Your message dated Fri, 19 Jan 2024 17:17:45 +0000 with message-id <e1rqsuz-009alt...@fasolo.debian.org> and subject line Bug#1061126: fixed in mysql-8.0 8.0.36-1 has caused the Debian Bug report #1061126, regarding mysql-8.0: Security fixes from January 2024 CPU to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1061126: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061126 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: mysql-8.0 Version: 8.0.35-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, See https://www.oracle.com/security-alerts/cpujan2024.html#AppendixMSQL for a list of CVEs affecting src:mysql-8.0. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: mysql-8.0 Source-Version: 8.0.36-1 Done: Lena Voytek <lena.voy...@canonical.com> We believe that the bug you reported is fixed in the latest version of mysql-8.0, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1061...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Lena Voytek <lena.voy...@canonical.com> (supplier of updated mysql-8.0 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 17 Jan 2024 09:23:59 -0700 Source: mysql-8.0 Built-For-Profiles: noudeb Architecture: source Version: 8.0.36-1 Distribution: unstable Urgency: medium Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org> Changed-By: Lena Voytek <lena.voy...@canonical.com> Closes: 1061126 Launchpad-Bugs-Fixed: 1999075 2024276 Changes: mysql-8.0 (8.0.36-1) unstable; urgency=medium . [ Lena Voytek ] * Imported upstream version 8.0.36 to fix security issues - https://www.oracle.com/security-alerts/cpujan2024.html#AppendixMSQL - CVE-2023-5363 CVE-2023-39975 CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20968 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20975 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 Upstream release notes: - https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-36.html (Closes: #1061126) * d/p/revert_faster_tls_model.patch: Refresh . [ Marc Deslauriers ] * Removed patch no longer needed with 8.0.35 - debian/patches/revert-be8348a7.patch: fix crash on startup on armhf * Enable test suite on armhf (LP: #2024276) - debian/rules: check for failures in armhf tests - debian/patches/suppress_armhf_test_warning.patch: suppress warning about the CYCLE timer not being available on armhf. (LP: #1999075) - debian/patches/disable_64bits_time_armhf.patch: specify armhf doesn't have a 64bit timer in mysql-test/include/have_64bits_time.inc. Checksums-Sha1: 6d64eeab77cf5e2157085a5a362bef9ff611b9ee 3750 mysql-8.0_8.0.36-1.dsc fdbf5b1b37a5d882643695593ca25d0a75eb69ed 438154682 mysql-8.0_8.0.36.orig.tar.gz 63697ffd9d95840508e0575471d52f6ed04fd7ab 833 mysql-8.0_8.0.36.orig.tar.gz.asc d41437b654e883e911a172e6139af7cf004f5353 145388 mysql-8.0_8.0.36-1.debian.tar.xz 019fa1a38008684aec69d2028657c1a130029206 10299 mysql-8.0_8.0.36-1_source.buildinfo Checksums-Sha256: 7b8fc4d8c4bf9b3e0a5a4c8e4f9afcc0e179be9b0c77fdb7a3e66eab4c591f76 3750 mysql-8.0_8.0.36-1.dsc 429c5f69f3722e31807e74119d157a023277af210bfee513443cae60ebd2a86d 438154682 mysql-8.0_8.0.36.orig.tar.gz edce2ab3083d35693206c1d4065f9946919c05be6493e946029ef69791078f49 833 mysql-8.0_8.0.36.orig.tar.gz.asc c6a721db60e9f8c45a5b23d683dd42a4d9bb7043b6262ed6ec4c59a37775238a 145388 mysql-8.0_8.0.36-1.debian.tar.xz da3527359a066c47d3fa68851a25cdf0945fd99407b5f7b8ed1b294fc25f069e 10299 mysql-8.0_8.0.36-1_source.buildinfo Files: bbd33d89f690d8b1b7a5836499f523ee 3750 database optional mysql-8.0_8.0.36-1.dsc 6708e66d69bafc0dd7b481468e192203 438154682 database optional mysql-8.0_8.0.36.orig.tar.gz afc548c1cc9999d65441d08a81b22293 833 database optional mysql-8.0_8.0.36.orig.tar.gz.asc 234ec00cde3b548d4373042aca6a561a 145388 database optional mysql-8.0_8.0.36-1.debian.tar.xz 22a84e4c2ca992d56e820b7b8e1c7ec0 10299 database optional mysql-8.0_8.0.36-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJOBAEBCgA4FiEEY+78PeFNUUbOfyS/NLitfZUp55MFAmWqqMIaHGxlbmEudm95 dGVrQGNhbm9uaWNhbC5jb20ACgkQNLitfZUp55NKQxAAnuG9uM8ER7RozIGo7Awo T+tokIJKQlKN6F2PEZTsPS73mlM9A4eog3uSAI6lhCzRhNjcBKMw+Xj3ygGKWv7M QmPavdITmCrY6/lbqCv2hcT94xfPvDHfXxN/ZvMsaqflUub/VNhD8cqKIIctwDHr kPb5v3B6wWQECv4QzVoylqILfFIn7tQtl3K7w3Fryfc6y75IDWafMewrTDEVdOka qaDHcHDIl1lmG3d67ud9iIkhqzi7e1Kd/MAeJnN64OKJT5krTCi5rAG8GYTzjUq+ p9/5AYsqCPtfYMVRRvNzZv1D0Bl1lOaAEM4YVyUr2Ueu3A3wjn8bmhJO35eFH0Mz aQrjjXVzQb7oNlSYum5fpF/1HqpicW0ZOq1cjcMSVPjlfAOe2xF3xQ615j2tyeYl 610hMKljfrSkgmo9wEpn/31R32V71ItUdGW0R5R6Pqc9w4ogd0VQxil28XxlVWsg rXg4BqA5x4635hmCP/cRBfVyWrgMkoROSIaXqhyI+eedB5qHdDNPkomtR/oiW0eH vkQ7JWFsaUhZou0TqnmBZNze2Wmq5J8zCjoRx61EVsu7yR9AtpVvMhHCPPoysMti s+SgeOg1sDOTDTa4BaAtiRbi7S8pTB8AEBk7yPcplL6QT8TeU41vvPjMMmKohhgN Ic3MEEif3R/DSZ+1Xx8Zmn8= =vUo5 -----END PGP SIGNATURE-----
--- End Message ---
