Call for testing: MySQL security updates

Marc Deslauriers marc.deslauriers at
Thu Mar 1 20:24:34 UTC 2012


Since Oracle no longer publishes detailed information about security
vulnerabilities that are being fixed in MySQL, and their bug tracker is
no longer public, Ubuntu must now track upstream MySQL releases as
security updates.

MySQL 5.0.95 fixes the following CVEs:
CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102,
CVE-2012-0114, CVE-2012-0484, CVE-2012-0490.

MySQL 5.1.61 fixes the following CVEs:
CVE-2011-2262, CVE-2012-0075, CVE-2012-0112, CVE-2012-0113,
CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117,
CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484,
CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488,
CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492,
CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496.

For more information about the CVEs listed, please consult the January
2012 Oracle Critical Patch Update Advisory:

Today, I have pushed updated MySQL 5.0.95 packages for Ubuntu 8.04 LTS,
and updated MySQL 5.1.61 packages for Ubuntu 10.04 LTS, Ubuntu 10.10,
Ubuntu 11.04 and Ubuntu 11.10 into the -proposed pocket. See for documentation how to
enable and use -proposed.

Please report any issues in the tracking bug:

If no issues are reported, I plan on releasing the packages as security
updates in a couple of weeks.



Marc Deslauriers
Ubuntu Security Engineer     |
Canonical Ltd.               |

More information about the ubuntu-server mailing list