[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Marc Deslauriers]

** Changed in: mariadb-10.0 (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Robie Basak]

ironstorm or RJ Ryan:

Thank you for the note. Please could you file a separate bug with exact
steps to reproduce your situation please? Feel free to subscribe me to
that bug, and please link that bug from here.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[ironstorm]

i.e. If the server had been configured with Unattended-Upgrade
::Automatic-Reboot "true" and a kernel update came down at the same
time, the DB moved to /tmp would have been wiped as part of the reboot
process.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[RJ Ryan]

Regarding ironstorm's note in #21, we didn't realize our /var/lib/mysql
folder was moved to /tmp/mysql-symlink-restore-forbvv/.

Apparently a previous upgrade of mysql-5.7 left /var/lib/mysql-upgrade/
in place with a DATADIR symlink to 'mysql-5.7'. This confused mariadb-
server-10.0.postinst [1] and triggered the "# this should never even
happen, but just in case..." block. Neither ironstorm or I noticed that
our /var/lib/mysql folder had been moved into /tmp, so we thought it had
been lost.

Glad to not have data loss, but pretty spooked. /tmp does not seem like
a very good place for this since it could be automatically wiped.

[1] https://fossies.org/linux/mariadb/debian/dist/Debian/mariadb-
server-10.0.postinst

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[ironstorm]

10.0.28-0ubuntu0.16.10.1 was applied last night as an unattended update
to my server and wiped out /var/lib/mysql...

Log started: 2016-12-08  03:37:45
Preconfiguring packages ...
(Reading database ... ^M(Reading database ... 5%^M(Reading database ... 
10%^M(Reading database ... 15%^M(Reading database ... 20%^M(Reading database 
... 25%^M(Reading database ... 30%^M(Reading database ... 35%^M(Reading 
database ... 40%^M(Reading database ... 45%^M(Reading database ... 
50%^M(Reading database ... 55%^M(Reading database ... 60%^M(Reading database 
... 65%^M(Reading database ... 70%^M(Reading database ... 75%^M(Reading 
database ... 80%^M(Reading database ... 85%^M(Reading database ... 
90%^M(Reading database ... 95%^M(Reading database ... 100%^M(Reading database 
... 172311 files and directories currently installed.)
Preparing to unpack .../mariadb-common_10.0.28-0ubuntu0.16.04.1_all.deb ...
Unpacking mariadb-common (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Preparing to unpack 
.../mariadb-client-core-10.0_10.0.28-0ubuntu0.16.04.1_amd64.deb ...
Unpacking mariadb-client-core-10.0 (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up mariadb-common (10.0.28-0ubuntu0.16.04.1) ...
(Reading database ... ^M(Reading database ... 5%^M(Reading database ... 
10%^M(Reading database ... 15%^M(Reading database ... 20%^M(Reading database 
... 25%^M(Reading database ... 30%^M(Reading database ... 35%^M(Reading 
database ... 40%^M(Reading database ... 45%^M(Reading database ... 
50%^M(Reading database ... 55%^M(Reading database ... 60%^M(Reading database 
... 65%^M(Reading database ... 70%^M(Reading database ... 75%^M(Reading 
database ... 80%^M(Reading database ... 85%^M(Reading database ... 
90%^M(Reading database ... 95%^M(Reading database ... 100%^M(Reading database 
... 172311 files and directories currently installed.)
Preparing to unpack .../mariadb-server-10.0_10.0.28-0ubuntu0.16.04.1_amd64.deb 
...
/var/lib/mysql: found previous version 10.0
Unpacking mariadb-server-10.0 (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Preparing to unpack .../mariadb-client-10.0_10.0.28-0ubuntu0.16.04.1_amd64.deb 
...
Unpacking mariadb-client-10.0 (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Preparing to unpack 
.../mariadb-server-core-10.0_10.0.28-0ubuntu0.16.04.1_amd64.deb ...
Unpacking mariadb-server-core-10.0 (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Preparing to unpack .../mariadb-server_10.0.28-0ubuntu0.16.04.1_all.deb ...
Unpacking mariadb-server (10.0.28-0ubuntu0.16.04.1) over 
(10.0.27-0ubuntu0.16.04.1) ...
Processing triggers for systemd (229-4ubuntu12) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up mariadb-client-core-10.0 (10.0.28-0ubuntu0.16.04.1) ...
Setting up mariadb-client-10.0 (10.0.28-0ubuntu0.16.04.1) ...
Setting up mariadb-server-core-10.0 (10.0.28-0ubuntu0.16.04.1) ...
Setting up mariadb-server-10.0 (10.0.28-0ubuntu0.16.04.1) ...
this is very strange!  see /tmp/mysql-symlink-restore-forbvv/README...
Setting up mariadb-server (10.0.28-0ubuntu0.16.04.1) ...
Log ended: 2016-12-08  03:38:56

Left this lovely note:

/tmp/mysql-symlink-restore-forbvv/README:

