[ubuntu/bionic-proposed] mysql-5.7 5.7.20-1ubuntu1 (Accepted)
Robie Basak
robie.basak at ubuntu.com
Thu Dec 14 14:33:17 UTC 2017
mysql-5.7 (5.7.20-1ubuntu1) bionic; urgency=medium
* Merge from Debian.
- Previous merge was 5.7.17-0ubuntu1.
- Most changes in Ubuntu since were simply new bringing in new
upstream versions. Since we're merging in from the same upstream
version in Debian that Ubuntu is currently on, these are no-ops in
this merge.
* Remaining changes:
- Revert "Build with libmecab-dev" since libmecab-dev is in
universe.
* Drop changes (all adopted in Debian or originally cherry-picked from
Debian):
- Dropping of patches included upstream also dropped in Debian VCS
commit dd7b6e7:
+ debian/patches/fix_mysql_config_flags.patch
+ debian/patches/fix_test_events_2.patch
- debian/mysql-server-5.7.install: added connection_control.so, also
added in Debian VCS commit c77f03f.
- debian/server-core.install: removed my-default.cnf, also dropped
in Debian VCS commit 1363efd.
- Drop debian/patches/removedojo.patch, also dropped in Debian VCS
commit 1324dae.
mysql-5.7 (5.7.20-1) unstable; urgency=high (security fixes)
[ Lars Tangvald ]
* Imported upstream version 5.7.20 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- CVE-2017-3731 CVE-2017-10155 CVE-2017-10165 CVE-2017-10167
- CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279
- CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294
- CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314
- CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384
(Closes: ##878398)
* d/patches: Removed patch for failing test
(Fixed upstream: https://bugs.mysql.com/bug.php?id=83321)
[ Robie Basak ]
* Update translations (Closes: #856791, #863940, #871560, #845692)
mysql-5.7 (5.7.20-0ubuntu0.17.10.1) artful-security; urgency=medium
* SECURITY UPDATE: Update to 5.7.20 to fix security issues
- CVE-2017-10155, CVE-2017-10165, CVE-2017-10167, CVE-2017-10227,
CVE-2017-10268, CVE-2017-10276, CVE-2017-10283, CVE-2017-10286,
CVE-2017-10294, CVE-2017-10311, CVE-2017-10313, CVE-2017-10314,
CVE-2017-10320, CVE-2017-10379, CVE-2017-10384
* Removed patches included in new version:
- debian/patches/fix_failing_test.patch
mysql-5.7 (5.7.19-1) unstable; urgency=high (security fixes)
* Imported upstream version 5.7.19 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- CVE-2017-3529 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635
- CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640
- CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644
- CVE-2017-3645 CVE-2017-3646 CVE-2017-3647 CVE-2017-3648
- CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652
- CVE-2017-3653 CVE-2017-3732
(Closes: #868798)
* d/patches: Drop removedojo patch
The files deleted by the patch are removed from upstream's
source tarball
* d/tests: Add --report-unstable-tests to mtr run
The test suite will no longer fail if all failed tests
pass on retry
mysql-5.7 (5.7.19-0ubuntu1) artful; urgency=medium
* SECURITY UPDATE: Update to 5.7.19 to fix security issues
- CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3635,
CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640,
CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644,
CVE-2017-3645, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649,
CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
* Removed patches included in new version:
- debian/patches/removedojo.patch
- fix_test_mysql_not_windows.patch
mysql-5.7 (5.7.18-1) unstable; urgency=high (security fixes)
[ Lars Tangvald ]
* Imported upstream version 5.7.18 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
- CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3331
- CVE-2017-3450 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455
- CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459
- CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463
- CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468
- CVE-2017-3599 CVE-2017-3600
(Closes: #860547)
* d/patches: Dropped fixes that are applied upstream
- fix_test_events_2
- fix_mysql_config_flags
(Closes: #844275)
* Add connection_control plugin (LP: #1633485)
This is a security-enhancing plugin (disabled by default)
that enables rate limiting of connection attempts
https://dev.mysql.com/doc/refman/5.7/en/connection-control-plugin.html
* d/server-core.install: Remove my-default.cnf
The config file has not been maintained in a long time, and would
cause errors if used with a 5.7 server. Removed from build by upstream
[ Robie Basak ]
* Drop innotop
The bundled innotop util was not maintained. For details, see:
http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/2017-January/010180.html
mysql-5.7 (5.7.18-0ubuntu2) artful; urgency=medium
* No-change rebuild against libevent-core-2.1-6
mysql-5.7 (5.7.18-0ubuntu1) artful; urgency=medium
* Fixed failing test main.mysql_not_windows
The test was failing because it expected the os limit on open
files to be less than 1M, but on Artful it's 1048576.
Patch ups the value to 10M.
mysql-5.7 (5.7.18-0ubuntu0.17.04.1) zesty-security; urgency=medium
* SECURITY UPDATE: Update to 5.7.18 to fix security issues
- CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331,
CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455,
CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459,
CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463,
CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468,
CVE-2017-3599, CVE-2017-3600
* Removed patches included in new version:
- debian/patches/fix_mysql_config_flags.patch
- debian/patches/fix_test_events_2.patch
* debian/mysql-server-5.7.install: added connection_control.so
* debian/server-core.install: removed my-default.cnf
mysql-5.7 (5.7.17-1) unstable; urgency=high (security fixes)
[ Bjoern Boschman ]
* Imported Upstream version 5.7.17
[ Lars Tangvald ]
* Updated mysql_config flag patch for 5.7.17
* Upstream version 5.7.17 fixes security issues:
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
- CVE-2016-8318 CVE-2016-8327 CVE-2017-3238 CVE-2017-3244
- CVE-2017-3251 CVE-2017-3256 CVE-2017-3257 CVE-2017-3258
- CVE-2017-3265 CVE-2017-3273 CVE-2017-3291 CVE-2017-3312
- CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2017-3319
- CVE-2017-3320 (Closes: #851235)
* d/copyright: Add files for connection_control plugin
* d/*.README.Debian: Fix spelling errors
* d/libmysqld-dev.lintian-overrides: Override "depends-on-obsolete-package
depends: libmysqlclient-dev => default-libmysqlclient-dev" which is a
false positive for src:mysql-5.7
* d/control: Add myself to Uploaders
[ Andreas Beckmann ]
* d/copyright: Fix more issues noticed by lintian: drop copyright info for
files that were removed upstream, reorder shadowed sections
Date: Mon, 04 Dec 2017 15:35:52 +0000
Changed-By: Robie Basak <robie.basak at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.20-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 04 Dec 2017 15:35:52 +0000
Source: mysql-5.7
Binary: libmysqlclient20 libmysqld-dev libmysqlclient-dev mysql-client-core-5.7 mysql-client-5.7 mysql-server-core-5.7 mysql-server-5.7 mysql-server mysql-client mysql-testsuite mysql-testsuite-5.7 mysql-source-5.7
Architecture: source
Version: 5.7.20-1ubuntu1
Distribution: bionic
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Robie Basak <robie.basak at ubuntu.com>
Description:
libmysqlclient-dev - MySQL database development files
libmysqlclient20 - MySQL database client library
libmysqld-dev - MySQL embedded database development files
mysql-client - MySQL database client (metapackage depending on the latest versio
mysql-client-5.7 - MySQL database client binaries
mysql-client-core-5.7 - MySQL database core client binaries
mysql-server - MySQL database server (metapackage depending on the latest versio
mysql-server-5.7 - MySQL database server binaries and system database setup
mysql-server-core-5.7 - MySQL database server binaries
mysql-source-5.7 - MySQL source
mysql-testsuite - MySQL regression tests
mysql-testsuite-5.7 - MySQL 5.7 testsuite
Closes: 844275 845692 851235 856791 860547 863940 868798 871560
Launchpad-Bugs-Fixed: 1633485
Changes:
mysql-5.7 (5.7.20-1ubuntu1) bionic; urgency=medium
.
* Merge from Debian.
- Previous merge was 5.7.17-0ubuntu1.
- Most changes in Ubuntu since were simply new bringing in new
upstream versions. Since we're merging in from the same upstream
version in Debian that Ubuntu is currently on, these are no-ops in
this merge.
* Remaining changes:
- Revert "Build with libmecab-dev" since libmecab-dev is in
universe.
* Drop changes (all adopted in Debian or originally cherry-picked from
Debian):
- Dropping of patches included upstream also dropped in Debian VCS
commit dd7b6e7:
+ debian/patches/fix_mysql_config_flags.patch
+ debian/patches/fix_test_events_2.patch
- debian/mysql-server-5.7.install: added connection_control.so, also
added in Debian VCS commit c77f03f.
- debian/server-core.install: removed my-default.cnf, also dropped
in Debian VCS commit 1363efd.
- Drop debian/patches/removedojo.patch, also dropped in Debian VCS
commit 1324dae.
.
mysql-5.7 (5.7.20-1) unstable; urgency=high (security fixes)
.
