Re: MySQL 5.5 EOL before Debian 8 LTS ends
Hi, On 19.12.2018 17:01, Holger Levsen wrote: Hi Emilio, thanks for bringing up this issue on the LTS list. On Mon, Dec 17, 2018 at 10:49:57AM +0100, Emilio Pozuelo Monfort wrote: MySQL 5.5 should be EOL this month if nothing has changed, although I don't see an announcement on [1] yet. Maybe it will be published next month when the next CPU (critical patch update) is released. Norvald, do you know if 5.5 is effectively EOL already? Or will it receive another update next month? [Norvald replied, saying that 5.5.62 in October was the last 5.5 release.] Right. 5.5.62 was the final 5.5 release. Also note that mariadb 10.0 is EOL in three months[2]. I think this rules out mariadb 10.0 as a sensible upgrade path here. (Also, switching from mysql to mariadb in an LTS security upload???) I don't think it makes much sense to upload mysql-5.6, since stretch has no mysql at all. Since users will have to migrate to MariaDB anyway (or to externally provided MySQL packages if they so choose), they can do so now. following that logic they could also upgrade to Stretch now... :) For mariadb 10.0, we may be able to backport important security fixes, or we could backport 10.1 which will be supported upstream until October 2020. I would lean towards one of those last two options. I think I'm rather *leaning* towards mysql-5.6 or declaring mysql-5.5 unsupported/EOL in jessie, but that's really leaning, nothing more. (And then I believe mysql-5.6 in jessie isnt simple/feasable neither, so... :/ Other comments/suggestions? Upgrading to 5.6 would be less risky than MariaDB 10.1, but it's a similar sort of risk. Building: Since both 5.5 and 5.6 have libmysqlclient18 I don't expect many issues, but 5.6 and 5.5 "leaked" symbols, so even internal symbols were published. Third-party packages using internal symbols in 5.5 may fail to build with 5.6. User experience: 5.5 and 5.6 will be very similar for most users (particularly, init scripts in third-party packages shouldn't be impacted), but anyone still using jessie and 5.5 may have pretty strict stability requirements. There's a summary of changes here: https://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html -- Lars
Re: MySQL 5.5 EOL before Debian 8 LTS ends
On 05/21/2018 03:22 PM, Matus UHLAR - fantomas wrote: Am 22.01.2018 um 13:42 schrieb Lars Tangvald: First off, thanks for handling the 5.5.59 update for Wheezy. I had the security announcement date mixed up so picked it up too late, sorry. MySQL 5.5 is expected to be EOL in December (it was first released December 15, 2010, and we have 8 year security support), while Jessie LTS is until April 2020 How are such cases handled? Will the source package be removed, or is it possible to have it upgraded to a more recent version? On 22/01/18 16:35, Markus Koschany wrote: These are both possible options but given the significance of MySQL we would rather prefer to upgrade to a supported release provided this is viable for Jessie. If an upgrade is possible, while we did a successful transition in Ubuntu from 5.5 to 5.7, there were significant changes from 5.6 to 5.7, requiring small changes to a lot of third-party packages as well as to the default server behavior, so 5.6 (which is supported until 2021) would be a better option. I also think it makes sense to take a smaller step and upgrade from 5.5 to 5.6. Are there any known issues with 5.6 or can you share any information about expected regressions with reverse-dependencies? On 19.05.18 20:41, Emilio Pozuelo Monfort wrote: jessie ships mysql-5.5 and mariadb-10.0. Given that stretch no longer ships mysql but only mariadb, we could just let mysql-5.5 go end of life, mark it as unsupported (or drop the server part), and keep supporting mariadb-10.0. Users will need to move to mariadb at some point anyway. The only problem is that mariadb-10.0 goes EOL on March 2019. mariadb-10.1 is EOL on October 2020, so if we decided to provide that in jessie that would be enough. There are packages in jessie that depend on mysql (or libmysql), not on mariadb. IMHO If it's possible to migrate to mysql-5.6 and later from mysql-5.6 to stretch, it would be a better alternative than deprecate it. If we can agree on this, I can work on updating the packaging (we did have 5.6 in sid at one point, but would need to check that it didn't have any big changes). Otto: MariaDB 10.1 supports migration from MySQL 5.6, right? This would be important for users later upgrading to Stretch. -- Lars
