[debian-mysql] Bug#837883: Bug#837883: mysql-server-5.7: Please upgrade to 5.7.15+ to fix recently discovered security issues
Lars Tangvald
lars.tangvald at oracle.com
Mon Sep 19 06:22:34 UTC 2016
I've pushed a change to README.Maintainer to debian/master, adding
instructions for sbuild and dep8. Could you please test it and see if it
works for you?
I think debian/master should be good to go for an upload to unstable.
Robie: Are we missing anything for this?
--
Lars
On 09/17/2016 01:42 PM, Bjoern Boschman wrote:
> sounds good - any news on uploading mysql-5.7 to unstable?
>
> On Fri, Sep 16, 2016 at 5:13 PM Lars Tangvald
> <lars.tangvald at oracle.com <mailto:lars.tangvald at oracle.com>> wrote:
>
> I've fixed two issues with the dep8 testing; the test dependency
> noted below and a workaround for a change in perl behavior
> introduced for https://www.debian.org/security/2016/dsa-3628
>
> I think I have a decent recipe for setting up dep8 testing, and
> it's important to run it to uncover such issues before trying to
> do an upload, so I think I can add it to the README.Maintainer
> file we discussed.
> I use a virtualbox vm with Ubuntu 16.04 to run it, so I don't
> think you require anything special beyond reasonably up-to-date
> autopkgtest and related packages.
>
> --
> Lars
>
> ----- lars.tangvald at oracle.com <mailto:lars.tangvald at oracle.com>
> wrote:
> >
>
> Yeah. We do have one for libmysqlclient-dev, but it's not been
> maintained.
>
> Also, there are test failures in 5.7.15, but it's due to a test
> dependency change:
>
> main.myisam_explain_json_non_select_all and
> main.myisam_explain_json_non_select_nonemysql-test-run fail if the
> package libjson-perl is not installed.
>
> They were the only two tests that were written in python, and for
> 5.7.15 they were rewritten to perl, meaning the python dep in the
> testsuite package should no longer be needed, but needs to be
> replaced with libjson-perl.
> >
>
> --
>
> Lars
> >
>
>
> >
> > On 09/15/2016 02:29 PM, Bjoern Boschman wrote:
> >
>
> > maybe we should start some README.Maintaner like pkg-voip
> guys have?
> https://anonscm.debian.org/viewvc/pkg-voip/README?view=co
>
> >
> >
> >
> > On Thu, Sep 15, 2016 at 1:49 PM Lars Tangvald
> <lars.tangvald at oracle.com <mailto:lars.tangvald at oracle.com>>
> wrote:
> >
>
> I struggle to get it stable myself (the run I started
> failed to even start the mtr suite...), and I pretty much
> have to start from scratch every time.
> > Robie helped me get it working a while back, so
> hopefully I just need to recreate the testbeds :)
> >
> > --
> > Lars
>
> >
> On 09/15/2016 01:20 PM, Bjoern Boschman wrote:
> >
>
> > No, I did not.
> afaik I'd need KVM to run those tests?
> > basically I'm not familiar with dep8 :/
>
> >
> >
> > On Thu, Sep 15, 2016 at 1:01 PM Lars Tangvald
> <lars.tangvald at oracle.com
> <mailto:lars.tangvald at oracle.com>> wrote:
> >
>
> Thanks, Bjoern. Did you run the dep8 test suite as
> well (I just started a full test run now, so no
> big deal either way)?
>
> --
>
> Lars
> >
>
>
> >
> On 09/15/2016 12:54 PM, Bjoern Boschman wrote:
> >
>
> > Hi,
>
> >
> I've updated the git repo after I did a
> successful build on jessie.
> Someone with upload rights just needs to
> create a ~experimental tag and upload it.
>
> >
> @pkg-mysql: what's the plan for uploading
> mysql-5.7 to unstable?
>
> >
> Cheers
> B
>
> >
> >
> > On Thu, Sep 15, 2016 at 9:54 AM Eric Valette
> <eric.valette at free.fr
> <mailto:eric.valette at free.fr>> wrote:
> >
>
> Package: mysql-server-5.7
> > Version: 5.7.13-1~exp1
> > Severity: grave
> > Tags: upstream security
> > Justification: user security hole
> >
> > CVE-2016-6662
> >
> > -- System Information:
> > Debian Release: stretch/sid
> > APT prefers unstable
> > APT policy: (500, 'unstable'), (1,
> 'experimental')
> > Architecture: amd64 (x86_64)
> >
> > Kernel: Linux 4.4.20 (SMP w/8 CPU cores;
> PREEMPT)
> > Locale: LANG=fr_FR.UTF8,
> LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8)
> > Shell: /bin/sh linked to /bin/dash
> > Init: systemd (via /run/systemd/system)
> >
> > Versions of packages mysql-server-5.7
> depends on:
> > ii adduser 3.115
> > ii bsdutils 1:2.28.2-1
> > ii debconf [debconf-2.0] 1.5.59
> > ii init-system-helpers 1.44
> > ii libc6 2.24-2
> > ii libgcc1 1:6.2.0-3
> > ii libmecab2 0.996-2
> > ii libstdc++6 6.2.0-3
> > ii lsb-base 9.20160629
> > ii mysql-client-5.7 5.7.13-1~exp1
> > ii mysql-common 5.8+1.0.0
> > ii mysql-server-core-5.7 5.7.13-1~exp1
> > ii passwd 1:4.2-3.1
> > ii perl 5.22.2-5
> > ii psmisc 22.21-2.1+b1
> > ii zlib1g 1:1.2.8.dfsg-2+b1
> >
> > Versions of packages mysql-server-5.7
> recommends:
> > ii libhtml-template-perl 2.95-2
> >
> > Versions of packages mysql-server-5.7
> suggests:
> > ii bsd-mailx [mailx] 8.1.2-0.20160123cvs-3
> > ii s-nail [mailx] 14.8.10-1
> > pn tinyca <none>
> >
> > -- debconf information:
> >
> mysql-server-5.7/postrm_remove_databases:
> false
> > mysql-server-5.7/start_on_boot: true
> > mysql-server/no_upgrade_when_using_ndb:
> > mysql-server-5.7/nis_warning:
> > mysql-server-5.7/really_downgrade: false
> > mysql-server/password_mismatch:
> >
> >
> _______________________________________________
> > pkg-mysql-maint mailing list
> > pkg-mysql-maint at lists.alioth.debian.org
> <mailto:pkg-mysql-maint at lists.alioth.debian.org>
> >
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
> >
>
>
> >
>
>
> >
>
> _______________________________________________
> pkg-mysql-maint mailing list
> pkg-mysql-maint at lists.alioth.debian.org
> <mailto:pkg-mysql-maint at lists.alioth.debian.org>
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint
>
>
> >
>
>
> >
>
>
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20160919/8d26213c/attachment-0001.html>
More information about the pkg-mysql-maint
mailing list