[debian-mysql] MySQL security updates in stable-security
Steve Kemp
skx at debian.org
Thu Jul 12 19:33:09 UTC 2007
On Wed Jul 11, 2007 at 23:38:06 +0200, Christian Hammers wrote:
> > > mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high
> >
> > Do you have a prepared package for this anywhere?
>
> Attached you'll find the .dsc and .diff files for it.
Maybe I'm missing something, but the patch you've supplied appears
not to address any of the items in the changelog previously referenced.
Attached is the diff of *etch1 to the etch3 you've supplied, it
has a couple of changes which are mentioned in the changelog
but doesn't appear to address any of these:
* Fix for CVE-2007-2691: DROP/RENAME TABLE statements (ref: #424778).
* Fix for CVE-2007-2692: THD::db_access privileges (ref: #424830).
* Fix for CVE-2007-2583: null dereference in item_cmpfunc.cc
Unfortunately it also fails to build for me:
applying patch 29_scripts__mysqlbug.sh to ./ ... ok.
applying patch 33_scripts__mysql_create_system_tables__no_test to ./ ... ok.
applying patch 34_scripts__mysql_create_system_tables__no_root to ./ ... failed.
make: *** [patch-stamp] Error 1
debuild: fatal error at line 1228:
debian/rules build failed
Am I missing something obvious? Or is there a different patch we
should be looking at instead?
Steve
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mysql-etch1-etch3.diff
Type: text/x-diff
Size: 9904 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20070712/153f47a0/attachment.diff
More information about the pkg-mysql-maint
mailing list