Re: MySQL 5.5 EOL before Debian 8 LTS ends
Hi, On 01/23/2018 10:32 PM, Markus Koschany wrote: Am 23.01.2018 um 11:41 schrieb Lars Tangvald: Hi, On 01/22/2018 04:35 PM, Markus Koschany wrote: [...] I also think it makes sense to take a smaller step and upgrade from 5.5 to 5.6. Are there any known issues with 5.6 or can you share any information about expected regressions with reverse-dependencies? I can't find much of anything that has changed from 5.5 to 5.6 in terms of default behavior, except for NO_ENGINE_SUBSTITUTION being the default sql_mode (https://dev.mysql.com/doc/refman/5.6/en/sql-mode.html#sqlmode_no_engine_substitution). I'll do some more digging, but I don't think there should be much impact on reverse-dependencies. Some options were removed https://dev.mysql.com/doc/refman/5.6/en/server-options.html (often renamed). We did see quite a few regressions of that type for users upgrading from 5.5 to 5.7, but almost all were because the default 5.5 config in Ubuntu packaging contained options that were removed in 5.7. What do you (and other on this list) think about the following plan: We could introduce a mysql-5.6 package already at the start of Jessie LTS in June, so that LTS users are able to test this new version without having to switch from 5.5. Then in 2019, when the security support for MySQL has ended, we perform an upgrade from 5.5 to 5.6. Is this a viable plan and could both packages coexist? Regards, Markus Ubuntu 14.04 something like this; 5.6 is available but 5.5 is the default. This works for the packages with versioned names: server, client and testsuite, while the rest would be dropped from the 5.6 source. Robie, this was implemented before my time, but I seem to remember comments about it causing some issues in Ubuntu. Do you recall what that was? -- Lars
Re: MySQL 5.5 EOL before Debian 8 LTS ends
On 01/24/2018 08:02 AM, Moritz Mühlenhoff wrote: On Tue, Jan 23, 2018 at 11:41:57AM +0100, Lars Tangvald wrote: I can't find much of anything that has changed from 5.5 to 5.6 in terms of default behavior, except for NO_ENGINE_SUBSTITUTION being the default sql_mode (https://dev.mysql.com/doc/refman/5.6/en/sql-mode.html#sqlmode_no_engine_substitution). I'll do some more digging, but I don't think there should be much impact on reverse-dependencies. Some options were removed https://dev.mysql.com/doc/refman/5.6/en/server-options.html (often renamed). We did see quite a few regressions of that type for users upgrading from 5.5 to 5.7, but almost all were because the default 5.5 config in Ubuntu packaging contained options that were removed in 5.7. That sounds far too disruptive for an LTS; better declare announce the server part of mysql (where all the vulnerabilities apply) as unsupported in advance and in December change the package to only build the libmysqlclient parts. The client library part is usually not affected by any security issues and that way you don't risk any regressions. Usually, yes, but what happens when this is not the case? Keep in mind that the issues we got reported in Ubuntu was because the removed options were in the 5.5 default config file shipped in Ubuntu. There's no such settings in the 5.5 to 5.6 upgrade. People then have a year to migrate their servers to jessie (or ideally update/reimage to stretch) This is about Jessie, which currently has 5.5. -- Lars Cheers, Moritz
Re: MySQL 5.5 EOL before Debian 8 LTS ends
Hi, On 01/22/2018 04:35 PM, Markus Koschany wrote: Hi, Am 22.01.2018 um 13:42 schrieb Lars Tangvald: Hi, First off, thanks for handling the 5.5.59 update for Wheezy. I had the security announcement date mixed up so picked it up too late, sorry. MySQL 5.5 is expected to be EOL in December (it was first released December 15, 2010, and we have 8 year security support), while Jessie LTS is until April 2020 How are such cases handled? Will the source package be removed, or is it possible to have it upgraded to a more recent version? These are both possible options but given the significance of MySQL we would rather prefer to upgrade to a supported release provided this is viable for Jessie. If an upgrade is possible, while we did a successful transition in Ubuntu from 5.5 to 5.7, there were significant changes from 5.6 to 5.7, requiring small changes to a lot of third-party packages as well as to the default server behavior, so 5.6 (which is supported until 2021) would be a better option. I also think it makes sense to take a smaller step and upgrade from 5.5 to 5.6. Are there any known issues with 5.6 or can you share any information about expected regressions with reverse-dependencies? I can't find much of anything that has changed from 5.5 to 5.6 in terms of default behavior, except for NO_ENGINE_SUBSTITUTION being the default sql_mode (https://dev.mysql.com/doc/refman/5.6/en/sql-mode.html#sqlmode_no_engine_substitution). I'll do some more digging, but I don't think there should be much impact on reverse-dependencies. Some options were removed https://dev.mysql.com/doc/refman/5.6/en/server-options.html (often renamed). We did see quite a few regressions of that type for users upgrading from 5.5 to 5.7, but almost all were because the default 5.5 config in Ubuntu packaging contained options that were removed in 5.7. -- Lars Regards, Markus
MySQL 5.5 EOL before Debian 8 LTS ends
Hi, First off, thanks for handling the 5.5.59 update for Wheezy. I had the security announcement date mixed up so picked it up too late, sorry. MySQL 5.5 is expected to be EOL in December (it was first released December 15, 2010, and we have 8 year security support), while Jessie LTS is until April 2020 How are such cases handled? Will the source package be removed, or is it possible to have it upgraded to a more recent version? If an upgrade is possible, while we did a successful transition in Ubuntu from 5.5 to 5.7, there were significant changes from 5.6 to 5.7, requiring small changes to a lot of third-party packages as well as to the default server behavior, so 5.6 (which is supported until 2021) would be a better option. -- Lars
Accepted mysql-5.5 5.5.58-0+deb7u1 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 17 Oct 2017 10:24:21 +0200 Source: mysql-5.5 Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5 mysql-server mysql-client mysql-testsuite-5.5 mysql-source-5.5 Architecture: source all amd64 Version: 5.5.58-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org> Changed-By: Lars Tangvald <lars.tangv...@oracle.com> Description: libmysqlclient-dev - MySQL database development files libmysqlclient18 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - PIC version of MySQL embedded server development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.5 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.5 - MySQL database server binaries and system database setup mysql-server-core-5.5 - MySQL database server binaries mysql-source-5.5 - MySQL source mysql-testsuite-5.5 - MySQL testsuite Closes: 878402 Changes: mysql-5.5 (5.5.58-0+deb7u1) wheezy-security; urgency=high . * Imported upstream version 5.5.58 to fix security issues: - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 (Closes: #878402) Checksums-Sha1: 268126f535519957479a405d842bbb5ea253350e 2971 mysql-5.5_5.5.58-0+deb7u1.dsc 37be5e6203e4c5c1b3095d714cc9800b11df 21045852 mysql-5.5_5.5.58.orig.tar.gz 7c04e500040f0402bf79f72c26d7e4b0ee992c55 380206 mysql-5.5_5.5.58-0+deb7u1.debian.tar.gz 545a04624e3b6683eda26cbeeca726c8bdbb49a5 78412 mysql-common_5.5.58-0+deb7u1_all.deb 9bd6d240ccad6527f0f1cac104d2e7c42dc58fb8 76634 mysql-server_5.5.58-0+deb7u1_all.deb 2f4aae8c6f3aaf75649f01b9143dfd722579b086 76518 mysql-client_5.5.58-0+deb7u1_all.deb 20aff132bbd7de733b467bc9f07cdb2598c52d5b 685190 libmysqlclient18_5.5.58-0+deb7u1_amd64.deb 59067bb6e837fcb357d826dae55ffef4e9e85f71 3179956 libmysqld-pic_5.5.58-0+deb7u1_amd64.deb a95419ba1b4e8bd2474fb8f79649f19265849f61 3177954 libmysqld-dev_5.5.58-0+deb7u1_amd64.deb 3d10157e61c5f8187daa63bd5ec7891547d0e2ef 953722 libmysqlclient-dev_5.5.58-0+deb7u1_amd64.deb 9f31c9d032854b55b25acae3eb338e61167552ff 1774094 mysql-client-5.5_5.5.58-0+deb7u1_amd64.deb 510f289769efee1d7e0461bff3360dccde5331a0 3994208 mysql-server-core-5.5_5.5.58-0+deb7u1_amd64.deb e9c3df50826670ca388fa5b6936cef1a6716d4cf 1961466 mysql-server-5.5_5.5.58-0+deb7u1_amd64.deb 6d792ada90b64378c7822aa623a229613630f774 4350324 mysql-testsuite-5.5_5.5.58-0+deb7u1_amd64.deb 573219339c6378071ec0819595a5b5bc1a947e27 22863342 mysql-source-5.5_5.5.58-0+deb7u1_amd64.deb Checksums-Sha256: 4ddcebf2f910a550d70ad7f9b9b3e4ff0f7a6e24e887c7f2d50c19aef94f5146 2971 mysql-5.5_5.5.58-0+deb7u1.dsc 9b6912faf261555c8975db24a987f63f36aaa28052a301e85538346ace0009b9 21045852 mysql-5.5_5.5.58.orig.tar.gz 53f2817258530052c5c8b6edd66efa846fa2cd231170c54522c8e635d7907437 380206 mysql-5.5_5.5.58-0+deb7u1.debian.tar.gz 98d6ea06b83cc738ad60204b46b189780191393a6deeb87985768ecb63cda5bc 78412 mysql-common_5.5.58-0+deb7u1_all.deb 69bced10203880b1875c51dabdd9e7b5a28767952bd48d0561d5ed25c08d8487 76634 mysql-server_5.5.58-0+deb7u1_all.deb b3fb1a3e091ab798c89b3da715d33f3083652e43d94f2a433f764cf05dacfddc 76518 mysql-client_5.5.58-0+deb7u1_all.deb d51776b174f4d5080de16dd2c1e5dc3b6ed997e35dbea61b11c779e8594ab4cc 685190 libmysqlclient18_5.5.58-0+deb7u1_amd64.deb 56a7d19eeb30bdde51300c8347b8e2d70836d3bfa31dae6c8af594404aec6a7b 3179956 libmysqld-pic_5.5.58-0+deb7u1_amd64.deb c311b6b679e155f1bc406cd23d4842ed839230f6e40218f5ec853c2c9e4df420 3177954 libmysqld-dev_5.5.58-0+deb7u1_amd64.deb 62975349eb90cc2aa32e491fb86b8456a692c542abca913e23e89bebc97d2121 953722 libmysqlclient-dev_5.5.58-0+deb7u1_amd64.deb c346c9d33e02ab686ca659f5b83cb416faf8ef83763e143b7f6f0e609582879e 1774094 mysql-client-5.5_5.5.58-0+deb7u1_amd64.deb 8e2c1071d8dcae6e6140192dfab4ac4a5e07247c560f525b47b96695036ce21c 3994208 mysql-server-core-5.5_5.5.58-0+deb7u1_amd64.deb ef35d88e8f2b30559543f3eccbfe38575c700dfd1d2229070eceb3e1c71f22a9 1961466 mysql-server-5.5_5.5.58-0+deb7u1_amd64.deb f294842353871a624ff2644eb8e9e1d5357ff96bc462ff2597c5d1803157ac37 4350324 mysql-testsuite-5.5_5.5.58-0+deb7u1_amd64.deb 72099f676041490203236dfc9b5d147ae4de4ffdfe9356f7c3f4620b2f08089d 22863342 mysql-source-5.5_5.5.58-0+deb7u1_amd64.deb Files: 1b8650432cf95c8759f8a1cd79792d48 2971 database optional mysql-5.5_5.5.58-0+deb7u1.dsc 615d82fb528c8c91048685abaf67ed50 21045852 database optional mysql-5.5_5.5.58.orig.tar.gz 9b1929b5e8d1393d9512cb6f8cbc6be2 380206 database optional mysql-5.5_5.5
Re: [debian-mysql] Bug#878402: Bug#878402: Security fixes from the October 2017 CPU
On 10/19/2017 10:09 AM, Emilio Pozuelo Monfort wrote: On 18/10/17 20:46, Salvatore Bonaccorso wrote: Hi lars, On Wed, Oct 18, 2017 at 03:51:26PM +0200, Lars Tangvald wrote: Hi, 5.5.58 packages for Debian 7 and 8 are built, and pass the test suite. Attached are debdiff files for Wheezy and Jessie (source is also pushed to https://urldefense.proofpoint.com/v2/url?u=https-3A__anonscm.debian.org_cgit_pkg-2Dmysql_mysql-2D5.5.git=DwICaQ=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10=HPjEzLhETPj8fl9HCxxISaaV3f5tXDpGXDR3R2IELxg=00T7TUZCwXkig-wYCf-35nC5VNSQmjNOsNq0TOBoXBs=MPjTux6yCV6-5Si_VECXoTwgZxgsyNIHfNSpH1nq2ws= ) As before, we unfortunately don't have a DD in our team that can sponsor the upload, so we need assistance with that. I will look into it for jessie-security then. I'm not sure if the security team still handles Debian8, or if the lts team does now? Yes, Debian 8 Jessie is still yet handled by the security team. And I will take of Debian 7 (wheezy). Thanks for preparing the update! Cheers, Emilio Thanks for the help to both of you! :) -- Lars
Accepted mysql-5.5 5.5.57-0+deb7u1 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 20 Jul 2017 12:38:50 +0200 Source: mysql-5.5 Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5 mysql-server mysql-client mysql-testsuite-5.5 mysql-source-5.5 Architecture: source all amd64 Version: 5.5.57-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org> Changed-By: Lars Tangvald <lars.tangv...@oracle.com> Description: libmysqlclient-dev - MySQL database development files libmysqlclient18 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - PIC version of MySQL embedded server development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.5 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.5 - MySQL database server binaries and system database setup mysql-server-core-5.5 - MySQL database server binaries mysql-source-5.5 - MySQL source mysql-testsuite-5.5 - MySQL testsuite Closes: 868788 Changes: mysql-5.5 (5.5.57-0+deb7u1) wheezy-security; urgency=high . * Imported upstream version 5.5.57 to fix security issues: - http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - CVE-2017-3635 CVE-2017-3636 CVE-2017-3641 CVE-2017-3648 - CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 (Closes: #868788) Checksums-Sha1: 740c48b928e763eda6d749fdc50b039b6d49fc5a 2971 mysql-5.5_5.5.57-0+deb7u1.dsc 4652b6bbc6b0dbb763ffa778c29e8cb4ea6a9f7f 21044615 mysql-5.5_5.5.57.orig.tar.gz 6a6e3af8905c95495c420a9e8548f7bced1f13f3 380210 mysql-5.5_5.5.57-0+deb7u1.debian.tar.gz ecb45cb87e6017f9febe8dd9f936774672c0ed65 83888 mysql-common_5.5.57-0+deb7u1_all.deb db69664b9107fa334d74f3ca91100577706ed395 82086 mysql-server_5.5.57-0+deb7u1_all.deb 1b5464b7742f1559f6fc48a7cc5e61d643b820f2 81956 mysql-client_5.5.57-0+deb7u1_all.deb 99c76a7434c380f74486613acb4ccd98c119b543 691472 libmysqlclient18_5.5.57-0+deb7u1_amd64.deb f14024f283a9c17271cbcf1cfa37123d84723c57 3185066 libmysqld-pic_5.5.57-0+deb7u1_amd64.deb e24fa81ec1a40361f891e1798feec1781bb2829f 3181008 libmysqld-dev_5.5.57-0+deb7u1_amd64.deb db4e54679b9cd6f67f24682b3348d2e33b9fa096 960356 libmysqlclient-dev_5.5.57-0+deb7u1_amd64.deb ca18ecda5d4e1365aea2b0c2e254efeb005ff540 1778096 mysql-client-5.5_5.5.57-0+deb7u1_amd64.deb 8e3d0695a09951a8f17a9b814f2e212d06e3f62f 3979672 mysql-server-core-5.5_5.5.57-0+deb7u1_amd64.deb 99e6a3cbe94c2eea706d1953c4bcf6d53a6ae030 194 mysql-server-5.5_5.5.57-0+deb7u1_amd64.deb 6b29dd6e25be618f1430f391c82d036996d74d94 4358770 mysql-testsuite-5.5_5.5.57-0+deb7u1_amd64.deb 7e3416adc3a74004fbb44b94e75965d4c2c76780 22876774 mysql-source-5.5_5.5.57-0+deb7u1_amd64.deb Checksums-Sha256: c2ab2fab8ad621135c05e8bb5417e73ca4e679d051e237dfea6772f0adc39d96 2971 mysql-5.5_5.5.57-0+deb7u1.dsc c1c2bd321e524f92e43fe73d0d6745badd538c984c7561b273ae10e9aef57384 21044615 mysql-5.5_5.5.57.orig.tar.gz fe417b8157deb9c1cc6b7e83ca8a80ddd34e6c1907a738ad31666e5647317293 380210 mysql-5.5_5.5.57-0+deb7u1.debian.tar.gz b45fee6903823a133aef911175181f4b4e0b4f2f47d64be020c73c49772b9608 83888 mysql-common_5.5.57-0+deb7u1_all.deb 4d3affd15624880737485ec7943373d41eb314865d868db4519811ab27dbc2b5 82086 mysql-server_5.5.57-0+deb7u1_all.deb a16039bd43611765452562d9de51552da87fc81cfb28840241fc6d50dff3 81956 mysql-client_5.5.57-0+deb7u1_all.deb 723eb46a247ef194f34de663a5dcb0802bc15e6a17e7e55c84fa8cb4f6093f5c 691472 libmysqlclient18_5.5.57-0+deb7u1_amd64.deb 0a4f5541920495f8cb437afd2d3f635d4cbe7fac66e84acd00962537c0ffd66d 3185066 libmysqld-pic_5.5.57-0+deb7u1_amd64.deb f765a3101044bb6909395109ad5868582c20c72eb8b4c79567a4edf70f82459a 3181008 libmysqld-dev_5.5.57-0+deb7u1_amd64.deb 528d35150d23490fe46fe7559acd12a9327a6600167d525eaf6a5125265f14f8 960356 libmysqlclient-dev_5.5.57-0+deb7u1_amd64.deb 523246e138c226c8b027cfe5b5b5081c3395fb2c1f82703c1a71e2b3da0eebee 1778096 mysql-client-5.5_5.5.57-0+deb7u1_amd64.deb ba4e685a92393a5f47eea8e08c1fb0138354718d64d02eca2ffed173802f7f7a 3979672 mysql-server-core-5.5_5.5.57-0+deb7u1_amd64.deb 6d2d0f114d69197a03d3d115562632e9a5ec359b965b97b64d8966c69e79f559 194 mysql-server-5.5_5.5.57-0+deb7u1_amd64.deb c53e9bbb34fa2c01dbd45af04929fcb9c50e031f2778a0362ccc031fe7589f64 4358770 mysql-testsuite-5.5_5.5.57-0+deb7u1_amd64.deb d42e74f7243544f552d7e398c7eeb00f5788b2a79ae0b556556864fb6c56b1f8 22876774 mysql-source-5.5_5.5.57-0+deb7u1_amd64.deb Files: eba1d41553b4aa432693b5795da7e846 2971 database optional mysql-5.5_5.5.57-0+deb7u1.dsc 98103cc90cf483eb1bd4032baa34a315 21044615 database optional mysql-5.5_5.5.57.orig.tar.gz 9ae9cc4e1959b84efcc9d7c7d9c
Re: mysql 5.5.57
- po...@debian.org wrote: > Hi Lars, > > I see that you prepared mysql 5.5.57 for wheezy. Thanks! I'll take > care of > uploading it (after doing some testing) and announcing it, as usual. > > Cheers, > Emilio Thanks! Should have passed it on to lts, as we still don't have a DD on the team that can sponsor MySQL uploads. -- Lars
Accepted mysql-5.5 5.5.55-0+deb7u1 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 19 Apr 2017 07:05:34 +0200 Source: mysql-5.5 Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5 mysql-server mysql-client mysql-testsuite-5.5 mysql-source-5.5 Architecture: source all amd64 Version: 5.5.55-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org> Changed-By: Lars Tangvald <lars.tangv...@oracle.com> Description: libmysqlclient-dev - MySQL database development files libmysqlclient18 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - PIC version of MySQL embedded server development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.5 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.5 - MySQL database server binaries and system database setup mysql-server-core-5.5 - MySQL database server binaries mysql-source-5.5 - MySQL source mysql-testsuite-5.5 - MySQL testsuite Closes: 854713 860544 Changes: mysql-5.5 (5.5.55-0+deb7u1) wheezy-security; urgency=high . * Imported upstream version 5.5.55 to fix security issues: - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309 - CVE-2017-3329 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461 - CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3600 (Closes: #860544) (Closes: #854713) * d/patches: refreshed 62_disable_tests.patch * d/patches: dropped fix_test_events_2.patch. Issue fixed upstream * d/patches: dropped fix use after free patch. Issue fixed upstream Checksums-Sha1: 7f802243ce1b2a2b69eee24878dda9801a7f0a8c 2971 mysql-5.5_5.5.55-0+deb7u1.dsc 8ab934610e09e5325e143680a201d86ba7f2f70d 21040959 mysql-5.5_5.5.55.orig.tar.gz ffeeab77a7837b8c81d5f569f69558347712b82e 380149 mysql-5.5_5.5.55-0+deb7u1.debian.tar.gz d3111581919a953630c015e80f931fb424787c1a 85684 mysql-common_5.5.55-0+deb7u1_all.deb d00c00d6ddb48c75a610ea1847b53747aa4955db 83884 mysql-server_5.5.55-0+deb7u1_all.deb c023d81e124f307d59c35af9cc38f65e57d80e11 83762 mysql-client_5.5.55-0+deb7u1_all.deb f943b55b61479a2ed9ee5e01ef062481b07ea39c 692074 libmysqlclient18_5.5.55-0+deb7u1_amd64.deb 6866440649221adf5f3c865c90a2ed91c3e03a17 3186096 libmysqld-pic_5.5.55-0+deb7u1_amd64.deb 120ccd68d09802aec5838aa689a947370d835d1f 3184558 libmysqld-dev_5.5.55-0+deb7u1_amd64.deb 5fe12c7d88e7daf1697c9f01abae3f156b699d11 961670 libmysqlclient-dev_5.5.55-0+deb7u1_amd64.deb 3b2e5f5cc3fbb8beb80673a4149d83b4f1d9d22f 1781958 mysql-client-5.5_5.5.55-0+deb7u1_amd64.deb fd4987f924326de97d6f534e57f525656da553ef 3979138 mysql-server-core-5.5_5.5.55-0+deb7u1_amd64.deb 5ce0393b18c863af2b120fc2cab16ddf135ce67c 1969916 mysql-server-5.5_5.5.55-0+deb7u1_amd64.deb 015a173848b7314ab21d5fa1bf8c896d032bdc8a 4361644 mysql-testsuite-5.5_5.5.55-0+deb7u1_amd64.deb b6cfe76591a9e5374ed7bb67915a1288e91fd38f 22857788 mysql-source-5.5_5.5.55-0+deb7u1_amd64.deb Checksums-Sha256: f78e5aa1009b9c79cd543380e873b034bf9fc1e3402452a799236fd3b6ae82af 2971 mysql-5.5_5.5.55-0+deb7u1.dsc 9af0a504e2603b0bc0c7c3a4a747df064fb51670a0022b1ad6114f9058b64171 21040959 mysql-5.5_5.5.55.orig.tar.gz 9042933a4043efc88fb725a91fee7fc70d7be649ed6e3a310be2473f47675788 380149 mysql-5.5_5.5.55-0+deb7u1.debian.tar.gz 07289d0f726996ac04765ffb9e56bd6fe5746b28c72ed9455405457896b14c76 85684 mysql-common_5.5.55-0+deb7u1_all.deb 2c48492d68fbb28d8829edcc45ed694bf1c6a6800fd7e966441f28d59db7c2ef 83884 mysql-server_5.5.55-0+deb7u1_all.deb fc18686b4401a651c791164609bdb8e0660cbeed42b816d880cb80dad1f99781 83762 mysql-client_5.5.55-0+deb7u1_all.deb 860aa57043fae208f4b3032e51aaab150ece0a979a93332e3e8f63bd657478b6 692074 libmysqlclient18_5.5.55-0+deb7u1_amd64.deb 77814fe72f5f6df794a261dfebdcd27a5b7e45ed32c36c947be9ea9a5f0181a3 3186096 libmysqld-pic_5.5.55-0+deb7u1_amd64.deb f445dea7d3eae1a0ab31b24ca9c7e834883701cd1477dc1d7292b711ca6406e9 3184558 libmysqld-dev_5.5.55-0+deb7u1_amd64.deb d7dc5a4fa0115877d4a6a06803ad44735ea7e8177186707116413184aefa5479 961670 libmysqlclient-dev_5.5.55-0+deb7u1_amd64.deb e5bc9fbbdea3ab6f74b29cbc0f1fc21f33535017e128819a12d286e7ad3d3b0a 1781958 mysql-client-5.5_5.5.55-0+deb7u1_amd64.deb c142d44f4024aa523d0ad7e56b22d0ea880b0b6fd3b25fa037b256e7ed725055 3979138 mysql-server-core-5.5_5.5.55-0+deb7u1_amd64.deb 10f1efbc8f3b55c6213855d0bbdd8acd39b04013ca07711d9ebe4f03417fcbbe 1969916 mysql-server-5.5_5.5.55-0+deb7u1_amd64.deb 231c7f28e2536995edb9f4e96a5cc9dc19f9bf0d82bca6cc86f194c6f11eca8f 4361644 mysql-testsuite-5.5_5.5.55-0+deb7
Re: Mysql 5.5.55
Hi, The debian/wheezy branch should now be updated. -- Lars On 04/23/2017 02:12 PM, Emilio Pozuelo Monfort wrote: Hi Lars, I see that you already started preparing MySQL 5.5.55 for wheezy in https://urldefense.proofpoint.com/v2/url?u=https-3A__anonscm.debian.org_cgit_pkg-2Dmysql_mysql-2D5.5.git_log_-3Fh-3Ddebian_wheezy=DwIDaQ=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10=HPjEzLhETPj8fl9HCxxISaaV3f5tXDpGXDR3R2IELxg=OXZ-mPBOb1aDtu253RZDNLexhCUPtUx0S1P4-y-d_VQ=JjozhmBLoLkqpEOObpOLd2XZDxVhtGaHIahsbPfqLbA= If you want I can upload the package and send the announcement. Just let me know when you're done with the update (at least I think the changelog needs to be updated). Cheers, Emilio
Accepted mysql-5.5 5.5.54-0+deb7u1 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 18 Jan 2017 08:33:51 +0100 Source: mysql-5.5 Binary: libmysqlclient18 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.5 mysql-server-core-5.5 mysql-server-5.5 mysql-server mysql-client mysql-testsuite-5.5 mysql-source-5.5 Architecture: source all amd64 Version: 5.5.54-0+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian MySQL Maintainers <pkg-mysql-ma...@lists.alioth.debian.org> Changed-By: Lars Tangvald <lars.tangv...@oracle.com> Description: libmysqlclient-dev - MySQL database development files libmysqlclient18 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - PIC version of MySQL embedded server development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.5 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.5 - MySQL database server binaries and system database setup mysql-server-core-5.5 - MySQL database server binaries mysql-source-5.5 - MySQL source mysql-testsuite-5.5 - MySQL testsuite Changes: mysql-5.5 (5.5.54-0+deb7u1) wheezy-security; urgency=high . * Imported Upstream version 5.5.54 to fix security issues: - http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html - CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3258 - CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 - CVE-2017-3317 CVE-2017-3318 * Fix failing test main.events_2 The test was failing due to hardcoded event date. Checksums-Sha1: 36e1ce9e73e8a69b06665405195b5b22407d6ba2 3122 mysql-5.5_5.5.54-0+deb7u1.dsc a1089abcd5d4b8d34d5bbc5c13acb8919bc63ba0 21041949 mysql-5.5_5.5.54.orig.tar.gz d6315cc2743b4a33c243a335c64f89d5fa6fbdad 379618 mysql-5.5_5.5.54-0+deb7u1.debian.tar.gz bedf68029d1f629248a44a0f48897061aa235eb9 80842 mysql-common_5.5.54-0+deb7u1_all.deb d89f350b9ba4a335daf089a0810c146072d014d8 79050 mysql-server_5.5.54-0+deb7u1_all.deb 9fa31df3a9f4fe086337733be33f2fb287b1503b 78920 mysql-client_5.5.54-0+deb7u1_all.deb 31d61df05ccbe89fcc8896c4c34cc91011d71b7e 688178 libmysqlclient18_5.5.54-0+deb7u1_amd64.deb 2bdf6bfade070872e0775743d6d2112adfdc78f1 3182918 libmysqld-pic_5.5.54-0+deb7u1_amd64.deb 5424510e27f208ccbff9fca9255117a611a6be92 3182962 libmysqld-dev_5.5.54-0+deb7u1_amd64.deb 67ad448cc50154f1104a389249b657a3a5aa176e 957390 libmysqlclient-dev_5.5.54-0+deb7u1_amd64.deb 70a414911b438e9ebb1e1ddc49d987cae4504306 1757996 mysql-client-5.5_5.5.54-0+deb7u1_amd64.deb 9d9e492cadef91ada577cf09346eb784b08f037b 3474556 mysql-server-core-5.5_5.5.54-0+deb7u1_amd64.deb c2d692a5b38e49008071bb592ae9b0c1fe545cd4 2012340 mysql-server-5.5_5.5.54-0+deb7u1_amd64.deb 9a55c24c3ed91bb72fa80d20f668ccd68c88e74b 