[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
This bug was fixed in the package mysql-dfsg-5.0 - 5.0.67-0ubuntu6.1 --- mysql-dfsg-5.0 (5.0.67-0ubuntu6.1) intrepid-security; urgency=low * SECURITY UPDATE: privilege circumvention via the creation of MyISAM tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the data directory. This fix alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. (LP: #254129) - debian/patches/92_CVE-2008-4098.dpatch: Disallow use of MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. - CVE-2008-4098 * SECURITY UPDATE: Cross-site scripting in the command-line client - debian/patches/92_CVE-2008-4456.dpatch: use xmlencode_print in client/mysql.cc, add test to mysql-test/*. - CVE-2008-4456 * SECURITY UPDATE: format string vulnerabilities in the dispatch_command function - debian/patches/92_CVE-2009-2446.dpatch: use correct format string in sql/sql_parse.cc, add test to tests/mysql_client_test.c. - CVE-2009-2446 * SECURITY UPDATE: denial of service via certain SELECT statements with subqueries and statements that use the GeomFromWKB function - debian/patches/92_CVE-2009-4019.dpatch: return proper errors in sql/sql_class.cc, handle errors in sql/sql_select.cc, set correct null_value in sql/item_geofunc.cc, add tests to mysql-test/*. - CVE-2009-4019 * SECURITY UPDATE: privilege restriction bypass via incorrect calculation of the mysql_unpacked_real_data_home value - debian/patches/92_CVE-2009-4030.dpatch: fix initialization order in sql/mysqld.cc. - CVE-2009-4030 * SECURITY UPDATE: arbitrary code execution via yassl stack overflow - debian/patches/93_CVE-2009-4484.dpatch: validate lengths in extra/yassl/taocrypt/src/asn.*. - CVE-2009-4484 * debian/patches/94_ssl_test_certs.dpatch: update certificates in the test suite as they are expired. The new certs expire 2015-01-28. (LP: #323755) -- Marc DeslauriersMon, 08 Feb 2010 09:00:54 -0500 ** Changed in: mysql-dfsg-5.0 (Ubuntu Intrepid) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4098 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4456 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-2446 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-4019 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-4030 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-4484 ** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy) Status: Confirmed => Fix Released -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
This bug was fixed in the package mysql-dfsg-5.0 - 5.0.51a-3ubuntu5.5 --- mysql-dfsg-5.0 (5.0.51a-3ubuntu5.5) hardy-security; urgency=low * SECURITY UPDATE: Cross-site scripting in the command-line client - debian/patches/97_CVE-2008-4456.dpatch: use xmlencode_print in client/mysql.cc, add test to mysql-test/*. - CVE-2008-4456 * SECURITY UPDATE: format string vulnerabilities in the dispatch_command function - debian/patches/97_CVE-2009-2446.dpatch: use correct format string in sql/sql_parse.cc, add test to tests/mysql_client_test.c. - CVE-2009-2446 * SECURITY UPDATE: denial of service via certain SELECT statements with subqueries and statements that use the GeomFromWKB function - debian/patches/97_CVE-2009-4019.dpatch: return proper errors in sql/sql_class.cc, handle errors in sql/sql_select.cc, set correct null_value in sql/item_geofunc.cc, add tests to mysql-test/*. - CVE-2009-4019 * SECURITY UPDATE: privilege restriction bypass via incorrect calculation of the mysql_unpacked_real_data_home value - debian/patches/97_CVE-2009-4030.dpatch: fix initialization order in sql/mysqld.cc. - CVE-2009-4030 * SECURITY UPDATE: arbitrary code execution via yassl stack overflow - debian/patches/98_CVE-2009-4484.dpatch: validate lengths in extra/yassl/taocrypt/src/asn.*. - CVE-2009-4484 * debian/patches/99_ssl_test_certs.dpatch: update certificates in the test suite as they are expired. The new certs expire 2015-01-28. (LP: #323755) -- Marc DeslauriersMon, 08 Feb 2010 09:01:56 -0500 -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
