Accepted mysql-dfsg-5.0 5.0.32-7etch8 (source all amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 2 Nov 2008 22:59:32 -0700
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source all amd64
Version: 5.0.32-7etch8
Distribution: stable-security
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Devin Carraway <devin@debian.org>
Description:
libmysqlclient15-dev - mysql database development files
libmysqlclient15off - mysql database client library
mysql-client - mysql database client (meta package depending on the latest versi
mysql-client-5.0 - mysql database client binaries
mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
mysql-server - mysql database server (meta package depending on the latest versi
mysql-server-4.1 - mysql database server (transitional package)
mysql-server-5.0 - mysql database server binaries
Changes:
mysql-dfsg-5.0 (5.0.32-7etch8) stable-security; urgency=high
.
* Non-maintainer upload by the security team.
* Backport upstream's fix for CVE-2008-4098, which represents an expansion
of the vulnerability discussed in (and partially addressed in fixes to)
CVE-2008-2079. As described in CVE-2008-4098, an attacker may interpose
a symlink to another database's data directory anytime between table
creation and first access, thus bypassing the CREATE-time check and so
enabling writes to tables in other databases. The upstream fix is to
apply the check when creating data files as well.
Files:
6456a5396b56431a31e2121805ef3208 1117 misc optional mysql-dfsg-5.0_5.0.32-7etch8.dsc
bc749451446872ac8c8567ed60b0eea6 269277 misc optional mysql-dfsg-5.0_5.0.32-7etch8.diff.gz
64140dddeb7bd50098ddc6222b4d2939 54452 misc optional mysql-common_5.0.32-7etch8_all.deb
761dce88bf46026622550e503800d4c3 48142 misc optional mysql-server_5.0.32-7etch8_all.deb
0a67c6a61d08bf716c0af68da1585563 46068 misc optional mysql-client_5.0.32-7etch8_all.deb
6ed359b8f2fb92c5c9846a3743e4b0f8 1831314 libs optional libmysqlclient15off_5.0.32-7etch8_amd64.deb
7ff54b963be65b5e7d18425cd313bbcb 7371842 libdevel optional libmysqlclient15-dev_5.0.32-7etch8_amd64.deb
ca948f5c66f2172927acd9e5cbf7c9ae 7549266 misc optional mysql-client-5.0_5.0.32-7etch8_amd64.deb
06dc8568f055c04dc4ddfd19de79a704 25813464 misc optional mysql-server-5.0_5.0.32-7etch8_amd64.deb
127af2553cc1fd9e89f1f69a2eb44709 48178 oldlibs extra mysql-server-4.1_5.0.32-7etch8_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJDqfqU5XKDemr/NIRAglfAKChavYWjgBag+rykA+YecSmJ31KugCgooBP
7Dy8eWe4LIOevnPDi8RGtyg=
=JrYw
-----END PGP SIGNATURE-----
Accepted:
libmysqlclient15-dev_5.0.32-7etch8_amd64.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch8_amd64.deb
libmysqlclient15off_5.0.32-7etch8_amd64.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch8_amd64.deb
mysql-client-5.0_5.0.32-7etch8_amd64.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch8_amd64.deb
mysql-client_5.0.32-7etch8_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch8_all.deb
mysql-common_5.0.32-7etch8_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch8_all.deb
mysql-dfsg-5.0_5.0.32-7etch8.diff.gz
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch8.diff.gz
mysql-dfsg-5.0_5.0.32-7etch8.dsc
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch8.dsc
mysql-server-4.1_5.0.32-7etch8_amd64.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch8_amd64.deb
mysql-server-5.0_5.0.32-7etch8_amd64.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch8_amd64.deb
mysql-server_5.0.32-7etch8_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch8_all.deb
Reply to: