[debian-mysql] Bug#878402: Bug#878402: Bug#878402: Security fixes from the October 2017 CPU

Lars Tangvald lars.tangvald at oracle.com
Wed Oct 18 13:51:26 UTC 2017 

Hi,

5.5.58 packages for Debian 7 and 8 are built, and pass the test suite.
Attached are debdiff files for Wheezy and Jessie (source is also pushed 
to https://anonscm.debian.org/cgit/pkg-mysql/mysql-5.5.git)
As before, we unfortunately don't have a DD in our team that can sponsor 
the upload, so we need assistance with that.

I'm not sure if the security team still handles Debian8, or if the lts 
team does now?

--
Lars

On 18. okt. 2017 07:07, Lars Tangvald wrote:
> CVE List for 5.5:
>
> CVE-2017-10268
> CVE-2017-10378
> CVE-2017-10379
> CVE-2017-10384
>
> -- 
> Lars
>
> On 13. okt. 2017 12:34, Norvald H. Ryeng wrote:
>> Source: mysql-5.5
>> Version: 5.5.57-0+deb8u1
>> Severity: grave
>> Tags: security upstream fixed-upstream
>>
>> The Oracle Critical Patch Update for October 2017 will be released on
>> Tuesday, October 17. According to the pre-release announcement [1], it
>> will contain information about CVEs fixed in MySQL 5.5.58.
>>
>> The CVE numbers will be available when the CPU is released.
>>
>> Regards,
>>
>> Norvald H. Ryeng
>>
>> [1] 
>> http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
>>
>> _______________________________________________
>> pkg-mysql-maint mailing list
>> pkg-mysql-maint at lists.alioth.debian.org
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.alioth.debian.org_cgi-2Dbin_mailman_listinfo_pkg-2Dmysql-2Dmaint&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=HPjEzLhETPj8fl9HCxxISaaV3f5tXDpGXDR3R2IELxg&m=dEyRpHvFwIr1RTEceqC6iy_yrzTaCF3pVSkZ3JFfOe4&s=0PVa9j2CKG1CAypoPA9B0-RLcMLbS5ifPg3jULC2EMw&e= 
>>
>
> _______________________________________________
> pkg-mysql-maint mailing list
> pkg-mysql-maint at lists.alioth.debian.org
> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.alioth.debian.org_cgi-2Dbin_mailman_listinfo_pkg-2Dmysql-2Dmaint&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=HPjEzLhETPj8fl9HCxxISaaV3f5tXDpGXDR3R2IELxg&m=c99-Bm5n-zu86r80igRj7TWXp-vXfUXofGXqkJ2SCeI&s=hgxadh4mK_3tB-NifSwdsO2DofQ_meWLdPG93b3UUJs&e= 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: jessiedebdiff.txt.gz
Type: application/gzip
Size: 276515 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20171018/a6e0b02e/attachment-0002.bin>
-------------- next part --------------
diff -r mysql-5.5-5.5.57/debian/changelog ../mysql-5.5/mysql-5.5/debian/changelog
0a1,9
> mysql-5.5 (5.5.58-0+deb8u1) jessie-security; urgency=high
> 
>   * Imported upstream version 5.5.58 to fix security issues:
>     - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
>     - CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384
>     (Closes: #878402)
> 
>  -- Lars Tangvald <lars.tangvald at oracle.com>  Tue, 17 Oct 2017 10:20:55 +0200
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wheezydebdiff.txt.gz
Type: application/gzip
Size: 276518 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20171018/a6e0b02e/attachment-0003.bin>
-------------- next part --------------
diff -r mysql-5.5-5.5.57/debian/changelog ../mysql-5.5/mysql-5.5/debian/changelog
0a1,9
> mysql-5.5 (5.5.58-0+deb7u1) wheezy-security; urgency=high
> 
>   * Imported upstream version 5.5.58 to fix security issues:
>     - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
>     - CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384
>     (Closes: #878402)
> 
>  -- Lars Tangvald <lars.tangvald at oracle.com>  Tue, 17 Oct 2017 10:24:21 +0200
>

More information about the pkg-mysql-maint mailing list