** Branch linked: lp:ubuntu/mysql-dfsg-5.1 -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
** Branch linked: lp:ubuntu/karmic/mysql-dfsg-5.0 -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
I would like to nominate this bug for a SRU in regards to Ubuntu 8.04, using the same patch which was applied to mysql-dfsg-5.0 in Ubuntu 9.04. This on the basis of FTBFS(Fails To Build From Source). Right now I'm working on a SRU proposal for bug #296952, and no matter what there will likely be other updates which has to be applied to MySQL during the Hardy lifespan. TEST CASE: Do a normal build of 5.0.51a-3ubuntu5.4 and it will fail, due to failed ssl tests. Applying this patch will make these tests pass fine. I have a hard time seeing any regression potential considering this only affects a test certificate used during build tests, which fails anyway. I'm attaching a debdiff addressed to hardy-proposed. ** Attachment added: "mysql-dfsg-5.0_5.0.51a-3ubuntu5.5.debdiff" http://launchpadlibrarian.net/26424795/mysql-dfsg-5.0_5.0.51a-3ubuntu5.5.debdiff -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
This bug was fixed in the package mysql-dfsg-5.1 - 5.1.31-1ubuntu1 --- mysql-dfsg-5.1 (5.1.31-1ubuntu1) jaunty; urgency=low * Merge from debian experimental, remaining changes: - debian/mysql-server-5.1.config: ask for MySQL root password at priority high instead of medium so that the password prompt is seen on a default install. (LP: #319843) - debian/control: + Don't build mysql-server, mysql-client, mysql-common and libmysqlclient15-dev binary packages since they're still provided by mysql-dfsg-5.0. + Rename libmysqlclient-dev package to libmysqlclient16-dev (LP: #316280). Make it conflict with libmysqlclient15-dev. + Make mysql-{client,server}-5.1 packages conflict and replace mysql-{client,server}-5.0, but not provide mysql-{client,server}. + Depend on a specific version of mysql-common rather than the src version of mysql-dfsg-5.1 since mysql-common is currently part of mysql-dfsg-5.0. - debian/rules: added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures. * debian/patches/92_ssl_test_cert.dpatch: certificate expiration in test suite (LP: #323755). * Dropped changes: - all of the changes made to support both 5.0 and 5.1 installed at the same time have been dropped now that amarok doesn't depend on mysql-server-5.1 anymore. mysql-dfsg-5.1 (5.1.31-1) experimental; urgency=low * New upstream release. -- Mathias GugTue, 10 Feb 2009 16:42:05 -0500 ** Changed in: mysql-dfsg-5.1 (Ubuntu) Status: In Progress => Fix Released -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
I can (not surprisingly) confirm this issue in Hardy as well as in Intrepid. Should be same patch be applied towards those packages? ** Changed in: mysql-dfsg-5.0 (Ubuntu Intrepid) Status: New => Confirmed ** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy) Status: New => Confirmed -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
** Changed in: mysql-dfsg-5.1 (Ubuntu) Assignee: (unassigned) => Mathias Gug (mathiaz) Status: New => In Progress -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
This bug was fixed in the package mysql-dfsg-5.0 - 5.1.30really5.0.75-0ubuntu5 --- mysql-dfsg-5.0 (5.1.30really5.0.75-0ubuntu5) jaunty; urgency=low [ Andreas Olsson ] * debian/patches/92_ssl_test_cert.dpatch: Re-generated the PKI files needed for the tests. (LP: #323755) -- Mathias GugTue, 03 Feb 2009 04:36:21 -0500 ** Changed in: mysql-dfsg-5.0 (Ubuntu) Status: In Progress => Fix Released -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
Upstream commit for 5.0: http://bazaar.launchpad.net/~mysql/mysql- server/mysql-5.0-bugteam/revision/2730 ** Changed in: mysql-dfsg-5.0 (Ubuntu) Assignee: (unassigned) => Mathias Gug (mathiaz) Status: Confirmed => In Progress -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 323755] Re: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates
** Summary changed: - non-trivial building mysql source package, build test keeps failing, (open)ssl related + server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates ** Also affects: mysql-dfsg-5.1 (Ubuntu) Importance: Undecided Status: New ** Changed in: mysql-dfsg-5.1 (Ubuntu Hardy) Status: New => Invalid ** Changed in: mysql-dfsg-5.1 (Ubuntu Intrepid) Status: New => Invalid -- server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates https://bugs.launchpad.net/bugs/323755 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs