Accepted mysql-dfsg 4.0.24-5 (source)

Fri Apr 15 06:20:10 CDT 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Fri,  15 Apr 2005 12:16:53 +0100
Source: mysql-dfsg
Binary: mysql-client, libmysqlclient12-dev, mysql-common, libmysqlclient12, mysql-server
Architecture: source
Version: 4.0.24-5
Distribution: breezy
Urgency: high
Maintainer: Christian Hammers <ch at debian.org>
Changed-By: Adam Conrad <adconrad at 0c3.net>
Closes: 208364 274264 285044 285044 288310 291634 294347 295170 295247 295311 295507 296403 297198 297404 297772 298875 299029 299031 299065 299382 299844 301413 301808 301976
Changes: 
 mysql-dfsg (4.0.24-5) unstable; urgency=high
 .
   * Sean Finney:
     - the following security issue is addressed in this upload:
       CAN-2004-0957 (grant privilege escalation on tables with underscores)
       thanks to sergei at mysql for all his help with this.
 .
 mysql-dfsg (4.0.24-4) unstable; urgency=low
 .
   * Sean Finney:
     - FTBFS fix for amd64/gcc-4.0.  Thanks to Andreas Jochens <aj at andaco.de>
       for reporting this (closes: #301808).
     - ANSI-compatible quoting fix.  Thanks to Karl Hammar <karl at aspodata.se>
       (closes: #301976).
     - Added myself as a co-maintainer (closes: #295311).
 .
 mysql-dfsg (4.0.24-3) unstable; urgency=low
 .
   * BerkeleyDB is now disabled by default as its use is discouraged by MySQL.
   * Fixed obsolete "tail" syntax (thanks to Sven Mueller). Closes: #301413
   * Added CAN numbers for the latest security bugfix upload.
   * Updated manpage of mysqlmanager (thanks to Justin Pryzby). Closes: #299844
   * Added comments to default configuration.
   * Added upstream patch to fix the per hour connection limit
     (thanks to Rene Konasz). Closes: #285044 
 .
 mysql-dfsg (4.0.24-2) unstable; urgency=low
 .
   * Disabled "--with-mysqld-ldflags=-all-static" as it causes sig11 crashes
     if LDAP is used for groups in /etc/nsswitch.conf. Confirmed by Sean Finney
     and Daniel Dehennin. Closes: #299382
 .
 mysql-dfsg (4.0.24-1) unstable; urgency=high
 .
   * SECURITY:
     - The following security related updates are addressed: 
       CAN-2005-0711 (temporary file creation with "CREATE TEMPORARY TABLE")
       CAN-2005-0709 (arbitrary library injection in udf_init())
       CAN-2005-0710 (arbitrary code execution via "CREATE FUNCTION")
       Closes: #299029, #299031, #299065
   * New Upstream Release.
     - Fixes some server crash conditions.
     - Upstream includes fix for TMPDIR overriding my.cnf tmpdir setting
       Closes: #294347
     - Fixes InnoDB error message. Closes: #298875
     - Fixes resouce limiting. Closes: #285044
   * Improved checking whether or not the server is alive in the init script
     which should make it possible to run several mysqld instances in
     different chroot environments. Closes: #297772
   * Added -O3 and --with-mysqld-ldflags=-all-static as MySQL recommends to
     build the server binary statically in order to gain about 13% more
     performance (thanks to Marcin Kowalski).
   * Added patch to let mysqld_safe react to signals (thanks to Erich 
     Schubert). Closes: #208364
   * (Thanks to Sean Finney for doing a great share of work for this release!)
 .
 mysql-dfsg (4.0.23-10) unstable; urgency=medium
 .
   * Fixed bug that prevented MySQL from starting after upgrades.
     Closes: #297198, #296403
   * Added comment about logging to syslog to the default my.cnf
     and the logrotate script (thanks to Ryszard Lach). Closes: #295507
 .
 mysql-dfsg (4.0.23-9) unstable; urgency=low
 .
   * Sean Finney: Cronjobs now exit silently when the server package
     has been removed but not purged (thanks to Vineet Kumar). 
