-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 23 Feb 2009 07:37:44 +0000 Source: mysql-dfsg-5.0 Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off Architecture: source all amd64 Version: 5.0.32-7etch10 Distribution: oldstable-security Urgency: high Maintainer: Christian Hammers <ch@debian.org> Changed-By: Devin Carraway <devin@debian.org> Description: libmysqlclient15-dev - mysql database development files libmysqlclient15off - mysql database client library mysql-client - mysql database client (meta package depending on the latest versi mysql-client-5.0 - mysql database client binaries mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf) mysql-server - mysql database server (meta package depending on the latest versi mysql-server-4.1 - mysql database server (transitional package) mysql-server-5.0 - mysql database server binaries Changes: mysql-dfsg-5.0 (5.0.32-7etch10) oldstable-security; urgency=high . * Non-maintainer upload by the security team. * Backport upstream fix for CVE-2008-3963, which allowed an authenticated attacker to crash the MySQL server by supplying an empty binary string literal (e.g. SELECT b'') in a statement. * Apply third-party fix for CVE-2008-4456, in which XML/HTML special characters were not escaped in output from the mysql client's --xml and --html output modes, potentially facilitating script privilege escalation or cross-site scripting attacks. Files: dcbded9cba0e19d190fc2f77f134c550 1119 misc optional mysql-dfsg-5.0_5.0.32-7etch10.dsc 8b223eaabb58e59dd94eb0d4a8c92aea 316316 misc optional mysql-dfsg-5.0_5.0.32-7etch10.diff.gz 5e386582b3fd7d2b81f1ade654a00057 55042 misc optional mysql-common_5.0.32-7etch10_all.deb e97c3e229d72842f1dd5b4ee7f1251ce 48356 misc optional mysql-server_5.0.32-7etch10_all.deb 58c0f9871167c5cea7ef590300c1f615 46278 misc optional mysql-client_5.0.32-7etch10_all.deb 357250a49039aa2ccaa55f25e8e3968e 1832088 libs optional libmysqlclient15off_5.0.32-7etch10_amd64.deb 3638e4cd74fbbc929adb68d260c7a485 7381776 libdevel optional libmysqlclient15-dev_5.0.32-7etch10_amd64.deb bdc8d651e463e0c4b7ed287b7ca1f43c 7548200 misc optional mysql-client-5.0_5.0.32-7etch10_amd64.deb 081d5f54c7e3be08c7e8776e78e874a6 25941038 misc optional mysql-server-5.0_5.0.32-7etch10_amd64.deb 4160e8467f4590b4e9f9be20acdd778d 48378 oldlibs extra mysql-server-4.1_5.0.32-7etch10_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJrOMsU5XKDemr/NIRAmndAJ4x7QqB5ye3vgwSHu9nk75jylh7tgCg8gB0 aPDj3fx7HsUkm+JCaI+oZI0= =tIEK -----END PGP SIGNATURE----- Accepted: libmysqlclient15-dev_5.0.32-7etch10_amd64.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch10_amd64.deb libmysqlclient15off_5.0.32-7etch10_amd64.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch10_amd64.deb mysql-client-5.0_5.0.32-7etch10_amd64.deb to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch10_amd64.deb mysql-client_5.0.32-7etch10_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch10_all.deb mysql-common_5.0.32-7etch10_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch10_all.deb mysql-dfsg-5.0_5.0.32-7etch10.diff.gz to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch10.diff.gz mysql-dfsg-5.0_5.0.32-7etch10.dsc to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch10.dsc mysql-server-4.1_5.0.32-7etch10_amd64.deb to pool/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch10_amd64.deb mysql-server-5.0_5.0.32-7etch10_amd64.deb to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch10_amd64.deb mysql-server_5.0.32-7etch10_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch10_all.deb
