mariadb-5.5 (5.5.44-1ubuntu0.14.10.1) utopic-security; urgency=low * SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1464895): - CVE-2015-3152 * Upstream also includes lots of line ending changes (from CRLF -> LF) * Removed hotfix patch now included in upstream release (MDEV-8115) -- Otto Kekäläinen Sat, 13 Jun 2015 21:09:48 +0300 mariadb-5.5 (5.5.43-1ubuntu0.14.10.1) utopic-security; urgency=low * SECURITY UPDATE: Update to 5.5.43 to fix security issues (LP: #1451677): - CVE-2015-0501 - CVE-2015-2571 - CVE-2015-0505 - CVE-2015-0499 * Hotfix patch to fix the server crash caused by mysql_upgrade (MDEV-8115) -- Otto Kekäläinen Tue, 05 May 2015 09:17:31 +0300 mariadb-5.5 (5.5.41-1ubuntu0.14.10.1) utopic-security; urgency=medium * Critical backport from 10.0 (commit 439123d): Fix mariadb-server-5.5.postinst so that the flag removal will not emit an error code if there are no previous debian-*.flag files. -- Otto Kekäläinen Wed, 04 Feb 2015 11:28:16 +0200 mariadb-5.5 (5.5.41-0ubuntu0.14.10.2) utopic-security; urgency=medium * SECURITY UPDATE: Update to 5.5.41 to fix security issues (LP: #1414755) - CVE-2015-0411 - CVE-2015-0382 - CVE-2015-0381 - CVE-2015-0432 - CVE-2014-6568 - CVE-2015-0374 * As approved by Seth Arnold, this security update also imports the latest mariadb-5.5 packaging from Debian which includes useful and low-risk fixes: - Updated Dutch translation by Frans Spiesschaert - Updated control file so that mariadb-client-5.5 breaks and replaces the package mariadb-server-5.5 to allow overwriting the innochecksum man page file which has changed location (LP: #1368124) as per doc https://www.debian.org/doc/debian-policy/ch-relationships.html#s7.6.1 - Backported the fix of #770177 from 10.0 to 5.5 so that the migration question will not be asked repeatedly. (LP: #1392539) * Backported new cacert.pem etc from 5.5 the replace the expired ones -- Otto Kekäläinen Mon, 26 Jan 2015 21:15:00 +0200 mariadb-5.5 (5.5.40-0ubuntu0.14.10.1) utopic-security; urgency=medium * SECURITY UPDATE: Update to 5.5.40 to fix security issues (LP: #1391676) - CVE-2014-6507 - CVE-2014-6491 - CVE-2014-6500 - CVE-2014-6469 - CVE-2014-6555 - CVE-2014-6559 - CVE-2014-6494 - CVE-2014-6496 - CVE-2014-6464 * Add bsdutils as mariadb-server dependency like upstream does in 5.5.40. -- Otto Kekäläinen Fri, 14 Nov 2014 21:04:24 +0200 mariadb-5.5 (5.5.39-2) unstable; urgency=low * d/control: Removed Provides: libmysqlclient-dev (Closes: #759309) * d/control: Removed Provides: libmysqld-dev with same motivation * Re-introduced tha HPPA build patch as the upstream fix wasn't complete * Fixed all kFreeBSD build and test suite issues * Added Italian translation (Closes: #759813) -- Otto Kekäläinen Wed, 27 Aug 2014 21:12:36 +0300 mariadb-5.5 (5.5.39-1) unstable; urgency=low * New upstream release. * Fixes an error when handling MyISAM temporary files can be exploited to execute arbitrary code (Secunia Advisory SA60599) * Add patch to fix kFreeBSD builds * Fixed wrongly applied fix of MDEV-5957 (Closes: #752203) -- Otto Kekäläinen Thu, 07 Aug 2014 12:16:19 +0300 mariadb-5.5 (5.5.38-1) unstable; urgency=low * New upstream release. * Added upstream release signing key in preparation for future use * Made libterm-readkey-perl a depends instead of suggest (LP: #1324082) * Add patch to fix HPPA build error (Closes: #751805) * Fixed lots and lots of Lintian warnings * Disabled TokuDB (Closes: #753222). Remember to re-enable if once https://mariadb.atlassian.net/browse/MDEV-6449 is closed. * Add in retrospect corresponding MariaDB CVEs for Oracle SPU July 2014 (Closes: #754940) - CVE-2014-2494 - CVE-2014-4207 - CVE-2014-4243 - CVE-2014-4258 - CVE-2014-4260 -- Otto Kekäläinen Tue, 17 Jun 2014 16:24:35 +0300 mariadb-5.5 (5.5.37-1) unstable; urgency=low * New upstream release, fixing the following security issues: * Corresponding MariaDB CVEs for Oracle SPU April 2014 (Closes: #745330) - CVE-2014-0384 - CVE-2014-2419 - CVE-2014-2430 - CVE-2014-2431 - CVE-2014-2432 - CVE-2014-2436 - CVE-2014-2438 - CVE-2014-2440 * Re-enabled TokuDB with "if arch amd64" in d/rules * Applied patch to log init output better (Closes https://mariadb.atlassian.net/browse/MDEV-5957) -- Otto Kekäläinen Thu, 17 Apr 2014 20:55:22 +0300 mariadb-5.5 (5.5.36-1) unstable; urgency=low [ Otto Kekäläinen ] * New upstream release. * Updated Danish debconf translation (Closes: #739750). * d/control: Added explicit Conflicts/Replaces for mysql-5.6 packages (Closes: #739841). * d/control: Update for use of virtual-* packages for switching to/from MySQL alternatives. [ James Page ] * d/control: Drop Nicholas from Uploaders, MIA (Closes: #739360). * d/control: Add libjemalloc-dev to BD's. -- Otto Kekäläinen Sun, 02 Mar 2014 01:38:26 +0200 mariadb-5.5 (5.5.35-1) unstable; urgency=low [ Otto Kekäläinen ] * New upstream release, fixing the following security issues: - Buffer overflow in client/mysql.cc (Closes: #737597). - CVE-2014-0001 - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html - CVE-2013-5891 - CVE-2013-5908 - CVE-2014-0386 - CVE-2014-0393 - CVE-2014-0401 - CVE-2014-0402 - CVE-2014-0412 - CVE-2014-0420 - CVE-2014-0437 * Upstream https://mariadb.atlassian.net/browse/MDEV-4902 fixes compatibility with Bison 3.0 (Closes: #733002) * Updated Russian debconf translation (Closes: #734426) * Updated Japanese debconf translation (Closes: #735284) * Updated French debconf translation (Closes: #736480) * Renamed SONAME properly (Closes: #732967) -- James Page Mon, 17 Feb 2014 16:51:52 +0000 mariadb-5.5 (5.5.32-1) unstable; urgency=low [ Otto Kekäläinen ] * Initial package for Debian (Closes: #565308), based on upstream packaging: - mariadb-5.3 by Sergei Golubchik - mariadb-5.2 by Kristian Nielsen - mariadb-5.1 by Peter Lieverdink * Bring packaging up-to-date inline with mysql-5.5 packaging. * Refine control file and tidy lintian warnings * Rename libmysqlclient18 -> libmariadbclient18. * Add suitable Breaks/Replaces/Provides to support migration to/from mysql-server-5.5. * Plus multiple other updates based on feedback from Debian maintainers [ James Page ] * d/control,rules: Cherry picked fix from mysql-5.5 packaging to disable x86 assembler in taocrypt on i386 architectures, removing need for gcc-4.4 dependency. * d/control: Add myself to uploaders. * d/control: Update Vcs fields for new location on git.debian.org. -- Otto Kekäläinen Tue, 24 Sept 2013 15:09:51 +0300