-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 21 Oct 2014 11:43:01 +0200 Source: mysql-5.1 Binary: libmysqlclient16 libmysqld-pic libmysqld-dev libmysqlclient-dev mysql-common mysql-client-5.1 mysql-server-core-5.1 mysql-server-5.1 mysql-server mysql-client Architecture: source all amd64 Version: 5.1.73-1+deb6u1 Distribution: squeeze-lts Urgency: medium Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: libmysqlclient-dev - MySQL database development files libmysqlclient16 - MySQL database client library libmysqld-dev - MySQL embedded database development files libmysqld-pic - MySQL database development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.1 - MySQL database client binaries mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.1 - MySQL database server binaries and system database setup mysql-server-core-5.1 - MySQL database server binaries Changes: mysql-5.1 (5.1.73-1+deb6u1) squeeze-lts; urgency=medium . * Non-maintainer upload by the LTS team. * Include upstream patch for CVE-2014-4274: https://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4638 This insecure handling of a temporary file could lead to arbitrary execution of code because the attacker can use this to provide a mysql configuration file that will point to his own plugin_dir. * Fix CVE-2013-2162: Insecure creation of the credential file debian.cnf. Set umask to 066 before creating debian.cnf file. * Include upstream patch for CVE-2014-0001: http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4601 Buffer overrun in MySQL client with long server versions strings. Checksums-Sha1: 3fffd7774a5e59270e302d57e2622b23afa3019f 2073 mysql-5.1_5.1.73-1+deb6u1.dsc ccc20f38881d1d0749dd14382a8d8f30a0472bd9 299049 mysql-5.1_5.1.73-1+deb6u1.diff.gz 365e39f801c77f32946d9c1448375f7a0f9e738e 71694 mysql-common_5.1.73-1+deb6u1_all.deb b6c7445d25e0206115be723efda4197743e131dd 65994 mysql-server_5.1.73-1+deb6u1_all.deb 291c7dfa3d911f6841b310420a2eb744d3254b3e 65866 mysql-client_5.1.73-1+deb6u1_all.deb 110f7b8422b54dc74c81fda2f03fe53cc2fdb706 1971808 libmysqlclient16_5.1.73-1+deb6u1_amd64.deb 00ab3a3b82420a863188b9c7fa45d59b47c17d6f 4488162 libmysqld-pic_5.1.73-1+deb6u1_amd64.deb 89554b12853d8d370b432df97863e7753aee6da1 5743058 libmysqld-dev_5.1.73-1+deb6u1_amd64.deb cb23671f5dd9f0b212b7a4e4466fc34a083b8efe 3195278 libmysqlclient-dev_5.1.73-1+deb6u1_amd64.deb 64df2f04010275f5ae188e55e245bf8485879e13 10100306 mysql-client-5.1_5.1.73-1+deb6u1_amd64.deb 43c5568b95e9f63b8d667579c37cd963cbeb57ff 4145018 mysql-server-core-5.1_5.1.73-1+deb6u1_amd64.deb c7dbc651a23f189a01f4ba313ab4a1d41607e797 6634284 mysql-server-5.1_5.1.73-1+deb6u1_amd64.deb Checksums-Sha256: 6f2ae6b1c9a63ceee0dc557ebbab248d4a6078c44ef237dfcb16faed750f7235 2073 mysql-5.1_5.1.73-1+deb6u1.dsc 5a8a68e5a2629882d8ff9f28d9ebe7a4075cba40b027af64a28327c631b27b0f 