If you're reading this, it's most likely because you had replaced /var/lib/mysql
with a symlink, then upgraded to a new version of mysql, and then dpkg
removed your symlink (see #182747 and others). The mysql packages noticed
that this happened, and as a workaround have restored it. However, because
/var/lib/mysql seems to have been re-created in the meantime, and because
e don't want to rm -rf something we don't know as much about, we are going
to leave this unexpected directory here. If your database looks normal,
and this is not a symlink to your database, you should be able to blow
this all away.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Launchpad Bug Tracker]

** Branch linked: lp:ubuntu/trusty-security/mariadb-5.5

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Launchpad Bug Tracker]

This bug was fixed in the package mariadb-10.0 -
10.0.28-0ubuntu0.16.10.1

---
mariadb-10.0 (10.0.28-0ubuntu0.16.10.1) yakkety-security; urgency=high

  [ Otto Kekäläinen ]
  * SECURITY UPDATE: New upstream release 10.0.28. Includes fixes for the
following security vulnerabilities (LP: #1638125):
- CVE-2016-8283
- CVE-2016-7440
- CVE-2016-6663
- CVE-2016-5629
- CVE-2016-5626
- CVE-2016-5624
- CVE-2016-5616
- CVE-2016-5584
- CVE-2016-3492
  * Previous release 10.0.27 included included fixes for
the following security vulnerabilities:
- CVE-2016-6662
- CVE-2016-5630
- CVE-2016-5612
  * Previous release 10.0.26 included included fixes for
the following security vulnerabilities:
- CVE-2016-3615
- CVE-2016-3521
- CVE-2016-3477
  * Add Ubuntu Developers as maintainer in d/control

  [ Vicențiu Ciorbaru ]
  * Fix connect.upd test in armhf
  * Fix mroonga/storage.index_read_multiple_double test in armhf

 -- Otto Kekäläinen   Thu, 01 Dec 2016 13:36:08 +0200

** Changed in: mariadb-10.0 (Ubuntu Yakkety)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3477

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3521

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3615

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5612

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5630

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6662

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Launchpad Bug Tracker]

This bug was fixed in the package mariadb-10.0 -
10.0.28-0ubuntu0.16.04.1

---
mariadb-10.0 (10.0.28-0ubuntu0.16.04.1) xenial-security; urgency=low

  * SECURITY UPDATE: New upstream release 10.0.28. Includes fixes for the
following security vulnerabilities (LP: #1638125):
- CVE-2016-8283
- CVE-2016-7440
- CVE-2016-6663
- CVE-2016-5629
- CVE-2016-5626
- CVE-2016-5624
- CVE-2016-5616
- CVE-2016-5584
- CVE-2016-3492
  * Update old changelog entries to include new CVE identifiers

 -- Otto Kekäläinen   Mon, 31 Oct 2016 22:34:22 +0200

** Changed in: mariadb-10.0 (Ubuntu Xenial)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3492

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5584

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5616

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5624

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5626

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5629

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6663

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-7440

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-8283

** Changed in: mariadb-5.5 (Ubuntu Trusty)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Launchpad Bug Tracker]

This bug was fixed in the package mariadb-5.5 - 5.5.53-1ubuntu0.14.04.1

---
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low

  * SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the
following security vulnerabilities (LP: #1638125):
- CVE-2016-7440
- CVE-2016-5584
  * Update previous changelog entries to contain new CVE identifiers

 -- Otto Kekäläinen   Mon, 31 Oct 2016 23:48:54 +0200

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Tyler Hicks]

The new Yakkety upload built successfully in the security ppa. I'll be
sponsoring all three uploads shortly. Big thanks, once again, Otto!

** Changed in: mariadb-10.0 (Ubuntu Yakkety)
   Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

The armhf build issue for Yakkety is now fixed and test builds at
https://launchpad.net/~mysql-
ubuntu/+archive/ubuntu/mariadb-10.0/+builds?build_text=_state=all
pass.

Please use git-buildpackage to fetch and build from the ubuntu-16.04 and
ubuntu-16.10 branches at http://anonscm.debian.org/cgit/pkg-
mysql/mariadb-10.0.git

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Mathew Hodson]

** No longer affects: mariadb-5.5 (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

Please go ahead and upload all the other versions apart from Yakkety.

It will take some time to fix the armhf build issue. I will notify when
done and then the Yakkety version can be uploaded.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Seth Arnold]

Thanks Otto

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

Yes, mdev-9479-oqgraph-boost.patch was applied upstream and thus dropped
in this release.

We are still working on the armhf build failure. It is repeatable at
https://launchpad.net/~mysql-
ubuntu/+archive/ubuntu/mariadb-10.0/+builds?build_text=_state=all

Please stay on hold with the upload for a few more days until I publish
an improved revision, thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Seth Arnold]

Otto, can you confirm that you intended to drop mdev-9479-oqgraph-
boost.patch in the Yakkety upload?

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Seth Arnold]

The retried build also failed:

https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+build/11139691/+files/buildlog_ubuntu-
yakkety-armhf.mariadb-10.0_10.0.28-0ubuntu0.16.10.1_BUILDING.txt.gz

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

The armhf failure did not surface during the Debian upload. Can you
trigger a rebuild?

