[debian-mysql] Bug#837883: Bug#837883: mysql-server-5.7: Please upgrade to 5.7.15+ to fix recently discovered security issues

Fri Sep 16 07:47:28 UTC 2016

There's also another fix needed for the dep 8 tests:

perl no longer includes . on the path by default in sid, and this causes 
import errors in mysql-test-run.pl

We can work around it by adding it to the path in d/tests/upstream, but 
a better solution is probably to patch the mtr script until upstream 
fixes it.

--

Lars

On 09/16/2016 09:02 AM, Lars Tangvald wrote:
>
> Yeah. We do have one for libmysqlclient-dev, but it's not been maintained.
>
> Also, there are test failures in 5.7.15, but it's due to a test 
> dependency change:
>
> main.myisam_explain_json_non_select_all and 
> main.myisam_explain_json_non_select_nonemysql-test-run fail if the 
> package libjson-perl is not installed.
>
> They were the only two tests that were written in python, and for 
> 5.7.15 they were rewritten to perl, meaning the python dep in the 
> testsuite package should no longer be needed, but needs to be replaced 
> with libjson-perl.
>
> --
>
> Lars
>
>
> On 09/15/2016 02:29 PM, Bjoern Boschman wrote:
>> maybe we should start some README.Maintaner like pkg-voip guys have?
>> https://anonscm.debian.org/viewvc/pkg-voip/README?view=co
>>
>>
>> On Thu, Sep 15, 2016 at 1:49 PM Lars Tangvald 
>> <lars.tangvald at oracle.com <mailto:lars.tangvald at oracle.com>> wrote:
>>
>>     I struggle to get it stable myself (the run I started failed to
>>     even start the mtr suite...), and I pretty much have to start
>>     from scratch every time.
>>     Robie helped me get it working a while back, so hopefully I just
>>     need to recreate the testbeds :)
>>
>>     --
>>     Lars
>>
>>     On 09/15/2016 01:20 PM, Bjoern Boschman wrote:
>>>     No, I did not.
>>>     afaik I'd need KVM to run those tests?
>>>     basically I'm not familiar with dep8 :/
>>>
>>>     On Thu, Sep 15, 2016 at 1:01 PM Lars Tangvald
>>>     <lars.tangvald at oracle.com <mailto:lars.tangvald at oracle.com>> wrote:
>>>
>>>         Thanks, Bjoern. Did you run the dep8 test suite as well (I
>>>         just started a full test run now, so no big deal either way)?
>>>
>>>         --
>>>
>>>         Lars
>>>
>>>
>>>         On 09/15/2016 12:54 PM, Bjoern Boschman wrote:
>>>>         Hi,
>>>>
>>>>         I've updated the git repo after I did a successful build on
>>>>         jessie.
>>>>         Someone with upload rights just needs to create a
>>>>         ~experimental tag and upload it.
>>>>
>>>>         @pkg-mysql: what's the plan for uploading mysql-5.7 to
>>>>         unstable?
>>>>
>>>>         Cheers
>>>>         B
>>>>
>>>>         On Thu, Sep 15, 2016 at 9:54 AM Eric Valette
>>>>         <eric.valette at free.fr <mailto:eric.valette at free.fr>> wrote:
>>>>
>>>>             Package: mysql-server-5.7
>>>>             Version: 5.7.13-1~exp1
>>>>             Severity: grave
>>>>             Tags: upstream security
>>>>             Justification: user security hole
>>>>
>>>>             CVE-2016-6662
>>>>
>>>>             -- System Information:
>>>>             Debian Release: stretch/sid
>>>>               APT prefers unstable
>>>>               APT policy: (500, 'unstable'), (1, 'experimental')
>>>>             Architecture: amd64 (x86_64)
>>>>
>>>>             Kernel: Linux 4.4.20 (SMP w/8 CPU cores; PREEMPT)
>>>>             Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8
>>>>             (charmap=UTF-8)
>>>>             Shell: /bin/sh linked to /bin/dash
>>>>             Init: systemd (via /run/systemd/system)
>>>>
>>>>             Versions of packages mysql-server-5.7 depends on:
>>>>             ii  adduser                3.115
>>>>             ii  bsdutils               1:2.28.2-1
>>>>             ii  debconf [debconf-2.0]  1.5.59
>>>>             ii  init-system-helpers    1.44
>>>>             ii  libc6                  2.24-2
>>>>             ii  libgcc1                1:6.2.0-3
>>>>             ii  libmecab2              0.996-2
>>>>             ii  libstdc++6             6.2.0-3
>>>>             ii  lsb-base               9.20160629
>>>>             ii  mysql-client-5.7       5.7.13-1~exp1
>>>>             ii  mysql-common           5.8+1.0.0
>>>>             ii  mysql-server-core-5.7  5.7.13-1~exp1
>>>>             ii  passwd                 1:4.2-3.1
>>>>             ii  perl                   5.22.2-5
>>>>             ii  psmisc                 22.21-2.1+b1
>>>>             ii  zlib1g  1:1.2.8.dfsg-2+b1
>>>>
>>>>             Versions of packages mysql-server-5.7 recommends:
>>>>             ii  libhtml-template-perl  2.95-2
>>>>
>>>>             Versions of packages mysql-server-5.7 suggests:
>>>>             ii  bsd-mailx [mailx] 8.1.2-0.20160123cvs-3
>>>>             ii  s-nail [mailx]     14.8.10-1
>>>>             pn  tinyca             <none>
>>>>
>>>>             -- debconf information:
>>>>             mysql-server-5.7/postrm_remove_databases: false
>>>>               mysql-server-5.7/start_on_boot: true
>>>>             mysql-server/no_upgrade_when_using_ndb:
>>>>               mysql-server-5.7/nis_warning:
>>>>               mysql-server-5.7/really_downgrade: false
>>>>               mysql-server/password_mismatch:
>>>>
>>>>             _______________________________________________
>>>>             pkg-mysql-maint mailing list
>>>>             pkg-mysql-maint at lists.alioth.debian.org
>>>>             <mailto:pkg-mysql-maint at lists.alioth.debian.org>
>>>>             http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
>>>>
>>>>
>>>>
>>>>         _______________________________________________
>>>>         pkg-mysql-maint mailing list
>>>>         pkg-mysql-maint at lists.alioth.debian.org
>>>>         <mailto:pkg-mysql-maint at lists.alioth.debian.org>
>>>>         http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
>>>
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20160916/897dd848/attachment.html>