     Closes: #297404
 .
 mysql-dfsg (4.0.23-8) unstable; urgency=low
 .
   * Converted to dpatch.
   * debian/ is now maintained via Subversion on svn.debian.org.
 .
 mysql-dfsg (4.0.23-7) unstable; urgency=low
 .
   * Added debian/copyright.more for personal reference. 
   * Lowered default query cache size as suggested by Arjen from MySQL.
   * Switched from log to log-bin as suggested by Arjen from MySQL.
   * Fixed typo in my.cnf (thanks to Sebastian Feltel). Closes: #295247
   * Replaced --defaults-extra-file by --defaults-file in Debian scripts
     as former lets password/host etc be overwriteable by /root/.my.cnf.
     Added socket to /etc/mysql/debian.cnf to let it work. (thanks to
     SATOH Fumiyasu). Closes: #295170
   * Still disabled SSL support in the server although MySQL granted 
     permissions to it as libmysqlclient also would have depended on
     OpenSSL and withit every 3rd party software that links against
     MySQL (thanks to Steve Langasek and Arjen from MySQL). See: #291945
 .
 mysql-dfsg (4.0.23-6) unstable; urgency=low
 .
   * Improved the way mysqld is started and registered with update-rc.d
     in cases where the admin modifies the runlevel configuration.
     Most notably removed the debconf question whether or not mysql should
     start on when booting. Closes: #274264
 .
 mysql-dfsg (4.0.23-5) unstable; urgency=low
 .
   * Added dependencies to gawk as one script does not work with original-awk
     (thanks to Petr Ferschmann). Closes: #291634
 .
 mysql-dfsg (4.0.23-4) unstable; urgency=high
 .
   * SECURITY:
     For historical reasons /usr/share/mysql/ was owned and writable by
     the user "mysql". This is a security problem as some scripts that
     are run by root are in this directory and could be modified and used
     by a malicious user who already has mysql privileges to gain full root
     rights (thanks to Matt Brubeck).
   * Changed "skip-networking" to "bind-address 127.0.0.1" which is more
     compatible and not less secure but maybe even more, as less people enable
     networking for all interfaces (thanks to Arjen Lentz).
   * Enabled InnoDB by default as recommended by Arjen Lentz from MySQL.
   * Added remarks about hosts.allow to README.Debian (thanks to David 
     Chappell).
   * Downgraded the priority of libmysqlclient12-dev from optional to extra
     as libmysqlclient14-dev is the one to be used in future and two optional
     packages may not conflict to each other by policy (thanks to Santiago
     Vila). Closes: #288310
Files: 
 6545d33931ab723288d2a64ea410cd77 93510 misc optional mysql-dfsg_4.0.24-5.diff.gz
 aed8f335795a359f32492159e3edfaa3 9923794 misc optional mysql-dfsg_4.0.24.orig.tar.gz
 320e2e173e266bc45685c459f1c3b1cf 959 misc optional mysql-dfsg_4.0.24-5.dsc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQEVAwUBQl+ipQF4adwMEr3XAQLI0wf+NFpH2kmJu3DcbSFpQVwXJNsiQJPxpWK+
O/RXLHsO3SKHOAGe46qKvYZlIn5stLKszSsF68jn0s1Xt0CGrZWJgW9P9WRPM/03
Acy81RHGrvGR0gLO5tRkQyA4Byv6eoq0mHJLmjNy5gulBui3JeKFr2CtarUcqrBt
997n6Ju5aKKvKRLRGH47QZn21wRdwg1Y8SM2y8GhPKzbUsR8zVkjCiKWzKerDu/G
wrOkBrlrbDfpf0yVFDwCl7Mxpssy8jwKhvcKSxo/d9KBRwrfqxEar6IczEGOWEai
DXl2uq3OYsP/ctI+3JU8I7IRpe/KasMxS51ipkBcvuFJibXmv8NtGw==
=t1Sq
-----END PGP SIGNATURE-----


Accepted:
mysql-dfsg_4.0.24-5.diff.gz
  to pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-5.diff.gz
mysql-dfsg_4.0.24-5.dsc
  to pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-5.dsc
mysql-dfsg_4.0.24.orig.tar.gz
  to pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz