[debian-mysql] MySQL security updates in stable-security

Steve Kemp skx at debian.org
Thu Jul 12 19:33:09 UTC 2007

On Wed Jul 11, 2007 at 23:38:06 +0200, Christian Hammers wrote:

> > >  mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high
> > 
> >   Do you have a prepared package for this anywhere?
> Attached you'll find the .dsc and .diff files for it.

  Maybe I'm missing something, but the patch you've supplied appears
 not to address any of the items in the changelog previously referenced.

  Attached is the diff of *etch1 to the etch3 you've supplied, it
 has a couple of changes which are mentioned in the changelog
 but doesn't appear to address any of these:

   * Fix for CVE-2007-2691: DROP/RENAME TABLE statements (ref: #424778).
   * Fix for CVE-2007-2692: THD::db_access privileges (ref: #424830).
   * Fix for CVE-2007-2583: null dereference in item_cmpfunc.cc

  Unfortunately it also fails to build for me:

  applying patch 29_scripts__mysqlbug.sh to ./ ... ok.
  applying patch 33_scripts__mysql_create_system_tables__no_test to ./ ... ok.
  applying patch 34_scripts__mysql_create_system_tables__no_root to ./ ... failed.
  make: *** [patch-stamp] Error 1
  debuild: fatal error at line 1228:
  debian/rules build failed

  Am I missing something obvious?  Or is there a different patch we
 should be looking at instead?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: mysql-etch1-etch3.diff
Type: text/x-diff
Size: 9904 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20070712/153f47a0/attachment.diff 

More information about the pkg-mysql-maint mailing list