Hi Lars,
On Thu, Oct 27, 2016 at 10:36:59AM -0700, Lars Tangvald wrote:
> Hi Salvatore,
> - car...@debian.org wrote:
>
> > What is the status for src:mysql-5.5 for a possible jessie-security
> > upload? (Btw, if-and-only-if the package is still needed due to
> > rebuild, then let's please
Hi Lars,
On Wed, Oct 19, 2016 at 10:38:22AM +0200, Lars Tangvald wrote:
> Hi,
>
> On 10/19/2016 10:18 AM, Moritz Muehlenhoff wrote:
> > Hi,
> >
> > On Wed, Oct 19, 2016 at 09:10:59AM +0200, Lars Tangvald wrote:
> > > So for Linux we consider this fixed in 5.5.52, but the complete fix
> > > was
Hi,
On 10/19/2016 10:18 AM, Moritz Muehlenhoff wrote:
Hi,
On Wed, Oct 19, 2016 at 09:10:59AM +0200, Lars Tangvald wrote:
So for Linux we consider this fixed in 5.5.52, but the complete fix
was in 5.5.53.
Is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837984
addressed in 5.5.53?
No,
Hi,
On Wed, Oct 19, 2016 at 09:10:59AM +0200, Lars Tangvald wrote:
> So for Linux we consider this fixed in 5.5.52, but the complete fix
> was in 5.5.53.
Is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837984
addressed in 5.5.53?
> Should I remove the CVE from the Debian changelog entry?
On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
The following CVEs are fixed in 5.5.53:
CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
The listing of CVE-2016-6662 is confusing here. This should actually
Hi,
This might be an error in the CPU announcement (they sometimes get
corrections after the initial announcement). I'll try to track down
someone who's worked on this fix and ask.
--
Lars
On 10/19/2016 08:21 AM, Salvatore Bonaccorso wrote:
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at
Hi Lars, hi Norvald,
On Wed, Oct 19, 2016 at 08:03:00AM +0200, Lars Tangvald wrote:
> The following CVEs are fixed in 5.5.53:
> CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
The listing of CVE-2016-6662 is confusing here. This should actually
already be addressed in 5.5.52, cf.
The following CVEs are fixed in 5.5.53:
CVE-2016-6662 CVE-2016-7440 CVE-2016-5584
On 10/17/2016 10:05 AM, Norvald H. Ryeng wrote:
Source: mysql-5.5
Version: 5.5.52-0+deb8u1
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for October 2016 will be released
As noted in the changelog for 5.5.53 at
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html,
MySQL 5.5.53 contains a change that requires packaging changes and could
potentially impact users:
By default the server will restrict the server's access for SELECT INTO
OUTFILE and LOAD
9 matches
Mail list logo