[ Lars Tangvald ]
* Imported upstream version 5.7.20 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- CVE-2017-3731 CVE-2017-10155 CVE-2017-10165 CVE-2017-10167
- CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279
- CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294
- CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314
- CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384
(Closes: ##878398)
* d/patches: Removed patch for failing test
(Fixed upstream: https://bugs.mysql.com/bug.php?id=83321)
.
[ Robie Basak ]
* Update translations (Closes: #856791, #863940, #871560, #845692)
.
mysql-5.7 (5.7.20-0ubuntu0.17.10.1) artful-security; urgency=medium
.
* SECURITY UPDATE: Update to 5.7.20 to fix security issues
- CVE-2017-10155, CVE-2017-10165, CVE-2017-10167, CVE-2017-10227,
CVE-2017-10268, CVE-2017-10276, CVE-2017-10283, CVE-2017-10286,
CVE-2017-10294, CVE-2017-10311, CVE-2017-10313, CVE-2017-10314,
CVE-2017-10320, CVE-2017-10379, CVE-2017-10384
* Removed patches included in new version:
- debian/patches/fix_failing_test.patch
.
mysql-5.7 (5.7.19-1) unstable; urgency=high (security fixes)
.
* Imported upstream version 5.7.19 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- CVE-2017-3529 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635
- CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640
- CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644
- CVE-2017-3645 CVE-2017-3646 CVE-2017-3647 CVE-2017-3648
- CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652
- CVE-2017-3653 CVE-2017-3732
(Closes: #868798)
* d/patches: Drop removedojo patch
The files deleted by the patch are removed from upstream's
source tarball
* d/tests: Add --report-unstable-tests to mtr run
The test suite will no longer fail if all failed tests
pass on retry
.
mysql-5.7 (5.7.19-0ubuntu1) artful; urgency=medium
.
* SECURITY UPDATE: Update to 5.7.19 to fix security issues
- CVE-2017-3529, CVE-2017-3633, CVE-2017-3634, CVE-2017-3635,
CVE-2017-3637, CVE-2017-3638, CVE-2017-3639, CVE-2017-3640,
CVE-2017-3641, CVE-2017-3642, CVE-2017-3643, CVE-2017-3644,
CVE-2017-3645, CVE-2017-3647, CVE-2017-3648, CVE-2017-3649,
CVE-2017-3650, CVE-2017-3651, CVE-2017-3652, CVE-2017-3653
* Removed patches included in new version:
- debian/patches/removedojo.patch
- fix_test_mysql_not_windows.patch
.
mysql-5.7 (5.7.18-1) unstable; urgency=high (security fixes)
.
[ Lars Tangvald ]
* Imported upstream version 5.7.18 to fix security issues:
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
- CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3331
- CVE-2017-3450 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455
- CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459
- CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463
- CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468
- CVE-2017-3599 CVE-2017-3600
(Closes: #860547)
* d/patches: Dropped fixes that are applied upstream
- fix_test_events_2
- fix_mysql_config_flags
(Closes: #844275)
* Add connection_control plugin (LP: #1633485)
This is a security-enhancing plugin (disabled by default)
that enables rate limiting of connection attempts
https://dev.mysql.com/doc/refman/5.7/en/connection-control-plugin.html
* d/server-core.install: Remove my-default.cnf
The config file has not been maintained in a long time, and would
cause errors if used with a 5.7 server. Removed from build by upstream
.
[ Robie Basak ]
* Drop innotop
The bundled innotop util was not maintained. For details, see:
http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/2017-January/010180.html
.
mysql-5.7 (5.7.18-0ubuntu2) artful; urgency=medium
.
* No-change rebuild against libevent-core-2.1-6
.
mysql-5.7 (5.7.18-0ubuntu1) artful; urgency=medium
.
* Fixed failing test main.mysql_not_windows
The test was failing because it expected the os limit on open
files to be less than 1M, but on Artful it's 1048576.
Patch ups the value to 10M.
.
mysql-5.7 (5.7.18-0ubuntu0.17.04.1) zesty-security; urgency=medium
.
* SECURITY UPDATE: Update to 5.7.18 to fix security issues
- CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331,
CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455,
CVE-2017-3456, CVE-2017-3457, CVE-2017-3458, CVE-2017-3459,
CVE-2017-3460, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463,
CVE-2017-3464, CVE-2017-3465, CVE-2017-3467, CVE-2017-3468,
CVE-2017-3599, CVE-2017-3600
* Removed patches included in new version:
- debian/patches/fix_mysql_config_flags.patch
- debian/patches/fix_test_events_2.patch
* debian/mysql-server-5.7.install: added connection_control.so
* debian/server-core.install: removed my-default.cnf
.
mysql-5.7 (5.7.17-1) unstable; urgency=high (security fixes)
.
[ Bjoern Boschman ]
* Imported Upstream version 5.7.17
.
[ Lars Tangvald ]
* Updated mysql_config flag patch for 5.7.17
* Upstream version 5.7.17 fixes security issues:
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
- CVE-2016-8318 CVE-2016-8327 CVE-2017-3238 CVE-2017-3244
- CVE-2017-3251 CVE-2017-3256 CVE-2017-3257 CVE-2017-3258
- CVE-2017-3265 CVE-2017-3273 CVE-2017-3291 CVE-2017-3312
- CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2017-3319
- CVE-2017-3320 (Closes: #851235)
* d/copyright: Add files for connection_control plugin
* d/*.README.Debian: Fix spelling errors
* d/libmysqld-dev.lintian-overrides: Override "depends-on-obsolete-package
depends: libmysqlclient-dev => default-libmysqlclient-dev" which is a
false positive for src:mysql-5.7
* d/control: Add myself to Uploaders
.
[ Andreas Beckmann ]
* d/copyright: Fix more issues noticed by lintian: drop copyright info for
files that were removed upstream, reorder shadowed sections
Checksums-Sha1:
008c7ff16b3cbbcd961a54777bdeb8a9dd195c03 3345 mysql-5.7_5.7.20-1ubuntu1.dsc
1fcbaea0d75d71a8a868f518b5b0afaaa18c5cda 48833145 mysql-5.7_5.7.20.orig.tar.gz
7929bd1c9c55d2ff8716e64b9d7467a98312ace2 154588 mysql-5.7_5.7.20-1ubuntu1.debian.tar.xz
Checksums-Sha256:
1aa6a38da762e1c333f2d88b06016b415c1a6f3357835742bb7ccd0c8066ff38 3345 mysql-5.7_5.7.20-1ubuntu1.dsc
260582844ac18222ce2826f48b6c7ca387990b19ddb88331af26738b394e42a4 48833145 mysql-5.7_5.7.20.orig.tar.gz
1cb805345cd071cf0d6f69764a8d24b6a5f7e3e760acce888af94f3106b17b64 154588 mysql-5.7_5.7.20-1ubuntu1.debian.tar.xz
Files:
cd204649262f395d460c0e4e9153a840 3345 database optional mysql-5.7_5.7.20-1ubuntu1.dsc
9536c324a7dc7ea5f41e351c30a86c4f 48833145 database optional mysql-5.7_5.7.20.orig.tar.gz
8613c7bcdeb6f72cf7c728798179ddf4 154588 database optional mysql-5.7_5.7.20-1ubuntu1.debian.tar.xz
Original-Maintainer: Debian MySQL Maintainers <pkg-mysql-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJaMotZAAoJEOVkucJ1vdUulPgQAJ8B2WIXrm5mQPefKaowvdfv
7shv2ukAPNeXbd6IKU56LaVu89CCVm0H8O8J8dNtA1h8IBjN3zvtRvtdGNimrt6o
knx44AxKy0gV/lQne5MLQP94jX4Qhmd37nF91gJkIudqs4JJRmpCsBfeAj/f7GNT
FYlaULjq5uku8HW3b1djG+mlVamqpcRaKECJbj5gKK2mHNwOwd1IKvD6p+q8WGo0
YVB2oaTrTAJMAKsFjkfh0tZreiHA9VKnxsRnBxY0nKWbb7xKv0ldPvOSMc75dVbO
cjsTblf2is6MzgDos35TmjJZO57TdXSuqw8C3ypNUo/JzkFLNsAX7TMJHMtw3ArY
NbAkT8Ow4hzci0kpsd8dfV11mOK7kbGJ+nCM3q9ijQbbE+6mij0ucNCM/M/rozr9
e0Ci1iQmwYPvpTpQq0e/qKBicBsnm+egg9oEkZ0lmPxen/5WBzawCxX2ra287+Mj
yK0j0ifMsGo7qa0/k8Bb30p4GWppJtabsQhx1OBLExwDF1gq16awOJyxIwybqfo1
1L0+qoW/QcceP9sQhfdcTRef4BvWFvakMRetq9WtLjaTWNv8TiUhQHRnb0qoDfou
bwri+rWH/Fd8CoNeGD9v2dh2s3aNKDAvGtTDIXRmFQP72vdGDZhEhpa3aT6XqKls
63Chmji4pGtGJ0whPcvI
=6EQ9
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list