Bug#868788: marked as done (Security fixes from the July 2017 CPU)

[Debian Bug Tracking System]

Your message dated Sat, 05 Aug 2017 19:50:03 +0000
with message-id <e1de55h-00061y...@fasolo.debian.org>
and subject line Bug#868788: fixed in mysql-5.5 5.5.57-0+deb8u1
has caused the Debian Bug report #868788,
regarding Security fixes from the July 2017 CPU
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868788
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: mysql-5.5
Version: 5.5.55-0+deb8u1
Severity: grave
Tags: security upstream fixed-upstream

The Oracle Critical Patch Update for July 2017 will be released on
Tuesday, July 18. According to the pre-release announcement [1], it
will contain information about CVEs fixed in MySQL 5.5.57.

We will update the bug with CVE numbers when they become available, and test the update to ensure there are no packaging issues that need addressing.

Regards,

Lars Tangvald

[1] http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
--- End Message ---

--- Begin Message ---

Source: mysql-5.5
Source-Version: 5.5.57-0+deb8u1

We believe that the bug you reported is fixed in the latest version of
mysql-5.5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated mysql-5.5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 20 Jul 2017 07:03:49 +0200
Source: mysql-5.5
Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev 
mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5 
mysql-server mysql-client mysql-testsuite mysql-testsuite-5.5 mysql-source-5.5
Architecture: all source
Version: 5.5.57-0+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 868788
Description: 
 libmysqlclient-dev - MySQL database development files
 libmysqlclient18 - MySQL database client library
 libmysqld-dev - MySQL embedded database development files
 libmysqld-pic - PIC version of MySQL embedded server development files
 mysql-client - MySQL database client (metapackage depending on the latest 
versio
 mysql-client-5.5 - MySQL database client binaries
 mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf
 mysql-server - MySQL database server (metapackage depending on the latest 
versio
 mysql-server-5.5 - MySQL database server binaries and system database setup
 mysql-server-core-5.5 - MySQL database server binaries
 mysql-source-5.5 - MySQL source
 mysql-testsuite - MySQL testsuite
 mysql-testsuite-5.5 - MySQL testsuite
Changes:
 mysql-5.5 (5.5.57-0+deb8u1) jessie-security; urgency=high
 .
   * Imported upstream version 5.5.57 to fix security issues:
     - 
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
     - CVE-2017-3635 CVE-2017-3636 CVE-2017-3641 CVE-2017-3648
     - CVE-2017-3651 CVE-2017-3652 CVE-2017-3653
     (Closes: #868788)
Checksums-Sha1: 
 3ddca18597306e8b9161a2159b55f685223da8db 3262 mysql-5.5_5.5.57-0+deb8u1.dsc
 4652b6bbc6b0dbb763ffa778c29e8cb4ea6a9f7f 21044615 mysql-5.5_5.5.57.orig.tar.gz
 14bc13cdebda591e99d5d1810b61906843f19bf5 232520 
mysql-5.5_5.5.57-0+deb8u1.debian.tar.xz
 8f91515ae83079689436b4b968e1b4dfca7c3ad1 84234 
mysql-common_5.5.57-0+deb8u1_all.deb
 e61afe57cba22a3ec2aae4464eee5af8b3f63231 82470 
mysql-server_5.5.57-0+deb8u1_all.deb
 09b92efa14be559a4b8e6c0a17337038952258be 82338 
mysql-client_5.5.57-0+deb8u1_all.deb
 b1ddfb25eacc1360c0a74ac892f52abaa4703e10 82314 
mysql-testsuite_5.5.57-0+deb8u1_all.deb
Checksums-Sha256: 
 a0a622fb7e7f91e87bbee01510d193034121d645628ba5dc8fe3e8b5977959ef 3262 
mysql-5.5_5.5.57-0+deb8u1.dsc
 c1c2bd321e524f92e43fe73d0d6745badd538c984c7561b273ae10e9aef57384 21044615 
mysql-5.5_5.5.57.orig.tar.gz
 b11423f6e61e804c768b677f68e286f97bce008769f9735d7e593ab8e4ed8889 232520 
mysql-5.5_5.5.57-0+deb8u1.debian.tar.xz
 8e88095a88261a4984fe66ed7489cbed5af2bd82aaa67d41f6ccfbfd5765193c 84234 
mysql-common_5.5.57-0+deb8u1_all.deb
 11e30857c6c7905185c163c1d9ef4d8bfac0e6656baea019cdaa1a43d956d2f5 82470 
mysql-server_5.5.57-0+deb8u1_all.deb
 22e6ec5e94a7b3b73f5c792649bc7e1f88a8c391e96ae3254ecb729b5645a808 82338 
mysql-client_5.5.57-0+deb8u1_all.deb
 5970cb8cd5c0dbaca5a1c51350dd0215d3346862b7b56bb2667119a67b61be45 82314 
mysql-testsuite_5.5.57-0+deb8u1_all.deb
Files: 
 76a78d50c1cd996c1f158a0042d2d49e 3262 database optional 
mysql-5.5_5.5.57-0+deb8u1.dsc
 98103cc90cf483eb1bd4032baa34a315 21044615 database optional 
mysql-5.5_5.5.57.orig.tar.gz
 f0c3316ead0e31627b694284c861ef96 232520 database optional 
mysql-5.5_5.5.57-0+deb8u1.debian.tar.xz
 5702d30bba5319ef92b2cf1b192ed980 84234 database optional 
mysql-common_5.5.57-0+deb8u1_all.deb
 a7565c16ad843800710cd72a5d19bd17 82470 database optional 
mysql-server_5.5.57-0+deb8u1_all.deb
 db02fa8a4b628c67b4c877e3733556bf 82338 database optional 
mysql-client_5.5.57-0+deb8u1_all.deb
 1106954a2c732de78b6c00f83f406960 82314 database optional 
mysql-testsuite_5.5.57-0+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAll7Ek1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89En9AP/AwHkhUBqRKmPRr7Cvn3p5iXPsJzkirS
H5ATJFgaPXGtOfjv/2BC91P6HbxIeQYKDk4C0x/BjyQduJ8yxG/T5oxko3l6P5Ch
/QchYU4WLZyoylPrwfL8Rr4HQLXnhYJEvdZWkGuyJkZO42XtyWT7dPiGx/iVYwMF
THazQvliFZNmdvr396FkjSwob+/gNSa/e+kNXKoaG1RcCNMlCXNmFcLwcSlE1SOE
//p+KisVEPBGuB12JJk2J5tNcuaZW36TTYhwSRN2J02NocMXBPM7gK6EbMKD1Yfn
h1UwQrmzMWszwrV5gZxQJo0MW2A+1dkY2Bru5zfEDHK/mtuAb8l/uNUYqeBXAXEG
DoWKc3EBLB2Jb2z4l3VloXMthEy2/6Cwxt9xsGkRDQLLmLTBY+63zk7X1urPccv9
/jQA3msJmKA1v8fXFPKLjGDKUbEKEmzZOf/Qy+cMXRaJv+e8vmEC4FZV3ZiCrILn
AX0bh2XJNco9Kybj+l9+vljpfwPj2G2coKHMFHmh+CtrolVfU4dqMkdXAFK64OV7
9ZQUKdfq+SwvUKW+K8KH36u0d38E0p++M2qFEv89adJu9KcRzPY4wYBE4+jgy3OT
dXoEvcJmwhma+sAiX1s2JsSl+exxeHpwRk08tK70wsNKwXjDCXoILsRCfeAucLrT
GBuM2Njp9LIb
=LI0f
-----END PGP SIGNATURE-----

--- End Message ---