Accepted: mysql-dfsg-5.0 5.0.45-1ubuntu3.2 (source)
Jamie Strandboge
jamie at ubuntu.com
Wed Mar 12 08:08:56 GMT 2008
- Previous message: Accepted: lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd 1.4.18-1ubuntu1.3 (source, amd64, hppa, i386, ia64, lpia, powerpc, sparc)
- Next message: Accepted: tzdata 2008a-0ubuntu0.7.10 (source)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Accepted:
OK: mysql-dfsg-5.0_5.0.45.orig.tar.gz
OK: mysql-dfsg-5.0_5.0.45-1ubuntu3.2.diff.gz
OK: mysql-dfsg-5.0_5.0.45-1ubuntu3.2.dsc
-> Component: main Section: misc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 06 Mar 2008 09:26:24 -0500
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source
Version: 5.0.45-1ubuntu3.2
Distribution: gutsy-proposed
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libmysqlclient15-dev - MySQL database development files
libmysqlclient15off - MySQL database client library
mysql-client - MySQL database client (meta package depending on the latest versi
mysql-client-5.0 - MySQL database client binaries
mysql-common - MySQL database common files
mysql-server - MySQL database server (meta package depending on the latest versi
mysql-server-5.0 - MySQL database server binaries
Launchpad-Bugs-Fixed: 185039 186978
Changes:
mysql-dfsg-5.0 (5.0.45-1ubuntu3.2) gutsy-proposed; urgency=low
.
* SECURITY UPDATE: buffer overflow via ProcessOldClientHello() in
handshake.cpp and input_buffer& operator>> in yassl_imp.cpp
* SECURITY UPDATE: buffer overread in HASHwithTransform::Update in hash.cpp
* debian/patches/95_SECURITY_CVE-2008-0226_0227.dpatch: properly verify
length of input (LP: #186978)
* SECURITY UPDATE: privilege escalation via crafted CREATE SQL SECURITY
DEFINER VIEW and ALTER VIEW statements
* debian/patches/96_SECURITY_CVE-2007-6303.dpatch: make sure lex->definer
is non-NULL in sql_view.cc (LP: #185039)
* debian/patches/97_view_fix-now.dpatch: update view.test and view.result to
use a static year instead of now(). These tests are not part of the build
but helps with qa-regression-testing
* References
CVE-2008-0226
CVE-2008-0227
CVE-2007-6303
Files:
f560c72da85b3f2e1f1209b98915e2ef 1294 misc optional mysql-dfsg-5.0_5.0.45-1ubuntu3.2.dsc
7021ca679f19263f6f9ec8ee5ccb8cab 235379 misc optional mysql-dfsg-5.0_5.0.45-1ubuntu3.2.diff.gz
Original-Maintainer: Debian MySQL Maintainers <pkg-mysql-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH14ulDecnbV4Fd/IRAqVNAKCBY6QDXsUGDZdAOLZyawwM1uqbPQCeISCC
BaOtFME8+5SSSpk1lM+yMb4=
=NO04
-----END PGP SIGNATURE-----
- Previous message: Accepted: lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd, lighttpd 1.4.18-1ubuntu1.3 (source, amd64, hppa, i386, ia64, lpia, powerpc, sparc)
- Next message: Accepted: tzdata 2008a-0ubuntu0.7.10 (source)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the gutsy-changes
mailing list