Your message dated Tue, 08 Nov 2016 15:32:11 +0000
with message-id <[email protected]>
and subject line Bug#841049: fixed in mysql-5.6 5.6.34-1
has caused the Debian Bug report #841049,
regarding Security fixes from the October 2016 CPU
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
841049: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841049
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: mysql-5.6
Version: 5.6.30-1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for October 2016 will be released on
Tuesday, October 18. According to the pre-release announcement [1], it
will contain information about CVEs fixed in MySQL 5.6.34.
The CVE numbers will be available when the CPU is released.
Regards,
Norvald H. Ryeng
[1]
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
--- End Message ---
--- Begin Message ---
Source: mysql-5.6
Source-Version: 5.6.34-1
We believe that the bug you reported is fixed in the latest version of
mysql-5.6, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Lars Tangvald <[email protected]> (supplier of updated mysql-5.6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 18 Oct 2016 12:06:09 +0200
Source: mysql-5.6
Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev
mysql-client-core-5.6 mysql-client-5.6 mysql-server-core-5.6 mysql-server-5.6
mysql-server mysql-client mysql-testsuite mysql-testsuite-5.6 mysql-source-5.6
Architecture: source
Version: 5.6.34-1
Distribution: unstable
Urgency: high
Maintainer: Debian MySQL Maintainers <[email protected]>
Changed-By: Lars Tangvald <[email protected]>
Description:
libmysqlclient-dev - MySQL database development files
libmysqlclient18 - MySQL database client library
libmysqld-dev - MySQL embedded database development files
libmysqld-pic - PIC version of MySQL embedded server development files
mysql-client - MySQL database client (metapackage depending on the latest
versio
mysql-client-5.6 - MySQL database client binaries
mysql-client-core-5.6 - MySQL database core client binaries
mysql-server - MySQL database server (metapackage depending on the latest
versio
mysql-server-5.6 - MySQL database server binaries and system database setup
mysql-server-core-5.6 - MySQL database server binaries
mysql-source-5.6 - MySQL source
mysql-testsuite - MySQL regression tests
mysql-testsuite-5.6 - MySQL 5.6 testsuite
Closes: 841049
Changes:
mysql-5.6 (5.6.34-1) unstable; urgency=high (security fixes)
.
* Imported upstream version 5.6.34 to fix security issues:
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- CVE-2016-3492 CVE-2016-5507 CVE-2016-5584 CVE-2016-5609
- CVE-2016-5612 CVE-2016-5616 CVE-2016-5617 CVE-2016-5626
- CVE-2016-5627 CVE-2016-5629 CVE-2016-5630 CVE-2016-6304
- CVE-2016-6662 CVE-2016-7440 CVE-2016-8283 CVE-2016-8284
(Closes: #841049)
* Packaging will now create /var/lib/mysql-files, as server will now by
default restrict all import/export operations to this directory. This
can be changed using the secure-file-priv config option.
* Change mysql-testsuite dependency from python to libjson-perl.
Tests written in python were rewritten in perl, so testsuite no longer
depends on python, but tests fail if libjson-perl is missing. Also added
libjson-perl build-dep to fix build-time test failures (LP: #1631338)
* Add working dir to perl lib path for dep8 upstream.
New versions of perl will no longer automatically include working dir in
the path. This was causing the mtr suite to fail to start.
* mysql-common is no longer included in source package as it has been moved
to src:mysql-defaults
* Removed patch fix-man-page-links, as the issue is fixed upstream.
Checksums-Sha1:
5c822b5386c8aa5bd5ded5f8d1ca7b58f4cf7e70 3113 mysql-5.6_5.6.34-1.dsc
b352b44385668f0d327d3f275f33f660d85497b3 32094762 mysql-5.6_5.6.34.orig.tar.gz
f9978dac603a569d6766a510915b49b79e1c4cdb 248404
mysql-5.6_5.6.34-1.debian.tar.xz
Checksums-Sha256:
e1112fd6605346e3ed3c21cad7cef3b4c4afaa8b6a65688cc6b8dbb1e8b0359e 3113
mysql-5.6_5.6.34-1.dsc
ee90bafec6af3abe2715ccb0b3cc9345ed8d1cce025d41e6ec2b2b7a7d820823 32094762
mysql-5.6_5.6.34.orig.tar.gz
5408bf930b4aba855af820220faeb49a0ed8b90b32110bc4e5f2a13ac6188689 248404
mysql-5.6_5.6.34-1.debian.tar.xz
Files:
45496b261616ba1d9679a433b8af8a31 3113 database optional mysql-5.6_5.6.34-1.dsc
255c5781f0cbb13f0e745b21c0ae3c1c 32094762 database optional
mysql-5.6_5.6.34.orig.tar.gz
6bdc93dc74e5d69051bb01cf9f9d8561 248404 database optional
mysql-5.6_5.6.34-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJYIePcAAoJEMAFfnFNaU+yvlQQAKrMFgAf9RwAeefl8301GP6+
uyVWxUk+xDmhrxf0LnL6QIQQGufJWI5IA84xm7xf6aXr13h22Tm4w/OUhUXWr0h2
ZgzcBbvpUrCfXUuHWqlO+OzEk5mw3QLdcGFVhFIa43ZybcNOQlaV6N9jno1gOtty
YKyj8Rz0Ix19TT1OPpOpzViiapn2/YwD4HhhfKUbmFbMHSWdiwH+wEcW4qSXB/Zl
3A7Ok5xHBJhehDuhVou960+uE79n3ID4F3OtGceJV6SSSDpzeelWHZ5Gs12M0hNi
OX3iMpy0Okjks7ri9CHFC8s2sBQHHnt6WzZkBL8RHMJPdlAKEtQl0oG22ObYCiRg
dLDUQ05tcvXNWCcqSQndrlDzXVDdtxee8aR/Zdstzyvj1vkLN7jlLy8KglE4yqaP
+Vv7ZyY4cqOIUmK9btvmkETjP0mjajMvMffx9cxWxzY3gehzJ7a7RgFf88+I5gJp
K2ZzlZHOZna3oA2MyRf8cd8B7Z8W6+dPZDmzkh0xPL/GXDNHP6QWfXA/xiQ29iC6
aQ75+d47EevOaneJo+eskIhPl3ZRDVTwUHELvHTXGV8mxnjuS5cR9/1Qa9toqISD
CqCuq7iHU08qdr+CaUT3OIAgITA7F/TzpR52o0q7Dnl1YPRpUxf8UsEvz1OWoamn
Pty8YZrQLSogAsoW+bY2
=JCvB
-----END PGP SIGNATURE-----
--- End Message ---
