuntu Xenial): status |
Triaged |
Fix Released |
|