[debian-mysql] Bug#699886: Bug#699886: TLS timing attack in yaSSL (Lucky 13)
Clint Byrum
spamaps at debian.org
Sun Apr 14 15:28:57 UTC 2013
I will be at the openstack summit all this week, and thus pressed for time. An NMU for this bug would be most welcome, thanks!!
Sent from my iPhone
On Apr 14, 2013, at 6:25, Michael Stapelberg <stapelberg at debian.org> wrote:
> Hi Clint,
>
> Clint Byrum <spamaps at debian.org> writes:
>> Thanks Michael! I suspect that we will see 2.2.2d in one of the
>> upcoming releases from Oracle. While I would prefer to ship wheezy
>> with no known security bugs, I don't have much time to build and test
>> a new package. If someone else wants to do that I will gladly sponsor
>> it.
> I just built MySQL with (an updated version of) my patch and it passes
> all the build-time tests. Furthermore, I configured SSL and connected
> using mysql(1) — SSL still works :-).
>
> Should I NMU this package or do you want to upload it yourself? The
> debdiff and latest version of my patch is attached.
>
> --
> Best regards,
> Michael
> <yassl.patch>
> <mysql.debdiff>
More information about the pkg-mysql-maint
mailing list