299049 mysql-5.1_5.1.73-1+deb6u1.diff.gz 84a9cc5067989e9ca1e039632e1e181247681d3cfc3c5e6fce3f698566d120cb 71694 mysql-common_5.1.73-1+deb6u1_all.deb 587564ac2d67a01495af351d2bcb1dfe18dfaf1fce04f67b8e77f9530c9c92ae 65994 mysql-server_5.1.73-1+deb6u1_all.deb 6f4511c4d435b5c5d08dd37c7541c8a43b4578e55475ee72ab52ebd13e71b284 65866 mysql-client_5.1.73-1+deb6u1_all.deb bbd2e7d031ff7762f2cf81d03699542ef0befe1308a108672678f833a9b361e4 1971808 libmysqlclient16_5.1.73-1+deb6u1_amd64.deb 96524f7ccfd109cd64b21b9ecfa85818e829cc101fa37b3260aa42f56ae1a543 4488162 libmysqld-pic_5.1.73-1+deb6u1_amd64.deb e260037d73b366ce6f66287c9ad552e55b87b330c8b2ee106c803fb273b7f109 5743058 libmysqld-dev_5.1.73-1+deb6u1_amd64.deb 2c0a579205757a4a0f10981761f64110d50f927c37838162d8a71be26fa881c5 3195278 libmysqlclient-dev_5.1.73-1+deb6u1_amd64.deb 57d34a9596cab6abe6e128a30e38d05ed8d7e422e154491c6bdc5be7de03e77c 10100306 mysql-client-5.1_5.1.73-1+deb6u1_amd64.deb 6c58444d449705b9cb404ffa1fd794628a3f22a104f2ee470dc4ec3ee094884f 4145018 mysql-server-core-5.1_5.1.73-1+deb6u1_amd64.deb 8b78fa566bbd6c067727e67211037831f1393ed10190df078b656e8df507dc17 6634284 mysql-server-5.1_5.1.73-1+deb6u1_amd64.deb Files: 02c7cc67d6b25cfcd6660c9999ef4bb3 2073 misc optional mysql-5.1_5.1.73-1+deb6u1.dsc 8d098f90dcc83756cd2ada9bd0e242b6 299049 misc optional mysql-5.1_5.1.73-1+deb6u1.diff.gz a5f2b062b37b62a70671cf5a4e0d0f40 71694 database optional mysql-common_5.1.73-1+deb6u1_all.deb 7c577adc27fb0eb87a87658666932d76 65994 database optional mysql-server_5.1.73-1+deb6u1_all.deb f90be46f0f8fad861d3d9b1d67d5aff1 65866 database optional mysql-client_5.1.73-1+deb6u1_all.deb c6b03809f8e45ce03246a3eee7fa6cdf 1971808 libs optional libmysqlclient16_5.1.73-1+deb6u1_amd64.deb afbc8c40a1be1b3f9e07fdb6ca2e3889 4488162 libdevel optional libmysqld-pic_5.1.73-1+deb6u1_amd64.deb 4870eb9793eb40a96f5c04a594b9c64a 5743058 libdevel optional libmysqld-dev_5.1.73-1+deb6u1_amd64.deb acb732e5a1eb61a9646eeb8de79666be 3195278 libdevel optional libmysqlclient-dev_5.1.73-1+deb6u1_amd64.deb 7c1a777123925db13df9a3e3e15cb2c8 10100306 misc optional mysql-client-5.1_5.1.73-1+deb6u1_amd64.deb e83bd961dba5e043daf4ca871ed4b1fc 4145018 misc optional mysql-server-core-5.1_5.1.73-1+deb6u1_amd64.deb 6425a02938304ec2edfc26050b73977b 6634284 misc optional mysql-server-5.1_5.1.73-1+deb6u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBCAAGBQJUR1A6AAoJEAOIHavrwpq5+/4H/A88ZIcSHiyvXDsi4MT89/BL NAHO+zIXTSDap/8zfPQv3mfN6T6dbFHbVacqUyl4xBmy6sUTla2U65P97i24U5n7 twlxqOlZX6cZ+1qo+xCqdfUy1smpmftOm3F5MLvWMusTwqG03RiEf1gqc0JF7vA6 jQ+e4AnoqKpnefD/VoL7ghAdWn3Lo1mxGGFILD3S+O7POvKBnSIjHz+o2foJC+P8 K/u9leUxLiDI2dzQL1CeLjEVVfE4rk/cbSCsEeTzYUg6aJs4916OQHjYijlkR58U X83VuHqzexQZoKPmpzQLuxtnOypbiWSDw6LN6xQw20czmTbP9BDEowtGm3LT44Y= =2dAI -----END PGP SIGNATURE-----
