[debian-mysql] Bug#837883: Bug#837883: mysql-server-5.7: Please upgrade to 5.7.15+ to fix recently discovered security issues

Bjoern Boschman bjoern at boschman.de
Sat Sep 17 11:42:33 UTC 2016 

sounds good - any news on uploading mysql-5.7 to unstable?

On Fri, Sep 16, 2016 at 5:13 PM Lars Tangvald <lars.tangvald at oracle.com>
wrote:

> I've fixed two issues with the dep8 testing; the test dependency noted
> below and a workaround for a change in perl behavior introduced for
> https://www.debian.org/security/2016/dsa-3628
>
> I think I have a decent recipe for setting up dep8 testing, and it's
> important to run it to uncover such issues before trying to do an upload,
> so I think I can add it to the README.Maintainer file we discussed.
> I use a virtualbox vm with Ubuntu 16.04 to run it, so I don't think you
> require anything special beyond reasonably up-to-date autopkgtest and
> related packages.
>
> --
> Lars
>
> ----- lars.tangvald at oracle.com wrote:
> >
>
> Yeah. We do have one for libmysqlclient-dev, but it's not been maintained.
>
> Also, there are test failures in 5.7.15, but it's due to a test dependency
> change:
>
> main.myisam_explain_json_non_select_all and
> main.myisam_explain_json_non_select_nonemysql-test-run fail if the package
> libjson-perl is not installed.
>
> They were the only two tests that were written in python, and for 5.7.15
> they were rewritten to perl, meaning the python dep in the testsuite
> package should no longer be needed, but needs to be replaced with
> libjson-perl.
> >
>
> --
>
> Lars
> >
>
> >
> > On 09/15/2016 02:29 PM, Bjoern Boschman wrote:
> >
>
> > maybe we should start some README.Maintaner like pkg-voip guys have?
> https://anonscm.debian.org/viewvc/pkg-voip/README?view=co
>
> >
> >
> >
> > On Thu, Sep 15, 2016 at 1:49 PM Lars Tangvald <lars.tangvald at oracle.com>
> wrote:
> >
>
>> I struggle to get it stable myself (the run I started failed to even
>> start the mtr suite...), and I pretty much have to start from scratch every
>> time.
>> > Robie helped me get it working a while back, so hopefully I just need
>> to recreate the testbeds :)
>> >
>> > --
>> > Lars
>>
>> >
>> On 09/15/2016 01:20 PM, Bjoern Boschman wrote:
>> >
>>
>> > No, I did not.
>> afaik I'd need KVM to run those tests?
>> > basically I'm not familiar with dep8 :/
>>
>> >
>> >
>> > On Thu, Sep 15, 2016 at 1:01 PM Lars Tangvald <lars.tangvald at oracle.com>
>> wrote:
>> >
>>
>>> Thanks, Bjoern. Did you run the dep8 test suite as well (I just started
>>> a full test run now, so no big deal either way)?
>>>
>>> --
>>>
>>> Lars
>>> >
>>>
>>> >
>>> On 09/15/2016 12:54 PM, Bjoern Boschman wrote:
>>> >
>>>
>>> > Hi,
>>>
>>> >
>>> I've updated the git repo after I did a successful build on jessie.
>>> Someone with upload rights just needs to create a ~experimental tag and
>>> upload it.
>>>
>>> >
>>> @pkg-mysql: what's the plan for uploading mysql-5.7 to unstable?
>>>
>>> >
>>> Cheers
>>> B
>>>
>>> >
>>> >
>>> > On Thu, Sep 15, 2016 at 9:54 AM Eric Valette <eric.valette at free.fr>
>>> wrote:
>>> >
>>>
>>>> Package: mysql-server-5.7
>>>> > Version: 5.7.13-1~exp1
>>>> > Severity: grave
>>>> > Tags: upstream security
>>>> > Justification: user security hole
>>>> >
>>>> > CVE-2016-6662
>>>> >
>>>> > -- System Information:
>>>> > Debian Release: stretch/sid
>>>> >   APT prefers unstable
>>>> >   APT policy: (500, 'unstable'), (1, 'experimental')
>>>> > Architecture: amd64 (x86_64)
>>>> >
>>>> > Kernel: Linux 4.4.20 (SMP w/8 CPU cores; PREEMPT)
>>>> > Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8)
>>>> > Shell: /bin/sh linked to /bin/dash
>>>> > Init: systemd (via /run/systemd/system)
>>>> >
>>>> > Versions of packages mysql-server-5.7 depends on:
>>>> > ii  adduser                3.115
>>>> > ii  bsdutils               1:2.28.2-1
>>>> > ii  debconf [debconf-2.0]  1.5.59
>>>> > ii  init-system-helpers    1.44
>>>> > ii  libc6                  2.24-2
>>>> > ii  libgcc1                1:6.2.0-3
>>>> > ii  libmecab2              0.996-2
>>>> > ii  libstdc++6             6.2.0-3
>>>> > ii  lsb-base               9.20160629
>>>> > ii  mysql-client-5.7       5.7.13-1~exp1
>>>> > ii  mysql-common           5.8+1.0.0
>>>> > ii  mysql-server-core-5.7  5.7.13-1~exp1
>>>> > ii  passwd                 1:4.2-3.1
>>>> > ii  perl                   5.22.2-5
>>>> > ii  psmisc                 22.21-2.1+b1
>>>> > ii  zlib1g                 1:1.2.8.dfsg-2+b1
>>>> >
>>>> > Versions of packages mysql-server-5.7 recommends:
>>>> > ii  libhtml-template-perl  2.95-2
>>>> >
>>>> > Versions of packages mysql-server-5.7 suggests:
>>>> > ii  bsd-mailx [mailx]  8.1.2-0.20160123cvs-3
>>>> > ii  s-nail [mailx]     14.8.10-1
>>>> > pn  tinyca             <none>
>>>> >
>>>> > -- debconf information:
>>>> >   mysql-server-5.7/postrm_remove_databases: false
>>>> >   mysql-server-5.7/start_on_boot: true
>>>> >   mysql-server/no_upgrade_when_using_ndb:
>>>> >   mysql-server-5.7/nis_warning:
>>>> >   mysql-server-5.7/really_downgrade: false
>>>> >   mysql-server/password_mismatch:
>>>> >
>>>> > _______________________________________________
>>>> > pkg-mysql-maint mailing list
>>>> > pkg-mysql-maint at lists.alioth.debian.org
>>>> >
>>>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
>>>> >
>>>
>>>
>>> >
>>> >
>>>
>>> _______________________________________________
>>> pkg-mysql-maint mailing listpkg-mysql-maint at lists.alioth.debian.orghttp://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
>>>
>>>
>>> >
>>>
>>
>> >
>>
>
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20160917/7c7898ee/attachment.html>

More information about the pkg-mysql-maint mailing list