4369370 mysql-testsuite-5.5_5.5.54-0+deb7u1_amd64.deb b3158562694494dafc3e332ece767ce523148a32 22882402 mysql-source-5.5_5.5.54-0+deb7u1_amd64.deb Checksums-Sha256: 793aadef613774ba16531f69bf44e36eae88035a99310bfe14733821c4183395 3122 mysql-5.5_5.5.54-0+deb7u1.dsc 273bcbcf8cc84061eb07c359308563b2029eb3f70f78b558905bc1b5c5791ab8 21041949 mysql-5.5_5.5.54.orig.tar.gz 1cce5e842b8f8d45e5f94c6a0e8dae6d2f8a834b1b4495f8ae4fa400dd7f897e 379618 mysql-5.5_5.5.54-0+deb7u1.debian.tar.gz 2c7128c60956c940b65a372451ce52592f2adf8c9796ab85653dd7bc1d07 80842 mysql-common_5.5.54-0+deb7u1_all.deb ed4f533ea686107beb384ba854170405e95edac0b4f3959ae4fb7f795666cbbf 79050 mysql-server_5.5.54-0+deb7u1_all.deb 199968df268c87645e5f24b9139c2de26e0834eaca1b2cf9d6c17fd52bb3c87f 78920 mysql-client_5.5.54-0+deb7u1_all.deb 900e6749ff5abcccf9549ded885c0e90eb59d8c96e4f29a854a4470f7c0a9e15 688178 libmysqlclient18_5.5.54-0+deb7u1_amd64.deb 5075b0279d6ab5e4d3a91e47aa538134336786be88171907e1c2ca6b34d52fd1 3182918 libmysqld-pic_5.5.54-0+deb7u1_amd64.deb bbc91c225df367b6a430b80b92d5d01894aad232f99c65191beafdb74e631160 3182962 libmysqld-dev_5.5.54-0+deb7u1_amd64.deb 935e34af9057ad92a7277f6780715141a203c7e49f2e987aaad6f2f3a59c5c18 957390 libmysqlclient-dev_5.5.54-0+deb7u1_amd64.deb 9df5c280708d1581953d4a68773fcea0ac07705631c94089aa11495a5ef64660 1757996 mysql-client-5.5_5.5.54-0+deb7u1_amd64.deb 47c9c60c142b9d84cd01d562554a35bee644b2f18f47e93b0973cf4d438aefa0 3474556 mysql-server-core-5.5_5.5.54-0+deb7u1_amd64.deb f7c5988e0ed9c7f61e14c5dddb9e73d96060de6a25c801168a0d45f8253eb00c 2012340 mysql-server-5.5_5.5.54-0+deb7u1_amd64.deb a595bcfc39b0f740026210de7554454f27ad10c2e77a6e3fbacb6a8616f22174 4369370 mysql-testsuite-5.5_5.5.54-0+deb7u1_amd64.deb c5ccbc842fe2bba0e155806b4559f3e83c650a432e45889505b5808d88669cc1 22882402 mysql-source-5.5_5.5.54-0+deb7u1_amd64.deb Files: fc946ec7896909943ed5d9a319ac70a0 3122 database optional mysql-5.5_5.5.54-
Re: MySQL 5.5.52 update for Debian wheezy?
On 09/16/2016 02:04 PM, Roberto C. Sánchez wrote: On Thu, Sep 15, 2016 at 06:59:18AM -0700, Lars Tangvald wrote: Hi, Debdiff attached (only change to debian/ is the changelog entry, which is the same as in git) Thanks for the help :) Hi Lars, I built the package and then noticed that your changelog entry needed some tweaking. That was my fault as I should have specifically checked that first. Here is the final changelog entry (based on Santiago's previous LTS changelog entries): mysql-5.5 (5.5.52-0+deb7u1) wheezy-security; urgency=high [ Roberto C. Sanchez ] * Non-maintainer upload by the Debian LTS team. Thanks to Lars Tangvald for preparing the package. [ Lars Tangvald ] * Imported Upstream version 5.5.52 to fix security issue: - CVE-2016-6662 -- Roberto C. Sanchez <robe...@debian.org> Wed, 14 Sep 2016 10:57:09 +0200 If this looks acceptable to you, I will sign and upload the package. Regards, -Roberto Yeah, sorry, I see I changed the entry (bad email address) after building, then pushed to git. This looks good to me, thanks :) There was a ftbfs on armhf on deb8, but I couldn't see the cause in the log and it didn't happen for Fedora and Ubuntu, so just a heads-up. -- Lars
Re: MySQL 5.5.52 update for Debian wheezy?
Hi, Yes, sorry I didn't communicate what I was doing. I've built and tested the package I uploaded to git, for both Wheezy and Jessie, but I think that's as far as I can take it. When I've done work on the security updates before, at this stage I've simply sent a debdiff over to the security team. So if you're able to take it from here that's great :) -- Lars - robe...@debian.org wrote: > Hi Lars, > > I was preparing to package the 5.5.52 relese of MySQL for Debian > Wheezy > as part of my LTS work. However, I saw that you imported the new > upstream release into the pkg-mysql/mysql-5.5 repository yesterday > and > made a debian/changelog to that effect. Do you intend to build and > upload the package as well? > > I don't want to duplicate effort, so I will wait to hear back from > you > before doing anything else. > > Regards, > > -Roberto > > -- > Roberto C. Sánchez