I have enabled the armhf now for our test repo at https://launchpad.net
/~mysql-ubuntu/+archive/ubuntu/mariadb-10.0 and will try to reproduce
this issue now.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Tyler Hicks]

The yakkety armhf build failed due to failing tests:

  https://launchpadlibrarian.net/292078830/buildlog_ubuntu-yakkety-
armhf.mariadb-10.0_10.0.28-0ubuntu0.16.10.1_BUILDING.txt.gz

Is that something that you can look into so that we can have armhf
updates, Otto?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Tyler Hicks]

All three uploads are building in the ubuntu-security-proposed ppa:

  https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa

I won't publish them until I've heard back regarding the mdev-9479
-oqgraph-boost.patch patch that I asked about in comment #7.

** No longer affects: mariadb-5.5 (Ubuntu Xenial)

** Changed in: mariadb-5.5 (Ubuntu)
   Status: New => Invalid

** Changed in: mariadb-5.5 (Ubuntu Trusty)
   Status: New => Confirmed

** Changed in: mariadb-5.5 (Ubuntu Trusty)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Tyler Hicks]

Otto, can you confirm that you intended to drop mdev-9479-oqgraph-
boost.patch in the Yakkety upload? There's no mention in the changelog
so I'd like to be sure before I sponsor the upload.

** Also affects: mariadb-5.5 (Ubuntu Yakkety)
   Importance: Undecided
   Status: New

** Also affects: mariadb-10.0 (Ubuntu Yakkety)
   Importance: Undecided
   Status: New

** Also affects: mariadb-5.5 (Ubuntu Zesty)
   Importance: Medium
   Status: New

** Also affects: mariadb-10.0 (Ubuntu Zesty)
   Importance: Medium
   Status: New

** Also affects: mariadb-5.5 (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: mariadb-10.0 (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: mariadb-10.0 (Ubuntu Zesty)
   Importance: Medium => High

** Changed in: mariadb-10.0 (Ubuntu Zesty)
   Status: New => Fix Committed

** Changed in: mariadb-10.0 (Ubuntu Zesty)
 Assignee: (unassigned) => Otto Kekäläinen (otto)

** Changed in: mariadb-10.0 (Ubuntu Yakkety)
   Importance: Undecided => High

** Changed in: mariadb-10.0 (Ubuntu Yakkety)
   Status: New => Incomplete

** Changed in: mariadb-10.0 (Ubuntu Xenial)
   Status: New => Confirmed

** Changed in: mariadb-10.0 (Ubuntu Xenial)
   Importance: Undecided => High

** Also affects: mariadb-5.5 (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: mariadb-10.0 (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** No longer affects: mariadb-10.0 (Ubuntu Trusty)

** No longer affects: mariadb-5.5 (Ubuntu Zesty)

** No longer affects: mariadb-5.5 (Ubuntu Yakkety)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Robie Basak]

The syncpackage manpage.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

2016-11-02 0:02 GMT+02:00 Seth Arnold <1638...@bugs.launchpad.net>:
> Otto, now that you're a developer you should be able to upload mariadb
> packages to the current devel release all you want.

Can you please remind me where to find the documentation about how to
trigger or control the automatic Debian sid ->Ubuntu devel sync
process? At the moment there is no delta, so the sync should be
automatic, but for future use. Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Seth Arnold]

Otto, now that you're a developer you should be able to upload mariadb
packages to the current devel release all you want.

You're correct that updates for previous releases should go through the
security sponsoring process.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Mathew Hodson]

** Also affects: mariadb-5.5 (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: mariadb-10.0 (Ubuntu)
   Importance: Undecided => Medium

** Changed in: mariadb-5.5 (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

The 5.5 series update for 14.04 is now available.

Please use git-buildpackage to fetch and build from the ubuntu-14.04
branch at http://anonscm.debian.org/cgit/pkg-
mysql/mariadb-5.5.git/log/?h=ubuntu-14.04

The repository uses pristine-tar, so there is no need to separately
download the sources. You can just check the signature/SHA1SUM directly
from the git-buildpackage generated tarball.

Test build currently running at https://launchpad.net/~mysql-
ubuntu/+archive/ubuntu/mariadb/+builds?build_text=_state=all

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

10.0 series updates for 16.04 and 16.10 are now available.

Please use git-buildpackage to fetch and build from the ubuntu-16.04 and
ubuntu-16.10 branches at http://anonscm.debian.org/cgit/pkg-
mysql/mariadb-10.0.git

The repository uses pristine-tar, so there is no need to separately
download the sources. You can just check the signature/SHA1SUM directly
from the git-buildpackage generated tarball.

Test build are currently running at https://launchpad.net/~mysql-
ubuntu/+archive/ubuntu/mariadb-10.0/+builds?build_text=_state=all

MariaDB 10.0.28 has already been uploaded to Debian unstable for some
while. There was no regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1638125] Re: USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

[Otto Kekäläinen]

I am a member of the Ubuntu development team since August. I haven't
uploaded anything to Ubuntu yet and if I recall correctly I am not able
to upload security updates myself, but still need a sponsor for these.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1638125

Title:
  USN-3109-1: MySQL vulnerabilities partially applies to MariaDB too

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1638125/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs