mysql-5.5 (5.5.44-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1475294) - http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html - CVE-2015-2582 - CVE-2015-2620 - CVE-2015-2643 - CVE-2015-2648 - CVE-2015-4737 - CVE-2015-4752 - CVE-2015-4757 -- Marc Deslauriers Thu, 16 Jul 2015 13:59:34 -0400 mysql-5.5 (5.5.43-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.43 to fix security issues (LP: #1444616) - http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html - CVE-2015-0433 - CVE-2015-0441 - CVE-2015-0499 - CVE-2015-0501 - CVE-2015-0505 - CVE-2015-2568 - CVE-2015-2571 - CVE-2015-2573 -- Marc Deslauriers Mon, 20 Apr 2015 11:05:55 -0400 mysql-5.5 (5.5.41-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.41 to fix security issues (LP: #1413188) - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html - CVE-2014-6568 - CVE-2015-0374 - CVE-2015-0381 - CVE-2015-0382 - CVE-2015-0411 - CVE-2015-0432 -- Marc Deslauriers Wed, 21 Jan 2015 11:51:36 -0500 mysql-5.5 (5.5.40-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.40 to fix security issues (LP: #1379903) -- Marc Deslauriers Fri, 10 Oct 2014 15:02:22 -0400 mysql-5.5 (5.5.38-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.38 to fix security issues (LP: #1342709) - http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html - CVE-2014-2494 - CVE-2014-4207 - CVE-2014-4258 - CVE-2014-4260 -- Marc Deslauriers Wed, 16 Jul 2014 13:32:04 -0400 mysql-5.5 (5.5.37-0ubuntu0.12.04.1) precise-security; urgency=medium * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1309662) - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html - CVE-2014-0001 - CVE-2014-0384 - CVE-2014-2419 - CVE-2014-2430 - CVE-2014-2431 - CVE-2014-2432 - CVE-2014-2436 - CVE-2014-2438 - CVE-2014-2440 * Drop creation of insecure database permissions: - d/p/33_scripts__mysql_create_system_tables__no_test.patch, d/p/41_scripts__mysql_install_db.sh__no_test.patch, d/p/50_mysql-test__db_test.patch: Restored from mysql-5.1 package, inadvertently dropped in 5.5 transition. This removes the global anonymous access to the database which is a security concern. -- Marc Deslauriers Sun, 20 Apr 2014 13:03:23 -0400 mysql-5.5 (5.5.35-0ubuntu0.12.04.2) precise; urgency=medium [ Eduardo Damato ] * Fix upstart script to account for datadir disk shortage (LP: #1121874) -- Dave Chiluk Tue, 21 Jan 2014 13:11:07 -0500 mysql-5.5 (5.5.35-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.35 to fix security issues (LP: #1269993) - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html - CVE-2013-5891 - CVE-2013-5908 - CVE-2014-0386 - CVE-2014-0393 - CVE-2014-0401 - CVE-2014-0402 - CVE-2014-0412 - CVE-2014-0420 - CVE-2014-0437 -- Marc Deslauriers Thu, 16 Jan 2014 19:55:44 -0500 mysql-5.5 (5.5.34-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.34 to fix security issues (LP: #1243253) - http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html - CVE-2013-3839 - CVE-2013-5807 -- Marc Deslauriers Tue, 22 Oct 2013 11:27:03 -0400 mysql-5.5 (5.5.32-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.32 to fix security issues (LP: #1203828) - http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html - CVE-2013-1861 - CVE-2013-3783 - CVE-2013-3793 - CVE-2013-3802 - CVE-2013-3804 - CVE-2013-3809 - CVE-2013-3812 * SECURITY UPDATE: insecure creation of debian.cnf file - debian/mysql-server-5.5.postinst: set umask to 066 before creating debian.cnf. - CVE-2013-2162 * Adjust Apparmor profile to allow reading PID file. (LP: #1185573) * Fix FTBFS from test suite failure - debian/patches/72_fix_rpl_deadlock_innodb_test.patch: ignore warning from rpl.rpl_deadlock_innodb test in mysql-test/include/mtr_warnings.sql. -- Marc Deslauriers Tue, 23 Jul 2013 20:22:01 -0400 mysql-5.5 (5.5.31-0ubuntu0.12.04.2) precise-proposed; urgency=low * Make innotop usable without installing Suggests (LP: #1000605): - d/control: Promote libterm-readkey-perl from Suggests to Depends. -- James Page Wed, 22 May 2013 10:53:38 +0100 mysql-5.5 (5.5.31-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.31 to fix security issues (LP: #1170516) - http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html * debian/patches/71_disable_rpl_tests.patch: refreshed. * debian/patches/fix-mysqldump-test.patch: removed, fixed differently upstream -- Seth Arnold Thu, 18 Apr 2013 17:32:08 -0700 mysql-5.5 (5.5.29-0ubuntu0.12.04.2) precise-proposed; urgency=low [ Robie Basak ] * Update default my.cnf to log errors to /var/log/mysql/error.log instead of not logging errors at all (LP: #1014732). * Add attachment of error log /var/log/mysql/error.log to apport hook. -- Marc Deslauriers Wed, 23 Jan 2013 08:43:56 -0500 mysql-5.5 (5.5.29-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.29 to fix security issues (LP: #1100264) - http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html * debian/patches/CVE-2012-5611.patch: removed, included upstream. * debian/patches/38_scripts__mysqld_safe.sh__signals.patch: refreshed. -- Marc Deslauriers Wed, 16 Jan 2013 12:51:59 -0500 mysql-5.5 (5.5.28-0ubuntu0.12.04.3) precise-security; urgency=low * SECURITY UPDATE: arbitrary code execution via long argument - debian/patches/CVE-2012-5611.patch: don't overflow buffer in sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test, mysql-test/r/information_schema.result. - CVE-2012-5611 -- Marc Deslauriers Fri, 07 Dec 2012 09:38:32 -0500 mysql-5.5 (5.5.28-0ubuntu0.12.04.2) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.28 to fix security issues (LP: #1068158) - http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html -- Marc Deslauriers Mon, 22 Oct 2012 08:21:00 -0400 mysql-5.5 (5.5.24-0ubuntu0.12.04.1) precise-security; urgency=low * SECURITY UPDATE: Update to 5.5.24 to fix security issues (LP: #1011371) - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html -- Marc Deslauriers Mon, 11 Jun 2012 07:34:33 -0400 mysql-5.5 (5.5.22-0ubuntu1) precise; urgency=low * New upstream release (LP: #965523) * d/mysql-server-5.5.mysql.upstart: Add respawn limit and code to exit ping loop if mysqld needs to be respawned. (LP: #711635) * New upstream bugfix release. * Refreshed patches * d/control: Build-Dep on dh-apparmor (LP: #948481) * d/p/fix-mysqldump-test.patch: Fixes unreliable test introduced in new upstream version. http://bugs.mysql.com/bug.php?id=64401 * d/control: Re-add empty meta-package for mysql-testsuite so users will get the 5.5 version on upgrade and when installing mysql-testsuite. (LP: #959683) -- Clint Byrum Thu, 29 Mar 2012 17:31:30 -0700 mysql-5.5 (5.5.20-0ubuntu3) precise; urgency=low * d/rules,d/mysql-server-5.5.files: Restoring apport hook and apparmor profile (LP: #934013) * d/mysql-server-5.5.postrm: restoring postrm debhelper token to get proper behaviors from dh_installinit and dh_apparmor. -- Clint Byrum Fri, 17 Feb 2012 13:06:24 -0800 mysql-5.5 (5.5.20-0ubuntu2) precise; urgency=low * d/rules,d/control: Revert to using gcc/g++ 4.5 due to test suite segfaults on i386 and amd64. -- Clint Byrum Wed, 15 Feb 2012 12:13:35 -0800 mysql-5.5 (5.5.20-0ubuntu1) precise; urgency=low * New upstream release. * d/mysql-server-5.5.mysql.upstart: Fix stop on to make sure mysql is fully stopped before shutdown commences. (LP: #688541) Also simplify start on as it is redundant. * d/control: Depend on upstart version which has apparmor profile load script to prevent failure on upgrade from lucid to precise. (LP: #907465) * d/apparmor-profile: need to allow /run since that is the true path of /var/run files. (LP: #917542) * d/control: mysql-server-5.5 has files in it that used to be owned by libmysqlclient-dev, so it must break/replace it. (LP: #912487) * d/rules, d/control: 5.5.20 Fixes segfault on tests with gcc 4.6, change compiler back to system default. * d/rules: Turn off embedded libedit/readline.(Closes: #659566) -- Clint Byrum Tue, 14 Feb 2012 23:59:22 -0800 mysql-5.5 (5.5.17-4ubuntu6) precise; urgency=low * d/control: need to also break mysql-client-core-5.1 and mysql-server-core-5.1 as well so that apt knows not to remove mysql-server/mysql-client. * d/control: convert mysql-client back to a meta-package as well. * d/patches/72_fix_standalone_tests.patch: fix testsuite so it will run all tests when run from system /usr/lib/mysql-testsuite directory. -- Clint Byrum Fri, 25 Nov 2011 18:07:00 -0800 mysql-5.5 (5.5.17-4ubuntu5) precise; urgency=low * d/control: convert mysql-server back to a meta-package until 5.1 is removed from the archive. * d/control: mysql-common includes configuration items that only work on mysql 5.5, so adding Breaks: for client and server 5.1. This will make mysql-server-5.1 and mysql-client-5.1 uninstallable which is actually desired. -- Clint Byrum Thu, 24 Nov 2011 13:59:50 -0800 mysql-5.5 (5.5.17-4ubuntu4) precise; urgency=low * d/patches/71_disable_rpl_tests.patch: disables this test until bug #894146 can be triaged. -- Clint Byrum Wed, 23 Nov 2011 12:40:11 -0800 mysql-5.5 (5.5.17-4ubuntu3) precise; urgency=low * d/mysql-client-5.5.files: add missing mysql_plugin * d/libmysqlcient18.files,libmysqlclient-dev.files,d/rules: re-add libmysqlclient_r. In hindsight, removing it was not a productive change. * d/libmysqlclient-dev.files: ship entire contents of include dir, some of these files are included internally by others in the main dir. -- Clint Byrum Wed, 23 Nov 2011 10:22:38 -0800 mysql-5.5 (5.5.17-4ubuntu2) precise; urgency=low * d/patches/70_mysql_va_list.patch: cherry pick patch from upstream bug tracker to fix ARM build failure. (LP: #700982) -- Clint Byrum Tue, 22 Nov 2011 11:00:14 -0800 mysql-5.5 (5.5.17-4ubuntu1) precise; urgency=low * Merge from debian experimental. (LP: #690925) Remaining changes from mysql-5.1 packaging: - Split mysql-client into mysql-client-core - Change breaks/replaces to mysql-client-core-5.1 to allow proper upgrades from 5.1. - drop mailx to suggests. * Additional changes from pkg-mysql svn: [ Guillaume Plessis ] * d/rules: Enabling ARCHIVE, BLACKHOLE, and FEDERATED engines. (Closes: #649484) [Clint Byrum ] * d/copyright: rearranging to have standalone license paragraphs silencing lintian complaints about missing paragraphs. -- Clint Byrum Mon, 21 Nov 2011 22:52:53 -0800 mysql-5.5 (5.5.17-4) experimental; urgency=low * d/control: Pre-Depend on multiarch-support and misc:Pre-Depends. also bump debhelper Build-Dep for multiarch. d/compat: raise to 9 for multiarch support. -- Clint Byrum Thu, 17 Nov 2011 17:38:19 -0800 mysql-5.5 (5.5.17-3) experimental; urgency=low [Clint Byrum] * d/control: setting Multi-Arch fields where appropriate. [Norbert Tretkowski] * Add Clint Byrum to Uploaders. -- Clint Byrum Thu, 17 Nov 2011 14:36:50 -0800 mysql-5.5 (5.5.17-2) experimental; urgency=low * d/rules, d/control: Build with gcc 4.5 to avoid gcc 4.6 compile problems (see Debian bug number 630471) * d/rules, d/libmysqlclient*.files: changes to support multiarch. * d/libmysqlclient18.files, d/libmysqlclient-dev.files: install symlinks to dev libraries properly and remove libmysqlclient_r since it is no longer needed. libmysqlclient is now perfectly thread safe. This will cause FTBFS but can be corrected by simply removing _r, and avoids uncomfortable problem of trying to properly mangle libmysqlclient_r symlinks to libmysqlclient.so. -- Clint Byrum Wed, 09 Nov 2011 23:27:36 -0800 mysql-5.5 (5.5.17-1) experimental; urgency=low [Norbert Tretkowski] * New upstream release. * Fix empty libmysqld-pic package. * Run dh_apparmor on Ubuntu only. [Clint Byrum] * Rewrote debian/copyright file from scratch. -- Clint Byrum Tue, 08 Nov 2011 11:31:13 -0800 mysql-5.5 (5.5.13-0ubuntu1) experimental; urgency=low * New upstream major release. Changing source name to mysql-5.5. (LP: #690925) * New upstream release. * dropping usr/lib/libmysqlclient*.la as they are no longer built by the cmake build, and are not necessary for linking properly. * Removing obsolete automake and dpatch build deps * converted source format to 3.0 (quilt) * debian/patches: converted to quilt, and removed all except disable long filename check to allow building on sbuild/chroots * renamed packages with -5.1 suffix to -5.5. * renaming mysql-testsuite to mysql-testsuite-5.5 * dropping unneeded docs files * dropping libmysqlclient16-dev as transition is complete. * bumping libmysqlclient to v18 for new SONAME. -- Clint Byrum Thu, 02 Jun 2011 23:51:21 -0700 mysql-5.1 (5.1.57-1) unstable; urgency=medium * Bump libmysqlclient16 shlibs to 5.1.50-1 as it introduced a new symbol. (closes: #617240) * Build with -O2 instead -O3, MySQL seems not yet ready for -O3 when using gcc-4.6. (closes: #614044) * Ignore errors in testsuite run on ia64. -- Norbert Tretkowski Sat, 14 May 2011 14:56:13 +0200 mysql-5.1 (5.1.56-1) unstable; urgency=low * New upstream release. * Replace doxygen and texlive-latex-base build-deps with doxygen-latex. (closes: #616270) -- Norbert Tretkowski Tue, 08 Mar 2011 20:59:41 +0100 mysql-5.1 (5.1.55-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Tue, 08 Feb 2011 12:56:42 +0100 mysql-5.1 (5.1.54-2) unstable; urgency=low * Upload to unstable. * Add mysql-source-5.1 package, patch from Clint Byrum. (closes: #611965) * Update debconf translations: - Dutch, from Eric Spreen. (closes: #605590) - Slovak, from Slavko. (closes: #608885) * Fix minor grammar infelicity in debian-start script. (closes: #582955) -- Norbert Tretkowski Fri, 04 Feb 2011 16:28:08 +0100 mysql-5.1 (5.1.54-1ubuntu4) natty; urgency=low [Clint Byrum] * export configured source dir as binary package. -- needed for some plugins to build. [Chuck Short] * debian/control: Fix conflict when installing mysql-client. (LP: #712479) -- Clint Byrum Wed, 02 Feb 2011 11:46:14 -0800 mysql-5.1 (5.1.54-1ubuntu3) natty; urgency=low * debian/mysql-server-core-5.1.files, debian/mysql-client-5.1.files: Fix upgrade from 5.1.49. (LP: #710976) -- Chuck Short Tue, 01 Feb 2011 09:45:41 -0500 mysql-5.1 (5.1.54-1ubuntu2) natty; urgency=low * Fix FTBFS. -- Chuck Short Sun, 30 Jan 2011 14:29:29 -0500 mysql-5.1 (5.1.54-1ubuntu1) natty; urgency=low * Synchronize from Debian Experimental: * Merge from debian unstable: + debian/control: * Update maintainer according to spec. * Move section from "misc" to "database". * Added libmysqlclient16-dev an empty transitional package. * Added mysql-client-core-5.1 package. * Suggest mailx for mysql-server-5.1 * Add mysql-testsuite package so you can run the testsuite seperately. + debian/additions/my.cnf: * Remove language options. Error message files are located in a different directory in Mysql 5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0 and 5.1 use a different value that works. (LP: #316974) + Add apparmor profile: + debian/apparmor-profile: apparmor-profile + debian/rules, debian/mysql-server-5.1.files: install apparmor profile + debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain + debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge. + debian/mysql-server-5.1.README.Debian: add apparmor documentation. + debian/additions/my.cnf: Add warning about apparmor. (LP: #201799) + debian/mysql-server-5.1.postinst: reload apparmor profiles * Convert the package from sysvinit to upstart: + debian/mysql-server-5.1.mysql.upstart: Add upstart script. + debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart. + debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart. + debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since we're not piping anything around logger anymore. + debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation}, debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe + debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped * Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures. * Add Apport hook (LP: #354188): + debian/mysql-server-5.1.py: apport package hook + debian/rules: Make it installable * debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before running logrotate. (LP: #513135) * Make the testsuite installable. (LP: #530752) + debian/mysql-server-5.1.files, debian/rules: install apport package hook * debian/mysql-server-5.1.preinst: Set mysql user's home directory to /nonexistent to protect against having the /var/lib/mysql user-writeable. If an attacker can trick mysqld into creating dot files in the home directory, he could do .rhost-like attacks on the system. (LP: #293258) * debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1. (LP: #590952) * debian/mysql-server.5.1.postinst: Specify the mysql user when installing the mysql databases. (LP: #591875) * Installing mysql_config_pic in /usr/bin so users of libmysqld-pic can extract the appropriate compile flags. (LP: #605021) -- Chuck Short Wed, 26 Jan 2011 09:19:25 -0500 mysql-5.1 (5.1.54-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Fri, 17 Dec 2010 06:06:18 +0100 mysql-5.1 (5.1.53-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Wed, 01 Dec 2010 12:41:28 +0100 mysql-5.1 (5.1.51-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Sat, 02 Oct 2010 16:18:30 +0200 mysql-5.1 (5.1.50-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Sun, 12 Sep 2010 20:13:25 +0200 mysql-5.1 (5.1.49-3) unstable; urgency=high * SECURITY UPDATE: denial of service via incorrect propagation of type errors. - debian/patches/61_CVE-2010-3833.dpatch: properly check for execution errors in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3833 * SECURITY UPDATE: denial of service via derived table materializing. - debian/patches/61_CVE-2010-3834.dpatch: handle temporary tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*. - CVE-2010-3834 * SECURITY UPDATE: denial of service via user-variable assignment expression. - debian/patches/61_CVE-2010-3835.dpatch: fix logic in sql/item_func.*, Add tests to mysql-test/*. - CVE-2010-3835 * SECURITY UPDATE: denial of service via pre-evaluation of LIKE predicates during view preparation. - debian/patches/61_CVE-2010-3836.dpatch: make sure we're not in view preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*. - CVE-2010-3836 * SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and WITH ROLLUP together. - debian/patches/61_CVE-2010-3837.dpatch: create a copy of the order structures in sql/item_sum.cc, sql/table.h. Add tests to mysql-test/*. - CVE-2010-3837 * SECURITY UPDATE: denial of service via longblob and union or update with subquery. - debian/patches/61_CVE-2010-3838.dpatch: handle REAL_RESULT in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3838 * SECURITY UPDATE: denial of service via certain queries with nested joins. - debian/patches/61_CVE-2010-3839.dpatch: fix nesting in sql/sql_select.cc. Add tests to mysql-test/*. - CVE-2010-3839 * SECURITY UPDATE: denial of service via PolyFromWKB() function and improper data. - debian/patches/61_CVE-2010-3840.dpatch: improve data handling in sql/spatial.cc. Add tests to mysql-test/*. - CVE-2010-3840 * Patches and changelog entries taken from Ubuntu. (closes: #599937) * Import and ACK NMU 5.1.49-2.1. (closes: #595120, #601152) -- Norbert Tretkowski Tue, 30 Nov 2010 09:20:33 +0100 mysql-5.1 (5.1.49-2.1) unstable; urgency=high * Non-maintainer upload. * debian/mysql-server-5.1.mysql.init: Remove $named from Should-Start/Should-Stop (closes: #595120). Thanks for Clint Byrum patch. * Update Portuguese translation (closes: #601152). Thanks for Miguel Figueiredo patch. -- Xavier Oswald Sat, 27 Nov 2010 17:43:13 +0100 mysql-5.1 (5.1.49-2) unstable; urgency=low * Check for server binary before executing any script. (closes: #583611) * Move my_print_defaults and perror from mysql-server-5.1 to mysql-client-5.1 package. (closes: #591373) * Update debconf translations: - Spanish, from Javier Fernández-Sanguino. (closes: #592171) - Galician, from Jorge Barreiro. (closes: #592813) - Arabic, from Ossama Khayat. (closes: #596169, #600884) - Czech, from Miroslav Kure. (closes: #598339) - Danish, from Joe Dalton. (closes: #599483) - Portuguese, from Rui Branco. (closes: #599759) - Catalan, from Jordi Mallach. (closes: #601098) * Add patch 99_fix_testsuite_for_installed_env.dpatch from Ubuntu to fix mysql-testsuite to work with the installation location. * Add README.source file to make lintian happy. * Update Standards-Version to 3.9.1, no changes required. -- Norbert Tretkowski Wed, 27 Oct 2010 14:41:19 +0200 mysql-5.1 (5.1.49-1ubuntu9) natty; urgency=low * debian/mysql-server-5.1.mysql.upstart, debian/control: use AppArmor helper, available since upstart 0.6.7-3. -- Kees Cook Fri, 14 Jan 2011 13:11:24 -0800 mysql-5.1 (5.1.49-1ubuntu8.1) maverick-security; urgency=low * SECURITY UPDATE: denial of service via incorrect propagation of type errors. - debian/patches/61_CVE-2010-3833.dpatch: properly check for execution errors in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3833 * SECURITY UPDATE: denial of service via derived table materializing. - debian/patches/61_CVE-2010-3834.dpatch: handle temporary tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*. - CVE-2010-3834 * SECURITY UPDATE: denial of service via user-variable assignment expression. - debian/patches/61_CVE-2010-3835.dpatch: fix logic in sql/item_func.*, Add tests to mysql-test/*. - CVE-2010-3835 * SECURITY UPDATE: denial of service via pre-evaluation of LIKE predicates during view preparation. - debian/patches/61_CVE-2010-3836.dpatch: make sure we're not in view preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*. - CVE-2010-3836 * SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and WITH ROLLUP together. - debian/patches/61_CVE-2010-3837.dpatch: create a copy of the order structures in sql/item_sum.cc, sql/table.h. Add tests to mysql-test/*. - CVE-2010-3837 * SECURITY UPDATE: denial of service via longblob and union or update with subquery. - debian/patches/61_CVE-2010-3838.dpatch: handle REAL_RESULT in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3838 * SECURITY UPDATE: denial of service via certain queries with nested joins. - debian/patches/61_CVE-2010-3839.dpatch: fix nesting in sql/sql_select.cc. Add tests to mysql-test/*. - CVE-2010-3839 * SECURITY UPDATE: denial of service via PolyFromWKB() function and improper data. - debian/patches/61_CVE-2010-3840.dpatch: improve data handling in sql/spatial.cc. Add tests to mysql-test/*. - CVE-2010-3840 * debian/patches/62_disable_longfilename_test.dpatch: disable the partition_rename_longfilename test as it fails when building with sbuild and schroots. -- Marc Deslauriers Tue, 09 Nov 2010 12:58:03 -0500 mysql-5.1 (5.1.49-1ubuntu8) maverick; urgency=low * raising kill timeout to 300 to help avoid table corruption (LP: #620441) -- Clint Byrum Wed, 08 Sep 2010 09:36:13 -0700 mysql-5.1 (5.1.49-1ubuntu7) maverick; urgency=low * debian/apparmor-profile: fix syntax error introduced in last upload and remove added redundant access rule. LP: #622010, LP: #594932 -- Jamie Strandboge Sat, 21 Aug 2010 22:16:40 -0500 mysql-5.1 (5.1.49-1ubuntu6) maverick; urgency=low [Clint Byrum] * Installing mysql_config_pic in /usr/bin so users of libmysqld-pic can extract the appropriate compile flags. (LP: #605021) [Chuck Short] * debian/mysql-server.5.1.postinst: Specify the mysql user when installing the mysql databases. (LP: #591875) * debian/apparmor-profile: Update apparmor profile for mysql plugins. (LP: #594932, #619172) -- Chuck Short Fri, 20 Aug 2010 10:12:48 -0400 mysql-5.1 (5.1.49-1ubuntu5) maverick; urgency=low * New patch: 99_fix_testsuite_for_installed_env.dpatch: fix mysql-testsuite to work with the installation location (LP: #617461) * debian/apparmor-profile: add mmap access to mysql plugin location (LP: #617463) -- Steve Beattie Thu, 12 Aug 2010 15:44:46 -0700 mysql-5.1 (5.1.49-1ubuntu4) maverick; urgency=low * debian/rules: doy. Put dh_apparmor in binary-arch so more than just i386 has the benefit of AppArmor protection, really fixing LP: #616417 -- Jamie Strandboge Thu, 12 Aug 2010 07:11:57 -0500 mysql-5.1 (5.1.49-1ubuntu3) maverick; urgency=low * debian/control: Build-Depends on debhelper 7.4.20ubuntu6, which has a fix that prevented debhelper from creating the necessary output in postinst (LP: #616417) -- Jamie Strandboge Wed, 11 Aug 2010 15:08:12 -0500 mysql-5.1 (5.1.49-1ubuntu2) maverick; urgency=low * convert to using dh_apparmor: - debian/rules, debian/mysql-server-5.1.postinst: use dh_apparmor - debian/control: Build-Depends on debhelper 7.4.20ubuntu5 * debian/mysql-server-5.1.postrm: since it doesn't use DEBHELPER, update to what we have in debhelper * debian/apparmor-profile: update for local include -- Jamie Strandboge Fri, 06 Aug 2010 14:13:29 -0500 mysql-5.1 (5.1.49-1ubuntu1) maverick; urgency=low * Merge from debian unstable: + debian/control: * Update maintainer according to spec. * Move section from "misc" to "database". * Added libmysqlclient16-dev an empty transitional package. * Added mysql-client-core-5.1 package. * Suggest mailx for mysql-server-5.1 * Add mysql-testsuite package so you can run the testsuite seperately. + debian/additions/my.cnf: * Remove language options. Error message files are located in a different directory in Mysql 5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0 and 5.1 use a different value that works. (LP: #316974) + Add apparmor profile: + debian/apparmor-profile: apparmor-profile + debian/rules, debian/mysql-server-5.1.files: install apparmor profile + debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain + debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge. + debian/mysql-server-5.1.README.Debian: add apparmor documentation. + debian/additions/my.cnf: Add warning about apparmor. (LP: #201799) + debian/mysql-server-5.1.postinst: reload apparmor profiles * Convert the package from sysvinit to upstart: + debian/mysql-server-5.1.mysql.upstart: Add upstart script. + debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart. + debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart. + debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since we're not piping anything around logger anymore. + debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation}, debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe + debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped * Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures. * Add Apport hook (LP: #354188): + debian/mysql-server-5.1.py: apport package hook + debian/rules: Make it installable * debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before running logrotate. (LP: #513135) * Make the testsuite installable. (LP: #530752) + debian/mysql-server-5.1.files, debian/rules: install apport package hook * debian/mysql-server-5.1.preinst: Set mysql user's home directory to /nonexistent to protect against having the /var/lib/mysql user-writeable. If an attacker can trick mysqld into creating dot files in the home directory, he could do .rhost-like attacks on the system. (LP: #293258) * debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1. (LP: #590952) -- Chuck Short Wed, 04 Aug 2010 13:18:27 -0400 mysql-5.1 (5.1.49-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Sat, 31 Jul 2010 12:34:43 +0200 mysql-5.1 (5.1.48-1ubuntu5) maverick; urgency=low * debian/mysql-server-5.1.mysql.upstart: Fix upstart init script. (LP: #608423) -- Chuck Short Sun, 01 Aug 2010 11:23:11 -0400 mysql-5.1 (5.1.48-1ubuntu4) maverick; urgency=low * debian/mysql-server-5.1.mysql.upstart: Update upstart job again, simpilfy things again. -- Chuck Short Wed, 28 Jul 2010 08:23:13 -0400 mysql-5.1 (5.1.48-1ubuntu3) maverick; urgency=low * debian/mysql-server-5.1.mysq.upstart: Update upstart job, thanks to sPOiDar. (LP: #551130) -- Chuck Short Wed, 21 Jul 2010 09:29:19 -0400 mysql-5.1 (5.1.48-1ubuntu2) maverick; urgency=low * New patch 60_abi-check-includ; fix build failure in abi_check with newer GCCs which will exit with failure when an #include can't be found; LP: #579909. -- Loïc Minier Wed, 14 Jul 2010 00:13:00 +0200 mysql-5.1 (5.1.48-1ubuntu1) maverick; urgency=low * Merge from debian unstable, remaining changes: + debian/control: * Update maintainer according to spec. * Move section from "misc" to "database". * Added libmysqlclient16-dev an empty transitional package. * Added mysql-client-core-5.1 package. * Suggest mailx for mysql-server-5.1 * Add mysql-testsuite package so you can run the testsuite seperately. + debian/additions/my.cnf: * Remove language options. Error message files are located in a different directory in Mysql 5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0 and 5.1 use a different value that works. (LP: #316974) + Add apparmor profile: + debian/apparmor-profile: apparmor-profile + debian/rules, debian/mysql-server-5.1.files: install apparmor profile + debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain + debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge. + debian/mysql-server-5.1.README.Debian: add apparmor documentation. + debian/additions/my.cnf: Add warning about apparmor. (LP: #201799) + debian/mysql-server-5.1.postinst: reload apparmor profiles * Convert the package from sysvinit to upstart: + debian/mysql-server-5.1.mysql.upstart: Add upstart script. + debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart. + debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart. + debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since we're not piping anything around logger anymore. + debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation}, debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe + debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped * Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures. * Add Apport hook (LP: #354188): + debian/mysql-server-5.1.py: apport package hook + debian/rules: Make it installable * debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before running logrotate. (LP: #513135) * Make the testsuite installable. (LP: #530752) + debian/mysql-server-5.1.files, debian/rules: install apport package hook * debian/mysql-server-5.1.preinst: Set mysql user's home directory to /nonexistent to protect against having the /var/lib/mysql user-writeable. If an attacker can trick mysqld into creating dot files in the home directory, he could do .rhost-like attacks on the system. (LP: #293258) * debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1. (LP: #590952) -- Chuck Short Mon, 21 Jun 2010 15:31:05 -0400 mysql-5.1 (5.1.48-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Thu, 17 Jun 2010 22:38:56 +0200 mysql-5.1 (5.1.47-1ubuntu2) maverick; urgency=low * debian/control: mysql-client-5.1 should depend on mysql-core-client-5.1. (LP: #590952) * debian/mysql-server-5.1.mysql.upstart: Dont start mysqld on runlevel 1. (LP: #559533) -- Chuck Short Tue, 15 Jun 2010 11:20:15 -0400 mysql-5.1 (5.1.47-1ubuntu1) maverick; urgency=low * Merge from debian unstable, remaining changes: + debian/control: * Update maintainer according to spec. * Move section from "misc" to "database". * Added libmysqlclient16-dev an empty transitional package. * Added mysql-client-core-5.1 package. * Suggest mailx for mysql-server-5.1 * Add mysql-testsuite package so you can run the testsuite seperately. + debian/additions/my.cnf: * Remove language options. Error message files are located in a different directory in Mysql 5.0. Setting the language option to use /usr/share/mysql/english breaks Mysql 5.0. Both 5.0 and 5.1 use a different value that works. (LP: #316974) + Add apparmor profile: + debian/apparmor-profile: apparmor-profile + debian/rules, debian/mysql-server-5.1.files: install apparmor profile + debian/mysql-server-5.1.dirs: add etc/apparmor.d/fore-complain + debian/mysql-server-5.1.postrm: remove symlink in force-complain/ on purge. + debian/mysql-server-5.1.README.Debian: add apparmor documentation. + debian/additions/my.cnf: Add warning about apparmor. (LP: #201799) + debian/mysql-server-5.1.postinst: reload apparmor profiles * Convert the package from sysvinit to upstart: + debian/mysql-server-5.1.mysql.upstart: Add upstart script. + debian/mysql-server-5.1.mysql.init: Dropped, unused now with upstart. + debian/additions/mysqld_safe_syslog.cnf: Dropped, unused now with upstart. + debian/additons/my.cnf: Remove pid declaration and setup error logging to /var/log/mysql since we're not piping anything around logger anymore. + debian/rules, debian/mysql-server-5.1.logcheck.ignore.{paranoid,worstation}, debian/mysql-server-5.1.logcheck.ignore.server: : Remove references to mysqld_safe + debian/patches/38_scripts_mysqld_safe.sh_signals.dpatch: Dropped * Added -fno-strict-aliasing to CFLAGS to get around mysql testsuite build failures. * Add Apport hook (LP: #354188): + debian/mysql-server-5.1.py: apport package hook + debian/rules: Make it installable * debian/mysql-server-5.1.mysql-server.logrotate: Check to see if mysql is running before running logrotate. (LP: #513135) * Make the testsuite installable. (LP: #530752) + debian/mysql-server-5.1.files, debian/rules: install apport package hook * debian/mysql-server-5.1.preinst: Set mysql user's home directory to /nonexistent to protect against having the /var/lib/mysql user-writeable. If an attacker can trick mysqld into creating dot files in the home directory, he could do .rhost-like attacks on the system. (LP: #293258) * Dropped: + debian/patches/51_ssl_test_certs: Certs have been updated up until 2015. -- Chuck Short Wed, 26 May 2010 09:27:48 -0400 mysql-5.1 (5.1.47-1) unstable; urgency=low * New upstream release. (closes: #582526) * Add patch to fix compile issue with embedded enabled. -- Norbert Tretkowski Sat, 22 May 2010 08:59:41 +0200 mysql-5.1 (5.1.46-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Tue, 11 May 2010 18:47:32 +0200 mysql-5.1 (5.1.45-3) unstable; urgency=low * Upload to unstable. -- Norbert Tretkowski Sat, 10 Apr 2010 19:22:55 +0200 mysql-5.1 (5.1.45-2) experimental; urgency=low * Add mysql-server-core-5.1 package, containing the package and its manpage, to let packages like akonadi use the mysqld binary without using system databases. Thanks to Didier Raboud for the patch! (closes: #548419) * Add libterm-readkey-perl suggestion to mysql-client-5.1 package. (closes: #574505, #575769) -- Norbert Tretkowski Wed, 31 Mar 2010 11:36:25 +0200 mysql-5.1 (5.1.45-1) unstable; urgency=low * New upstream release. * Drop patch 10_readline_build_fix.dpatch. * Rename source package to mysql-5.1. -- Norbert Tretkowski Wed, 17 Mar 2010 14:56:02 +0100 mysql-dfsg-5.1 (5.1.44-3) unstable; urgency=low * Add patch that reinstates the reloading of character set data when a mysql_library_init() is done after a mysql_library_end(). (closes: #569549, #569595) -- Norbert Tretkowski Mon, 01 Mar 2010 18:22:35 +0100 mysql-dfsg-5.1 (5.1.44-2) unstable; urgency=low * Disable innodb.innodb_information_schema test in testsuite run, it fails randomly on at least i386. (closes: #570693) -- Norbert Tretkowski Sun, 21 Feb 2010 20:45:59 +0100 mysql-dfsg-5.1 (5.1.44-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Thu, 18 Feb 2010 21:38:09 +0100 mysql-dfsg-5.1 (5.1.43-1) unstable; urgency=low * New upstream release. * Drop patches: + 11_binlog_wrong_offset.dpatch + 96_SECURITY_CVE-2009-4484.dpatch * Disable SSL related test in the testsuite until MySQL gets shipped with an updated SSL certificate. * Include symlinks for mysqlcheck manpages. (closes: #558760) * Fix some lintian warnings: + debian-news-entry-has-unknown-version + postinst-has-useless-call-to-ldconfig + postrm-has-useless-call-to-ldconfig * Bump Standards-Version to 3.8.4, no changes required. -- Norbert Tretkowski Mon, 01 Feb 2010 22:03:42 +0100 mysql-dfsg-5.1 (5.1.41-4) unstable; urgency=high * SECURITY: Fix for CVE-2009-4484: Copying name tags into an internal buffer from incoming stream we didn't check the buffer overflow. That may lead to memory overrun, crash etc. * Add -fno-strict-aliasing to $CFLAGS to get around testsuite errors when building with gcc 4.4.x. (closes: #554207) -- Norbert Tretkowski Mon, 18 Jan 2010 19:03:25 +0100 mysql-dfsg-5.1 (5.1.41-3) unstable; urgency=low * Let mysql-server-5.1 replace libmysqlclient-dev (>= 5.1.41-1) because of moved InnoDB plugin. (closes: #557806) -- Norbert Tretkowski Tue, 24 Nov 2009 19:20:36 +0100 mysql-dfsg-5.1 (5.1.41-2) unstable; urgency=low * Move InnoDB plugin into -server package. * Fix some lintian errors and warnings: + weak-library-dev-dependency + dir-or-file-in-var-run + command-with-path-in-maintainer-script * Ignore errors in testsuite run on s390. -- Norbert Tretkowski Sat, 21 Nov 2009 13:37:17 +0100 mysql-dfsg-5.1 (5.1.41-1) unstable; urgency=medium * New upstream release. * Drop patch 60_zlib_innodb_workaround.dpatch, merged upstream. * Make $DATADIR readable/writeable only for user mysql. (closes: #555626) * Build with --without-readline to use system readline instead of bundled copy. (closes: #552003) -- Norbert Tretkowski Fri, 20 Nov 2009 17:35:42 +0100 mysql-dfsg-5.1 (5.1.40-1) unstable; urgency=low * New upstream release. * Set thread_stack size to 192K rather than 128K. -- Norbert Tretkowski Fri, 23 Oct 2009 19:12:45 +0200 mysql-dfsg-5.1 (5.1.39-1) unstable; urgency=low * New upstream release. * New patch 60_zlib_innodb_workaround.dpatch to fix an incompatibility between zlib and innodb during testsuite run. * Wait in the SIGHUP trap to avoid killing an existing mysqld process when a HUP signal is sent to mysqld_safe, patch based based on Mathias Gug's fix from 5.0 series. (closes: #545044) * Update debconf translations: - Japanese, from Hideki Yamane. (closes: #545329) - Swedish, from Martin Bagge. (closes: #545731) * Fix some options in my.cnf about log_file have their named changed, patch from Mathias Gug. (closes: #545761) * Do not upgrade if there is an ndb management node configured, patch from Mathias Gug. (closes: #545760) * Switch build-dependency from libreadline5-dev to libreadline-dev. -- Norbert Tretkowski Mon, 28 Sep 2009 17:41:51 +0200 mysql-dfsg-5.1 (5.1.37-2) unstable; urgency=low * Update debconf translations: - Swedish, from Martin Bagge. (closes: #539207) - Russian, from Yuri Kozlov. (closes: #540216) - French, from Christian Perrier. (closes: #540508) - Italian, from Luca Monducci. (closes: #541465) - German, from Thomas Mueller. (closes: #544477) * Handle DEB_BUILD_OPTIONS correctly, patch from Stephen Depooter. (closes: #523928) * Support ANSI mode in debian-start.inc.sh, patch from Mathias Gug. (closes: #534606) * Enable hardening. (closes: #542746) * Drop old_passwords option. (closes: #540366) -- Norbert Tretkowski Wed, 02 Sep 2009 20:26:59 +0200 mysql-dfsg-5.1 (5.1.37-1) unstable; urgency=low * New upstream release. * Drop empty transitional package libmysqlclient15-dev, and provide/replace it with libmysqlclient-dev. (closes: #538659) * Ignore errors in testsuite on all archs but amd64, i386, ia64 and s390. (closes: #539679) * Update debconf translations: - French, from Christian Perrier. (closes: #539703) * Fixed typo regarding log_type in my.cnf. -- Norbert Tretkowski Tue, 04 Aug 2009 19:25:45 +0200 mysql-dfsg-5.1 (5.1.36-5) unstable; urgency=low [ Christian Hammers ] * Applied debconf template patch from debian-l10n-english (thanks to Justin B Rye). * Added a missing misc:Depends to debian/control for lintian. * Fixes typo in initscript (thanks to Gaspar Lajos). [ Norbert Tretkowski ] * Ignore errors in testsuite run on mips. (closes: #539095) * Update debconf translations: - Basque, from Piarres Beobide. (closes: #539130) - Russian, from Yuri Kozlov. (closes: #539459) -- Norbert Tretkowski Sat, 01 Aug 2009 11:13:55 +0200 mysql-dfsg-5.1 (5.1.36-4) unstable; urgency=low * dpkg-gensymbols caused a lot of FTBFS because the C++ libraries have slightly different symbol names on other archs (long vs. int somebody told me on IRC). We now limit the ABI compatibility check to amd64. -- Christian Hammers Sun, 26 Jul 2009 11:46:20 +0200 mysql-dfsg-5.1 (5.1.36-3) unstable; urgency=low * Moving from experimental to unstable! -- Christian Hammers Sat, 25 Jul 2009 20:42:39 +0200 mysql-dfsg-5.1 (5.1.36-2) experimental; urgency=low * Build both -fPIC (libmysql_pic.a) and non -fPIC (libmysqld.a) as some packages seem to need the -fPIC variant for their own build process. Documented in README.Debian. Thanks to Modestas Vainius for the patch. Closes: #508406 * Switch to out-of-source true build mode was a side effect of this change. * Added libmysqlclient16.symbols file (thanks to Raphael Hertzog). * Raised debian/compat from 4 to 7. * Updated innotop to 1.7.1. * Minor cleanups that lintian suggested. -- Christian Hammers Sun, 19 Jul 2009 18:48:53 +0200 mysql-dfsg-5.1 (5.1.36-1) experimental; urgency=low * Ex-maintainer upload :) * New upstream release. * SECURITY: Upstream fix for "mysql client does not escape strings in --html mode." (CVE-2008-4456) Closes: #526254 * Upstream fixes REPEAT() function. Closes: #447028 * Upstream fixes problems when mixing ORDER and GROUP BY. Closes: #470854 * There were many innodb fixes in the last two years, probably also for this unreproducible crash. CLoses: #447713 * Removed amd64 specific -fPIC compiler option that was introduced especially for building the NDB cluster module which is no longer part of this package (thanks to Modestas Vainius). Closes: #508406 * Put /etc/mysql/conf.d to mysql-server-5.1.dirs (thanks to Alexander Gerasiov). Closes: #515145 * Fixed mysql-test suite by adding 50_mysql-test__db_test.dpatch. It now passes 100% of the tests again. Also Closes: #533999 * Preinst now prevents Installation if NDB configuration is detected. * Applied Ubuntu patch that fixes privilege bootstrapping in postinst (thanks to Mathias Gug). Closes: #535492 * Applied Ubuntu patch that sets the debconf prio for the root password question to high and prevents it from being asked on 5.0 -> 5.1 upgrades (thanks to Mathias Gug). Closes: #535500 * Removed the check for ISAM tables as the only supported upgrade path is from lenny's MySQL-5.0. * Added /etc/mysql/conf.d/mysqld_safe_syslog.cnf which enables mysqld_safe to pipe all mysqld output into the syslog. The reason for not letting dpkg handle it via a normal config file change was that my.cnf is usually heavily tuned by the admin so the setting would go lost too easily. * Updated mysqlreport to version 3.5 (including two minor patches by me). -- Christian Hammers Wed, 01 Jul 2009 20:54:58 +0200 mysql-dfsg-5.1 (5.1.34-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Mon, 20 Apr 2009 20:23:10 +0200 mysql-dfsg-5.1 (5.1.33-2) experimental; urgency=low * Remove no longer active developers from uploaders field. * Drop workaround for upgrades from MySQL 3.23, not necessary any more. -- Norbert Tretkowski Tue, 07 Apr 2009 11:23:25 +0200 mysql-dfsg-5.1 (5.1.33-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Thu, 02 Apr 2009 21:12:23 +0200 mysql-dfsg-5.1 (5.1.32-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Fri, 06 Mar 2009 18:48:23 +0100 mysql-dfsg-5.1 (5.1.31-2) experimental; urgency=low * Update SSL certificates, and re-enable SSL related tests when running the testsuite. -- Norbert Tretkowski Tue, 10 Feb 2009 16:08:42 +0100 mysql-dfsg-5.1 (5.1.31-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Sun, 08 Feb 2009 17:07:11 +0100 mysql-dfsg-5.1 (5.1.30-2) experimental; urgency=low * Drop MySQL Cluster support, it's deprecated since 5.1.24-RC. * Fix FTBFS if build twice in a row. (closes: #487091) -- Norbert Tretkowski Fri, 05 Dec 2008 21:04:55 +0100 mysql-dfsg-5.1 (5.1.30-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Thu, 27 Nov 2008 09:09:55 +0100 mysql-dfsg-5.1 (5.1.29rc-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Mon, 27 Oct 2008 20:00:43 +0100 mysql-dfsg-5.1 (5.1.26rc-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Mon, 14 Jul 2008 21:46:59 +0200 mysql-dfsg-5.1 (5.1.25rc-1) experimental; urgency=low * New upstream release. -- Norbert Tretkowski Sat, 21 Jun 2008 13:55:02 +0200 mysql-dfsg-5.1 (5.1.24rc-1) experimental; urgency=low * New upstream release. * Ignore errors in testsuite on ia64 and s390. -- Norbert Tretkowski Wed, 16 Apr 2008 22:03:44 +0200 mysql-dfsg-5.1 (5.1.23rc-1) experimental; urgency=low * New upstream release. [ Christian Hammers ] * Add PIC support for NDB libraries on amd64 (thanks to Monty Taylor). * Add extra information when aborting due to a detected downgrade (thanks to Raphael Pinson). * Move libndbclient.so.3 to its own package as it now has a version != 0 (thanks to Raphael Pinson for reminding me). [ Monty Taylor ] * Remove 85_ndb__staticlib.dpatch since we have a libndbclient package now. * Add myself to the uploaders so that I don't get complaints about package signing. * Add libndbclient-dev package to go with libndbclient3. [ Norbert Tretkowski ] * Update patches: + 41_scripts__mysql_install_db.sh__no_test.dpatch * Drop patches: + 70_upstream_debian__configure.dpatch + 71_upstream_debian__Makefile.in.dpatch + 99_TEMP_minmax.dpatch * Remove Adam Conrad from uploaders on his request. Thanks for your work in the past! * Ignore errors in testsuite on amd64 and i386. -- Norbert Tretkowski Fri, 29 Feb 2008 10:38:27 +0100 mysql-dfsg-5.1 (5.1.22rc-1) experimental; urgency=low * New upstream version. * Let mysql-server-5.1 pre-depend on debconf as it uses it in the preinst. * Fixed mysql-client-5.1 menu entry for upcoming menu policy 1.4. -- Christian Hammers Tue, 02 Oct 2007 22:45:37 +0200 mysql-dfsg-5.1 (5.1.21beta-1) experimental; urgency=low * My "Greetings from FrOSCon!" release. * New upstream version. * libmysqlclient.so.15 has been superseded by libmysqlclient.so.16. * Renamed libmysqlclient15-dev to libmysqlclient-dev but added an empty package libmysqlclient15-dev to ease the transition for packages with a versioned build-dep to libmysqlclient15-dev which is something that currently does not work with "Provides:". * Synced with 5.0 branch up to subversion release r909. * Commented out most of the compile conditionals in the hope that all architectures can be build the same way. * Added a lot of new binaries and manpages. * Switched to plugin based engines. -- Christian Hammers Sat, 25 Aug 2007 14:24:40 +0200 mysql-dfsg-5.1 (5.1.19beta-1) experimental; urgency=low * New upstream release. -- Christian Hammers Mon, 11 Jun 2007 23:18:35 +0200 mysql-dfsg-5.1 (5.1.16beta-4) experimental; urgency=high * Merged with 5.0 r850: * SECURITY: In some previous versions mysql_install_db was not idempotent and did always create passwordless root accounts although it should only on initial installs (thanks to Olaf van der Spek). Closes: #418672 * Added check for passwordless root accounts to debian-start. * As MySQL-5.0 is, at least currently, incompatible with Kernel 2.4 the installation is aborted for such old kernels. Debian Etch does not support them anyway according to the release notes but this might be unexpected and many production servers still have self build ones installed (thanks to Marc-Christian Petersen). See: #416841 * Adjusted TeX build-deps to texlive. * Added innotop. * Changed maintainer email address to pkg-mysql-commits@lists.alioth.debian.org -- Christian Hammers Thu, 19 Apr 2007 19:29:29 +0200 mysql-dfsg-5.1 (5.1.16beta-3) experimental; urgency=low * Merged with 5.0 r837: * Activated the blackhole engine as it's needed for replicating partition designs (thanks to Cyril SCETBON). * Fixed segfault on i486 systems without cpuid instruction (thanks to Lennart Sorensen). Closes: #410474 * Only use of the non-essential debconf package in postrm if it is still installed (thanks to Michael Ablassmeier). Closes: #416838 -- Christian Hammers Sun, 18 Mar 2007 21:48:11 +0100 mysql-dfsg-5.1 (5.1.16beta-2) experimental; urgency=low * Merged with 5.0 r818: * Fixed FTBFS on Sparc introduced with the "make -j" trick in 5.0.32-8 (thanks to Frank Lichtenheld). Closes: #415026 -- Christian Hammers Sun, 18 Mar 2007 21:20:11 +0100 mysql-dfsg-5.1 (5.1.16beta-1) experimental; urgency=low * New upstream release. * SECURITY: Using an INFORMATION_SCHEMA table with ORDER BY in a subquery could cause a server crash (CVE-2007-1420). * Added temporary patch 90_TEMP_sqlparse-ifdef to avoid build problems. * Merged with 5.0 r809: * Updated mysqlreport to latest upstream (and patched --help usage message and "return if qcache_size==0"). * Merged with 5.0 r798: * Adapt MAKE_J to use the -j option with the number of available processors. (thanks to Raphael Pinson). * Merged with 5.0 r758: * Changed minimum required version in dh_makeshlibs to 5.0.27-1 as 5.0.26 had an ABI breakage in it! This is the cause for Perl programs crashing with the following error: Transactions not supported by database at /usr/lib/perl5/DBI.pm line 672 * Added some more comments to the default my.cnf. * Added support for /etc/mysql/conf.d/. * The debian-start script that runs on every server start now first upgrades the system tables (if neccessary) and then check them as it sometimes did not work the other way around (e.g. for MediaWiki). The script now uses mysql_update instead of mysql_update_script as recommended. See: 409780 -- Christian Hammers Fri, 2 Mar 2007 01:00:55 +0100 mysql-dfsg-5.1 (5.1.15beta-1) experimental; urgency=low * New upstream release. [Monty Taylor] * Removed patches/25_mysys__default.c - fixed upstream. * Removed patches/26_client__mysql_upgrade.c - fixed upstream. * Removed patches/29_scripts__mysqlbug.sh - fixed upstream. * Removed patches/39_scripts__mysqld_safe.sh__port_dir - fixed upstream. * Removed patches/42_scripts__mysqldumpslow__slowdir - fixed upstream. * Removed patches/45_warn-CLI-passwords - fixed upstream. * Removed patches/89_ndb__records.dpatch - fixed upstream. * Removed patches/86_ndbapi_tc_selection.dpatch - fixed upstream. [Christian Hammers] * Synced with 5.0.32-4. * mysql-server-5.0 pre-depends on adduser now and has --disabled-login explicitly added to be on the safe side (thanks to the puiparts team). Closes: #408362 * Corrections the terminology regarding NDB in the comments of all config files and init scripts (thanks to Geert Vanderkelen of MySQL). -- Christian Hammers Wed, 7 Feb 2007 11:34:52 -0200 mysql-dfsg-5.1 (5.1.14beta-2) experimental; urgency=low [Christian Hammers] * Readded 85_ndb__staticlib.dpatch with slight modifications. * Backported debian-start scripts from 5.0. [Monty Taylor] * Now build-depends on bison. * Updated to standards 3.7.2. * Removed references to comp_err. * build-depend on automake1.9 to match upstream * Merged runlevel changes from 5.0. * Added 26_client__mysql_upgrade.c.dpatch to fix a segfault in mysql_upgrade when using a password. It's been fixed upstream in 5.1.15. * Moved BDB check to sanity_checks() and added a note about deprecation. * Use my_print_defaults instead of mysqld --print-defaults * Changed NDB Data and Management node startup seqence. Prevented both from restarting on upgrade to address rolling upgrade issues. * Added a "start-initial" option to the Data Node init script to support initial node starts. * Added 86_ndbapi_tc_selection.dpatch to fix a bug that causes a segfault when using the NdbApi. http://bugs.mysql.com/bug.php?id=24914 Fixed in 5.1.15 * Added 89_ndb__records.dpatch to fix http://bugs.mysql.com/bug.php?id=25567, which causes a table scan per table per query. -- Christian Hammers Wed, 31 Jan 2007 01:17:35 +0100 mysql-dfsg-5.1 (5.1.14beta-1) experimental; urgency=low * New upstream. * Removed references to mysql_explain_log * Changed context for patch to mysqld_multi.1 * Removed 70_kfreebsd.dpatch - applied to upstream * Removed 87_ps_Hurd - applied to upstream * Replaced --without-readline to --with-libedit to configure options, as --without-readline doesn't seem to do the right thing anymore. -- Monty Taylor Wed, 10 Jan 2007 12:59:55 -0800 mysql-dfsg-5.1 (5.1.11beta-1) experimental; urgency=low * Starting new 5.1 branch! * FIXME: Following patch couldn't be applied: ## 85_ndb__staticlib.dpatch by * FIXME: Following patch couldn't be applied: ## 86_PATH_MAX.dpatch -- Christian Hammers Sat, 29 Jul 2006 11:35:42 +0200 mysql-dfsg-5.0 (5.0.84-1) unstable; urgency=low * New upstream release. * Update patches: + debian/patches/60_disabled_tests.dpatch -- Norbert Tretkowski Fri, 24 Jul 2009 18:05:11 +0200 mysql-dfsg-5.0 (5.0.83-1) unstable; urgency=low * New upstream release. * Update patches: + debian/patches/45_warn-CLI-passwords.dpatch (closes: #536548) + debian/patches/60_disabled_tests.dpatch -- Norbert Tretkowski Sat, 18 Jul 2009 08:18:53 +0200 mysql-dfsg-5.0 (5.0.81-1) unstable; urgency=low * New upstream release. * Remove patches: + debian/patches/63_update_ssl_certs.dpatch -- Norbert Tretkowski Mon, 04 May 2009 18:53:05 +0200 mysql-dfsg-5.0 (5.0.77-1) unstable; urgency=low * New upstream release. -- Norbert Tretkowski Tue, 17 Feb 2009 18:42:46 +0100 mysql-dfsg-5.0 (5.0.75-1) unstable; urgency=low * New upstream release. * Update patches: + debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch * Remove patches: + debian/patches/50_fix_agg_functions.dpatch -- Norbert Tretkowski Mon, 22 Dec 2008 11:01:38 +0100 mysql-dfsg-5.0 (5.0.67-3) unstable; urgency=low * Really apply patch from 5.0.74 to fix check for non-aggregated columns in queries. -- Norbert Tretkowski Tue, 16 Dec 2008 07:19:23 +0100 mysql-dfsg-5.0 (5.0.67-2) unstable; urgency=low * New patch from 5.0.74 to fix check for non-aggregated columns in queries. (closes: #505179, #505181) * Add patch from Dan Munckton: + Clearly indicate that we do not support running multiple instances of mysqld by duplicating the init script. (closes: #314785, #324834, #435165, #444216) + Properly parameterize all existing references to the mysql config file (/etc/mysql/my.cnf). * Really fix FTBFS if build twice in a row. (closes: #442684) -- Norbert Tretkowski Sun, 14 Dec 2008 10:12:30 +0100 mysql-dfsg-5.0 (5.0.67-1) unstable; urgency=low * New upstream release. * Update patches: + debian/patches/25_mysys__default.c.dpatch + debian/patches/80_fix_user_setup_on_localhost.dpatch * Remove patches: + debian/patches/50_fix_mysqldump.dpatch + debian/patches/51_incorrect-order.dpatch + debian/patches/52_ndb-gcc-4.2.dpatch + debian/patches/53_integer-gcc-4.2.dpatch + debian/patches/54_ssl-client-support.dpatch + debian/patches/55_testsuite-2008.dpatch + debian/patches/56_fix_order_by.dpatch + debian/patches/57_fix_mysql_replication.dpatch + debian/patches/58_disable-ndb-backup-print.dpatch + debian/patches/59_fix_relay_logs_corruption.dpatch + debian/patches/60_rpl_test_failure.dpatch + debian/patches/90_upstreamdebiandir.dpatch + debian/patches/91_SECURITY_CVE-2007-5925.dpatch + debian/patches/92_SECURITY_CVE-2008-2079.dpatch + debian/patches/93_SECURITY_CVE-2008-3963.dpatch * Fix FTBFS if build twice in a row. (closes: #442684) -- Norbert Tretkowski Sun, 02 Nov 2008 13:51:50 +0100 mysql-dfsg-5.0 (5.0.51a-24) testing-proposed-updates; urgency=low * Update SSL certificates, and re-enable SSL related tests when running the testsuite. -- Norbert Tretkowski Tue, 03 Feb 2009 15:40:47 +0100 mysql-dfsg-5.0 (5.0.51a-23) testing-proposed-updates; urgency=medium * Reset debconf password variable root_password_again immediately after using it. (closes: #513262) * Disable SSL related tests when running the testsuite until MySQL bug #42366 gets fixed. -- Norbert Tretkowski Thu, 29 Jan 2009 14:07:32 +0100 mysql-dfsg-5.0 (5.0.51a-22) testing-proposed-updates; urgency=low * New patch 10_mysql_secure_installation.dpatch to fix failure on passwords which need quoting. (closes: #511929) * New patch 62_delete_with_self-join.dpatch from 5.0.54 to fix MyISAM storage engine error (134) doing delete with self-join. (closes: #512651) -- Norbert Tretkowski Sun, 25 Jan 2009 10:02:35 +0100 mysql-dfsg-5.0 (5.0.51a-21) testing-proposed-updates; urgency=low * Ask for MySQL root password at high priority, because otherwise all default installations will miss this question, thanks to Thijs Kinkhorst for the patch. (closes: #510875) * Do not fail checking tables when using sql-mode ansi-quotes, thanks to Renato Alves for the patch. (closes: #507049) -- Norbert Tretkowski Fri, 09 Jan 2009 10:24:23 +0100 mysql-dfsg-5.0 (5.0.51a-20) testing-proposed-updates; urgency=low * New patch 60_fix_leap_seconds.dpatch from 5.0.74 to return leap second values with a time part that ends with :59:59. (closes: #510177) -- Norbert Tretkowski Tue, 30 Dec 2008 10:32:46 +0100 mysql-dfsg-5.0 (5.0.51a-19) testing-proposed-updates; urgency=low * New patch 50_fix_mysqldump2.dpatch from 5.0.60 to fix dumping databases from mysql 4.0 server. (closes: #507789) * Do not create a guest account during bootstrap. (closes: #463704) -- Norbert Tretkowski Thu, 04 Dec 2008 23:07:19 +0100 mysql-dfsg-5.0 (5.0.51a-18) testing-proposed-updates; urgency=high * SECURITY: Fix for CVE-2008-4098: Inadequate validation of paths used in DATA DIRECTORY and INDEX DIRECTORY clauses of CREATE TABLE statements enabled attackers to write to tables in other databases to which they could not ordinarily have access. -- Devin Carraway Tue, 25 Nov 2008 05:38:45 +0000 mysql-dfsg-5.0 (5.0.51a-17) testing-proposed-updates; urgency=low * Don't use commented out passwords from debian.cnf. (closes: #453820) * Update watch file to recognize releases > 5.0.45. -- Norbert Tretkowski Sun, 02 Nov 2008 13:31:32 +0100 mysql-dfsg-5.0 (5.0.51a-16) unstable; urgency=low * New patch 60_rpl_test_failure.dpatch from 5.0.54 to fix a race condition with the rpl_packet test in some cases. (closes: #501413) -- Norbert Tretkowski Thu, 09 Oct 2008 08:50:43 +0200 mysql-dfsg-5.0 (5.0.51a-15) unstable; urgency=high * SECURITY: Fix for CVE-2008-3963: An empty bit-string literal (b'') caused a server crash. Now the value is parsed as an empty bit value (which is treated as an empty string in string context or 0 in numeric context). (closes: #498362) -- Norbert Tretkowski Sun, 14 Sep 2008 18:27:46 +0200 mysql-dfsg-5.0 (5.0.51a-14) unstable; urgency=low * Update debconf translations: - Swedish, from Martin Bagge. (closes: #491688) - Netherlands, from Thijs Kinkhorst. (closes: #492723) -- Norbert Tretkowski Sun, 07 Sep 2008 20:18:31 +0200 mysql-dfsg-5.0 (5.0.51a-13) unstable; urgency=medium * New patch 59_fix_relay_logs_corruption.dpatch from 5.0.56 to fix corruption in relay logs. (closes: #463515) -- Norbert Tretkowski Wed, 03 Sep 2008 09:13:46 +0200 mysql-dfsg-5.0 (5.0.51a-12) unstable; urgency=low * Disable rpl_ndb_innodb_trans test when running the testsuite, fails randomly on i386. (closes: #494238) -- Norbert Tretkowski Sat, 09 Aug 2008 15:56:45 +0200 mysql-dfsg-5.0 (5.0.51a-11) unstable; urgency=low * Disable innodb_handler test when running the testsuite, fails randomly on s390. (closes: #491363) -- Norbert Tretkowski Wed, 23 Jul 2008 08:34:51 +0200 mysql-dfsg-5.0 (5.0.51a-10) unstable; urgency=high * Merge testing-security upload to finally fix CVE-2008-2079, thanks to Devin Carraway and Steffen Joeris. (closes: #480292) * New patch 58_disable-ndb-backup-print.dpatch from 5.0.54 to disable ndb_backup_print, ndb_alter_table and ndb_replace tests when running the testsuite. (closes: #474893) * Reenable error handling in testsuite on i386, disabling it was just a workaround for the problem which is now fixed with the above patch. * Update debconf translations: - Vietnamese, from Clytie Siddall. (closes: #486443) - Spanish, from Javier Fernández-Sanguino Peña. (closes: #488740) - Slovak, from helix84. (closes: #489266) * Make lintian happy: - Fix build-dependency on -1 revision. - Fix deprecated chown usage. - Fix spelling error in description. -- Norbert Tretkowski Tue, 15 Jul 2008 19:37:35 +0200 mysql-dfsg-5.0 (5.0.51a-9+lenny2) testing-security; urgency=high * Non-maintainer upload by the security team. * Correct error number in symlink.test to avoid FTBFS on some archs. -- Steffen Joeris Sun, 13 Jul 2008 11:44:57 +0000 mysql-dfsg-5.0 (5.0.51a-9+lenny1) testing-security; urgency=high * Non-maintainer upload by the security team. * Correct and expand 92_SECURITY_CVE-2008-2079.dpatch to cover all symlinks and check the output of fn_format(). (closes: #480292) Fixes: CVE-2008-2079 -- Steffen Joeris Sat, 12 Jul 2008 05:30:39 +0000 mysql-dfsg-5.0 (5.0.51a-9) unstable; urgency=low * Ignore errors in testsuite on i386. (workaround for #474893) -- Norbert Tretkowski Wed, 25 Jun 2008 15:07:03 +0200 mysql-dfsg-5.0 (5.0.51a-8) unstable; urgency=low * New patch 80_fix_user_setup_on_localhost.dpatch from Daniel Hahler to fix a duplicate key error when install MySQL server on a host with hostname localhost. (closes: #478319) * Really fix build on non-linux systems, this time without producing a build error on some architectures. (closes: #485971) * Update debconf translations: - French, from Christian Perrier. (closes: #478553) - German, from Alwin Meschede. (closes: #478672) - Italian, from Luca Monducci. (closes: #479363) - Czech, from Miroslav Kure. (closes: #480924) - Galician, from Jacobo Tarrio. (closes: #480965) - Basque, from Piarres Beobide. (closes: #481840) - Swedish, from Martin Bagge. (closes: #482466, #486307) - Turkish, from Mert Dirik. (closes: #484704) - Russian, from Yuri Kozlov. (closes: #486149) - Finnish, from Esko Arajärvi. (closes: #486554) - Portuguese, from Miguel Figueiredo. (closes: #486709) - Romanian, from Eddy Petrișor. (closes: #486944) - Japanese, from Hideki Yamane. (closes: #487270) -- Norbert Tretkowski Sat, 21 Jun 2008 19:20:48 +0200 mysql-dfsg-5.0 (5.0.51a-7) unstable; urgency=high [ Norbert Tretkowski ] * SECURITY: Fix for CVE-2008-2079: It was possible to circumvent privileges through the creation of MyISAM tables employing the DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the MySQL data directory. Use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY is now disallowed. Patch from openSUSE 11.0, thanks to Michal Marek. (closes: #480292) * Fix build on non-linux systems, like hurd-i386. (closes: #480362) * Include symlinks for mysqlcheck. (closes: #480647) [ Monty Taylor ] * Remove ndb_cpcd, as it is only for the NDB test suite and not useful as a public program. * Fix debian-start.inc.sh for table names with characters needing quotes. Thanks Felix Rublack! (closes: #480525, #481154, #481303, #484012) * Delete mysql-common.README.Debian. Nothing in it was relevant, and the useful information is in mysql-server anyway. (closes: #480940) * Remove a spurious HOME= in logrotate script. -- Norbert Tretkowski Thu, 05 Jun 2008 11:49:45 +0200 mysql-dfsg-5.0 (5.0.51a-6) unstable; urgency=low * Fix debian-start.inc.sh to not print the row counts of the tables queried. (closes: #478256, #479697) -- Monty Taylor Wed, 14 May 2008 00:47:46 -0700 mysql-dfsg-5.0 (5.0.51a-5) unstable; urgency=medium * New patch 57_fix_mysql_replication.dpatch from 5.0.54 to fix directory for relay logs when using replication. -- Norbert Tretkowski Sun, 27 Apr 2008 13:55:04 +0200 mysql-dfsg-5.0 (5.0.51a-4) unstable; urgency=low [ Monty Taylor ] * Remove build of ndb docs, since they are not installed. Removed build deps on TeX and doxygen since that's all they were there for. * Replace script in check_for_crashed_tables with a myisam-recover option and a script to trigger a check of those tables. (thanks HarrisonF and kolbe) * Replace direct calls to test suite with calls to the make targets used by the MySQL build and qa teams for releases. * Add --skip-ndbcluster to the postinst bootstrap command. It's really a workaround for a bug in 5.1, but it's probably a good idea anyway since we certainly don't need cluster to spin up, and if people have enabled cluster in their my.cnf file, there could be postinst issues if cluster isn't running. * Remove reference to configure options that no longer exist. * Add myself to uploaders. [ Norbert Tretkowski ] * New patch 56_fix_order_by.dpatch from Ubuntu to fix ORDER BY not working with GROUP BY. (closes: #471737) * Add note about filename extensions in the /etc/mysql/conf.d/ directory in my.cnf. (closes: #461759) * Confirm password on install, patch from Nicolas Valcárcel. (closes: #471887) * Remove Adam Conrad from uploaders on his request. Thanks for your work in the past! * Use lsb_release to detect distribution. -- Norbert Tretkowski Sat, 05 Apr 2008 21:51:43 +0200 mysql-dfsg-5.0 (5.0.51a-3) unstable; urgency=low * Disable patch 60_raise-max-keylength.dpatch in default build, but still ship it in the source package. -- Norbert Tretkowski Sun, 17 Feb 2008 18:54:42 +0100 mysql-dfsg-5.0 (5.0.51a-2) unstable; urgency=low * Replace 54_ssl-client-support.dpatch added in 5.0.51-2 with patch from upstream. * Ignore errors in testsuite on powerpc. -- Norbert Tretkowski Sun, 17 Feb 2008 12:42:58 +0100 mysql-dfsg-5.0 (5.0.51a-1) unstable; urgency=low [ Norbert Tretkowski ] * New upstream security hotfix release. Low priority upload anyway because 5.0.51-3 already contained all security fixes. * Remove patches: + debian/patches/51_mysqlcheck-result.dpatch + debian/patches/92_SECURITY_CVE-2007-6303.dpatch + debian/patches/93_SECURITY_CVE-2007-6304.dpatch + debian/patches/94_SECURITY_CVE-2008-0226+0227.dpatch * Add recommendation on libhtml-template-perl to -server package, used by ndb_size. (closes: #462265) * New patch 60_raise-max-keylength.dpatch to raise the maximum key length to 4005 bytes or 1335 UTF-8 characters. (closes: #463137) * New patch 51_sort-order.dpatch from 5.0.52 to fix incorrect order when using range conditions on 2 tables or more. * Support DEB_BUILD_OPTIONS option 'nocheck' to skip tests. * Update mysqlreport to 3.4a release. [ Luk Claes ] * Updated Japanese debconf translation. (closes: #462158) -- Norbert Tretkowski Wed, 06 Feb 2008 11:57:45 +0100 mysql-dfsg-5.0 (5.0.51-3) unstable; urgency=high * SECURITY: Fix for CVE-2008-0226 and CVE-2008-0227: Three vulnerabilities in yaSSL versions 1.7.5 and earlier were discovered that could lead to a server crash or execution of unauthorized code. The exploit requires a server with yaSSL enabled and TCP/IP connections enabled, but does not require valid MySQL account credentials. The exploit does not apply to OpenSSL. (closes: #460873) * Fix LSB header in init scripts (patch from Petter Reinholdtsen). (closes: #458798) * Run testsuite on all archs, but ignore errors on alpha, arm, armel, hppa, mipsel and sparc. (closes: #460402) -- Norbert Tretkowski Wed, 23 Jan 2008 11:37:11 +0100 mysql-dfsg-5.0 (5.0.51-2) unstable; urgency=low [ Monty Taylor ] * Added --with-system-type to set the version_compile_os field. * Cleaned up some lintian warnings. * Removed 43_scripts__mysql_update__password.dpatch since we don't use mysql_upgrade_shell anymore and use mysql_upgrade instead. * Removed 88_mctype_attrib.dpatch, http://bugs.mysql.com/bug.php?id=25118 is closed with http://lists.mysql.com/commits/24337 * Added mysql-community/mysql-enterprise virtual packages in provides and conflicts to ease transitions between versions. [ Norbert Tretkowski ] * Add -fPIC to CFLAGS to allow other packages to be built against libmysqld.a on amd64. (closes: #457915) * New patch 55_testsuite-2008.dpatch to fix FTBFS in testsuite. (closes: #458695) * New patch 54_ssl-client-support.dpatch to fix SSL client support. * Don't run testsuite on alpha, arm, hppa, mipsel and sparc. -- Norbert Tretkowski Wed, 02 Jan 2008 18:40:04 +0100 mysql-dfsg-5.0 (5.0.51-1) unstable; urgency=low * New upstream release. + Fix a crash in mysql_client_test due to gcc 4.x optimizations. (closes: #452558) * Update patches: + debian/patches/41_scripts__mysql_install_db.sh__no_test.dpatch + debian/patches/89_ndb__staticlib.dpatch * Run testsuite after build. * Re-add manpages, they are licensed under GPL now and redistribution is permitted. * Drop linux-libc-dev build-dependency, it's now being pulled by libc-dev which is build-essential. (closes: #431018) * Remove old optimizations for MySQL 3.23.x, they are no longer required. (closes: #436552) * Don't fail when upgrading mysql-common if $datadir is empty or not defined (patch from Edward Allcutt). (closes: #453127) * New patch from 5.0.52 to fix mysqldump because 'null' is shown as type of fields for view with bad definer. (closes: #454227) * New patch from 5.0.52 to fix mysqlcheck test result. * New patch from 5.0.52 to fix wrong optimization in ndb code when building with gcc 4.2.x. * New patch from 5.0.54 to fix wrong number output due to integer overflow when building with gcc 4.2.x. * New Finnish debconf translation from Esko Arajärvi. (closes: #448776) * Update Basque debconf translation from Aitor Ibañez. (closes: #456193) * Add Vcs-* and Homepage fields to source stanza in control file. * Update mysqlreport to 3.2 release. * Let mysql-server-5.0 pre-depend on debconf, because it's preinst is using it. * Drop menu item for innotop. -- Norbert Tretkowski Fri, 14 Dec 2007 09:59:36 +0100 mysql-dfsg-5.0 (5.0.45-5) unstable; urgency=high * SECURITY: Fix for CVE-2007-6303: ALTER VIEW retained the original DEFINER value, even when altered by another user, which could allow that user to gain the access rights of the view. Now ALTER VIEW is allowed only to the original definer or users with the SUPER privilege. (closes: #455737) * SECURITY: Fix for CVE-2007-6304: When using a FEDERATED table, the local server can be forced to crash if the remote server returns a result with fewer columns than expected. -- Norbert Tretkowski Wed, 12 Dec 2007 20:23:43 +0100 mysql-dfsg-5.0 (5.0.45-4) unstable; urgency=high * SECURITY: Fix for CVE-2007-5969: Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information by replacing the file to which the symlink points. (closes: #455010) -- Norbert Tretkowski Sun, 09 Dec 2007 12:29:54 +0100 mysql-dfsg-5.0 (5.0.45-3) unstable; urgency=high * SECURITY: Fix for CVE-2007-5925: The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. (closes: #451235) -- Norbert Tretkowski Thu, 15 Nov 2007 18:40:11 +0100 mysql-dfsg-5.0 (5.0.45-2) unstable; urgency=low * Package is now team-maintained. (closes: #421026) [ Sean Finney ] * New/updated debconf translations: - Spanish, from Javier Fernández-Sanguino Peña (closes: #426442). - German, from Alwin Meschede (closes: #426545). - Danish, from Claus Hindsgaul (closes: #426783). - French, from Christian Perrier (closes: #430944). * Add Recommends on libterm-readkey-perl for mysql-client-5.0 package, used by mysqlreport add-on to mask password entry (closes: #438375). [ Norbert Tretkowski ] * Add myself to uploaders. * Suggest usage of an update statement on the user table to change the mysql root user password instead using mysqladmin, to catch all root users from all hosts. (closes: #435744) * Remove informations about a crash in the server during flush-logs when having expire_logs_days enabled but log-bin not, this bug was fixed in 5.0.32 already. (closes: #368547) * Disable log_bin option in default config file and add a note to the NEWS file. (closes: #349661) * Fix FTBFS if build twice in a row. (closes: #442684) * Remove check for buggy options from init script. * Update innotop to 1.6.0 release. * Add mysqlreport and innotop to mysql-client description. * Use shorter server version string. -- Norbert Tretkowski Wed, 14 Nov 2007 20:00:06 +0100 mysql-dfsg-5.0 (5.0.45-1) unstable; urgency=low * New upstream release. [sean finney] * removed patches that are incorporated into the latest release: - 70_cpuid_on_i486.dpatch - 91_SECURITY_CVE-2007-2691_alter-drop * new patch 90_upstreamdebiandir.dpatch to keep a few lingering references to the upstream ./debian dir out of the build, at least until we find a nice way to collaborate on sharing the directory. * updated CRUFT list to fix double-build breakage (closes: #424590). * add conditional build-deps for linux-libc-dev to fix FTBFS for non-linux arch's (closes: #431018). * added notes to my.cnf and README.Debian about setting tmpdir when configuring a replication slave. thanks to Rudy Gevaert for pointing this out (closes: #431825). -- sean finney Tue, 17 Jul 2007 23:50:33 +0200 mysql-dfsg-5.0 (5.0.41a-1) unstable; urgency=high [sean finney] * SECURITY: Fix for CVE-2007-2691: DROP/RENAME TABLE statements (closes: #424778). [Christian Hammers] * Removed all manpages from the source (therefore the "41a") as they are not licensed under the GPL and redistribution is not permitted (thanks to Mathias Gug). Closes: #430018 * Added linux-libc-dev to the build-depends as else an illegal dependency to asm/atomic.h is generated in /usr/include/mysql/my_global.h. Closes: 424276 [Christian Perrier] * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #419974 * Debconf translation updates: - French. Closes: #422187 - Galician. Closes: #420118 - Italian. Closes: #421349 - Brazilian Portuguese. Closes: #421516 - Arabic. Closes: #421751 - Czech. Closes: #421766 - Portuguese. Closes: #422428 -- Christian Hammers Sun, 24 Jun 2007 21:12:42 +0200 mysql-dfsg-5.0 (5.0.41-2) unstable; urgency=low * the previous "translation changes" inadvertently introduced unrelated changes in the package control file. -- sean finney Sun, 13 May 2007 12:32:45 +0200 mysql-dfsg-5.0 (5.0.41-1) unstable; urgency=low * New upstream release [sean finney] * Bump the priority of the debconf prompt for the root password to high, to ensure the question shows up in a default installation (closes: #418672). * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #419974 * Debconf translation updates: - French. Closes: #422187 - Galician. Closes: #420118 - Italian. Closes: #421349 - Brazilian Portuguese. Closes: #421516 - Arabic. Closes: #421751 - Czech. Closes: #421766 - Portuguese. Closes: #422428 * massaged the local PATH_MAX patch. * removed temp sql parsing patch which has been incorporated upstream * upstream no longer includes the mysql_create_system_tables command, so removed our local patches for it. * the following issues may have been fixed in a previous version of mysql-server-5.0, but the exact version is not clear so they will be marked as fixed in this version. * lots of NDB-related fixes, including those related to problems with AUTO_INCREMENT (closes: #310878). * fix for "connections remaining in sleep state" (closes: #318011). * fix for "denies queries randomly" (closes: #399602). * problems indexing on char() binary fields were ISAM specific, which is no longer supported (closes: #326698). * fix for problems with "complicated joins" (closes: 348682). * fix for problems with "flushing logs, server crash" (closes: #348682). * fix for AUTO_INCREMENT and duplicate keys (closes: #416145). * fix for "DROP FUNCTIONS doesn't work" (closes: #290670). -- sean finney Sat, 12 May 2007 12:10:20 +0200 mysql-dfsg-5.0 (5.0.38-3) unstable; urgency=low * Added innotop. * Changed maintainer email address to pkg-mysql-commits@lists.alioth.debian.org -- Christian Hammers Thu, 19 Apr 2007 19:21:15 +0200 mysql-dfsg-5.0 (5.0.38-2) unstable; urgency=high * SECURITY: In some previous versions mysql_install_db was not idempotent and did always create passwordless root accounts although it should only on initial installs (thanks to Olaf van der Spek). Closes: #418672 * Added check for passwordless root accounts to debian-start. * As MySQL-5.0 is, at least currently, incompatible with Kernel 2.4 the installation is aborted for such old kernels. Debian Etch does not support them anyway according to the release notes but this might be unexpected and many production servers still have self build ones installed (thanks to Marc-Christian Petersen). See: #416841 * Adjusted TeX build-deps to texlive. -- Christian Hammers Tue, 17 Apr 2007 01:00:41 +0200 mysql-dfsg-5.0 (5.0.38-1) unstable; urgency=low * New upstream release. * Activated the blackhole engine as it's needed for replicating partition designs (thanks to Cyril SCETBON). * Fixed segfault on i486 systems without cpuid instruction (thanks to Lennart Sorensen). Closes: #410474 * Only use of the non-essential debconf package in postrm if it is still installed (thanks to Michael Ablassmeier). Closes: #416838 -- Christian Hammers Thu, 5 Apr 2007 22:43:41 +0200 mysql-dfsg-5.0 (5.0.36-1) unstable; urgency=low * New upstream release. Closes: #400460, #408159, #408533 -- Christian Hammers Thu, 22 Mar 2007 22:16:31 +0100 mysql-dfsg-5.0 (5.0.32-10) unstable; urgency=high * Really fixed FTBFS on Sparc introduced with the "make -j" trick in 5.0.32-8 (thanks to Frank Lichtenheld). Closes: #415026 -- Christian Hammers Sun, 18 Mar 2007 20:52:33 +0100 mysql-dfsg-5.0 (5.0.32-9) unstable; urgency=high * Fixed FTBFS on Sparc introduced with the "make -j" trick in 5.0.32-8 (thanks to Frank Lichtenheld). Closes: #415026 -- Christian Hammers Tue, 15 Mar 2007 18:55:42 +0100 mysql-dfsg-5.0 (5.0.32-8) unstable; urgency=high [Sean Finney] * SECURITY: - CVE-2007-1420: Single Row Subselect DoS. Specially crafted subselect queries could crash the mysql server. Patch backported from upstream changeset 19685 (46_CVE-2007-1420_subselect_dos.dpatch) closes: #414790. [Christian Hammers] * Adapt MAKE_J to use the -j option with the number of available processors. (thanks to Raphael Pinson). * Updated mysqlreport to latest upstream (and patched --help usage message and "return if qcache_size==0"). -- sean finney Wed, 14 Mar 2007 20:19:08 +0100 mysql-dfsg-5.0 (5.0.32-7) unstable; urgency=low * Updated French Debconf translation (thanks to Christian Perrier). Closes: #411330 * Updated Danish Debconf translation (thanks to Claus Hindsgaul). Closes: #411328 * Updated Portuguese Debconf translation (thanks to "Traduz"). Closes: #411339 * Updated Czech Debconf translation (thanks to Miroslav Kure). Closes: #411341 * Added Norwegian Debconf translation (thanks to Bjorn Steensrud). Closes: #411345 * Updated Spanish Debconf translation (thanks to Javier Fernandez-Sanguino Pena). Closes: #411347 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #411368 * Updated Swedish Debconf translation (thanks to Andreas Henriksson). Closes: #411370 * Updated Italian Debconf translation (thanks to Luca Monducci). Closes: #411377 * Updated Galician Debconf translation (thanks to Jacobo Tarrio). Closes: #411379 * Updated Russian Debconf translation (thanks to Yuriy Talakan). Closes: #411442 * Updated Basque Debconf translation (thanks to Piarres Beobide). Closes: #411457 * Updated German Debconf translation (thanks to Alwin Meschede). Closes: #411480 * Updated Dutch Debconf translation (thanks to Thijs Kinkhorst). * Updated Brazilian Portuguese translation (thanks to Andre Luis Lopes). Closes: #411536 * Updated Romanian Debconf translation (thanks to Stan Ioan-Eugen). Closes: #411764 -- Christian Hammers Fri, 16 Feb 2007 23:20:42 +0100 mysql-dfsg-5.0 (5.0.32-6) unstable; urgency=low * Changed wording in Debconf templates to better fit to the graphical interface (thanks to Frank Kuester). Closes: #411165 * Lintian suggested style changes to some other Debconf questions. * Removed accidently stdout output from init script. -- Christian Hammers Fri, 16 Feb 2007 20:29:18 +0100 mysql-dfsg-5.0 (5.0.32-5) unstable; urgency=medium * Backported upstream patch for a bug that crashed the server when using certain join/group/limit combinations. Users of the Joomla CMS seemed to be affected by this. Closes: #403721 * The debian-start script that runs on every server start now first upgrades the system tables (if neccessary) and then check them as it sometimes did not work the other way around (e.g. for MediaWiki). The script now uses mysql_update instead of mysql_update_script as recommended. Closes: 409780 * Remove the Debconf generated config file in postrm. -- Christian Hammers Thu, 15 Feb 2007 04:47:04 +0100 mysql-dfsg-5.0 (5.0.32-4) unstable; urgency=high [Christian Hammers] * Changed minimum required version in dh_makeshlibs to 5.0.27-1 as 5.0.26 had an ABI breakage in it! This is the cause for Perl programs crashing with the following error: "Transactions not supported by database at /usr/lib/perl5/DBI.pm line 672" * The old_passwords setting that is set according to a Debconf question is now written to /etc/mysql/conf.d/old_passwords.cnf instead directly to the conffile /etc/mysql/my.cnf which would be fobidden by policy (thanks to Robert Bihlmeyer). Closes: #409750 * Added some more comments to the default my.cnf. [Monty Taylor] * Added bison to build dependencies. * Added a "start-initial" option to the Data Node init script to support initial node starts. * Changed NDB Data and Management node startup seqence. Prevented both from restarting on upgrade to address rolling upgrade issues. * Updated build-depends to depend on automake1.9 instead of automake1.8 to match what upstream uses. -- Christian Hammers Wed, 31 Jan 2007 01:14:09 +0100 mysql-dfsg-5.0 (5.0.32-3) unstable; urgency=high * mysql-server-5.0 pre-depends on adduser now and has --disabled-login explicitly added to be on the safe side (thanks to the puiparts team). Closes: #408362 * Corrections the terminology regarding NDB in the comments of all config files and init scripts (thanks to Geert Vanderkelen of MySQL). * Updated Swedish Debconf translation (thanks to Andreas Henriksson). Closes: #407859 * Updated Czech Debconf translation (thanks to Miroslav Kure). Closes: #407809 -- Christian Hammers Thu, 11 Jan 2007 11:18:47 +0100 mysql-dfsg-5.0 (5.0.32-2) unstable; urgency=high * The last upload suffered from a regression that made NDB totally unusable and caused a dependency to libmysqlclient15-dev in the mysql-server-5.0 package. The relevant 85_* patch was re-added again. Closes: #406435 * Added lintian-overrides for an error that does not affect our packages. There are now only warnings and not errors left. -- Christian Hammers Tue, 9 Jan 2007 23:55:10 +0100 mysql-dfsg-5.0 (5.0.32-1) unstable; urgency=high * New upstream version. * SECURITY: mysql_fix_privilege_tables.sql altered the table_privs.table_priv column to contain too few privileges, causing loss of the CREATE VIEW and SHOW VIEW privileges. (MySQL Bug#20589) * SECURITY (DoS): ALTER TABLE statements that performed both RENAME TO and {ENABLE|DISABLE} KEYS operations caused a server crash. (MySQL Bug#24089) * SECURITY (DoS): LAST_DAY('0000-00-00') could cause a server crash. (MySQL Bug#23653) * SECURITY (DoS): Using EXPLAIN caused a server crash for queries that selected from INFORMATION_SCHEMA in a subquery in the FROM clause. (MySQL Bug#22413) * SECURITY (DoS): Invalidating the query cache (e.g. when using stored procedures) caused a server crash for INSERT INTO ... SELECT statements that selected from a view. (MySQL Bug#20045) * Using mysql_upgrade with a password crashed the server. Closes: #406229 * yaSSL crashed on pre-Pentium Intel and Cyrix CPUs. (MySQL Bug#21765) Closes: #383759 * Lots of small fixes to the NDB cluster storage engine. * Updated Japanese Debconf template (thanks to Hideki Yamane). Closes: #405793 * Fixed comment regarding "mycheck" in debian-start (thanks to Enrico Zini). Closes: #405787 -- Christian Hammers Sat, 6 Jan 2007 14:26:20 +0100 mysql-dfsg-5.0 (5.0.30-3) unstable; urgency=low * Updated Brazilian Debconf translation (thanks to Andre Luis Lopes). Closes: #403821 * Added Romanian Debconf translation (thanks to Stan Ioan-Eugen). Closes: #403943 * Updated Spanish Debconf translation (thanks to Javier Fernandez-Sanguino Pena). Closes: #404084 * Updated Galician Debconf translation (thanks to Jacobo Tarrio). Closes: #404318 * Updated Dutch Debconf translation (thanks to Vincent Zweije). Closes: #404566 * Updated Danish Debconf translation (thanks to Claus Hindsgaul). Closes: #405018 -- Christian Hammers Thu, 21 Dec 2006 21:35:09 +0100 mysql-dfsg-5.0 (5.0.30-2) unstable; urgency=high * Fixed upstream regression in header files that lead to FTBFS for mysql-admin, mysql-query-browser and probably other pacakges. (thanks to Andreas Henriksson). Closes: #403081, #403082 * Fixed some upstream scripts by replacing /etc by /etc/mysql (thanks to Julien Antony). Closes: #401083 * Updated French Debconf translation (thanks to Christian Perrier). Closes: #401434 * Added Spanish Debconf translation (thanks to Javier Fernandez-Sanguino Pena). Closes: #401953 * Marked a Debconf question that is just a dummy and only internally used as not-needing-translation. Closes: #403163 * Fixed mysqlslowdump patch to not remove the usage() function (thanks to Monty Tailor). -- Christian Hammers Sun, 3 Dec 2006 19:20:10 +0100 mysql-dfsg-5.0 (5.0.30-1) unstable; urgency=low * New upstream version (switch to the MySQL Enterprise branch). * Upstream bugfix for the Innodb performance bug: "Very poor performance with multiple queries running concurrently (Bug#15815)". * Upstream bugfix for a possible server crash: "Selecting from a MERGE table could result in a server crash if the underlying tables had fewer indexes than the MERGE table itself (Bug#22937)" * Upstream bugfies for *lot* of NDB problems. * Upstream bugfix for Innodb optimizer bug. Closes: #397597 * Updated Italian Debconf translation (thanks to Luca Monducci). Closes: #401305 * Updated debian/watch file to MySQL Enterprise branch. -- Christian Hammers Sat, 2 Dec 2006 16:36:38 +0100 mysql-dfsg-5.0 (5.0.27-2) unstable; urgency=medium * Disabled YaSSL x86 assembler as it was reported to crash applications like pam-mysql or proftpd-mysql which are linked against libmysqlclient on i486 and Cyrix (i586) CPUs. Closes: #385147 * Adjusted mysql-server-4.1 priority to extra and section to oldlibs according to the ftp masters overrides. * Updated German Debconf translation (thanks to Alwin Meschede). Closes: #400809 -- Christian Hammers Wed, 22 Nov 2006 13:36:31 +0100 mysql-dfsg-5.0 (5.0.27-1) unstable; urgency=medium * New upstream version (but no codechange, the only difference to 5.0.26 was a patch to the ABI change which Debian already included. * When dist-upgrading from mysql-server-4.1/sarge dpkg does not longer ask unnecessary "config file has changed" questions regarding /etc/init.d/mysql, /etc/logrotate.d/mysql-server and /etc/mysql/debian-start just because these files previously belonged to mysql-server-4.1 and not to mysql-server-5.0. To archive this mysql-server-5.0 now pre-depends on mysql-common which provides current versions of those files. * The automatic run mysql_upgrade now works with non-standard datadir settings, too (thanks to Benjami Villoslada). Closes: #394607 * Debconf now asks if the old_passwords option is really needed. * Improved explanations of the old_passwords variable in my.cnf. * Removed possibly leftover cron script from MySQL-4.1 (thanks to Mario Oyorzabal Salgado). Closes: #390889 * Postrm ignores failed "userdel mysql". * Updated Danish Debconf translation (thanks to Claus Hindsgaul). Closes: #398784 * Added Euskarian Debconf translation (thanks to Piarres Beobide). Closes: #399045 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #399074 * Updated German Debconf translation (thanks to Alwin Meschede). Closes: #399087 * New Portuguese debconf translations from Miguel Figueiredo. Closes: #398186 -- Christian Hammers Tue, 7 Nov 2006 21:26:25 +0100 mysql-dfsg-5.0 (5.0.26-3) unstable; urgency=high [sean finney] * Fix for the deadly ISAM trap. Now during upgrades we will do our very best to convert pre-existing ISAM format tables using the binaries from the previous package. Success is not guaranteed, but this is probably as good as it gets. Note that this also necessitates re-introducing an (empty transitional) mysql-server-4.1 package. Closes: #354544, #354850 * Remove a couple spurious and wrongly placed WARNING statements from 45_warn-CLI-passwords.dpatch. thanks to Dan Jacobsen for pointing these out. Closes: #394262 -- sean finney Fri, 03 Nov 2006 18:34:46 +0100 mysql-dfsg-5.0 (5.0.26-2) unstable; urgency=high * Fixed FTBFS for Alpha by applying an upstream patch (thanks to Falk Hueffner). Closes: #395921 -- Christian Hammers Sat, 28 Oct 2006 20:13:46 +0200 mysql-dfsg-5.0 (5.0.26-1) unstable; urgency=high * SECURITY: This combined release of 5.0.25 and 5.0.26 fixes lot of possible server crashs so it should get into Etch. Quoting the changelog (bug numbers are bugs.mysql.com ones): - character_set_results can be NULL to signify no conversion, but some code did not check for NULL, resulting in a server crash. (Bug#21913) - Using cursors with READ COMMITTED isolation level could cause InnoDB to crash. (Bug#19834) - Some prepared statements caused a server crash when executed a second time. (Bug#21166) - When DROP DATABASE or SHOW OPEN TABLES was issued while concurrently issuing DROP TABLE (or RENAME TABLE, CREATE TABLE LIKE or any other statement that required a name lock) in another connection, the server crashed. (Bug#21216) - Use of zero-length variable names caused a server crash. (Bug#20908) - For InnoDB tables, the server could crash when executing NOT IN () subqueries. (Bug#21077) - Repeated DROP TABLE statements in a stored procedure could sometimes cause the server to crash. (Bug#19399) - Performing an INSERT on a view that was defined using a SELECT that specified a collation and a column alias caused the server to crash (Bug#21086). - A query of the form shown here caused the server to crash. (Bug#21007) - NDB Cluster: Some queries involving joins on very large NDB tables could crash the MySQL server. (Bug#21059) - The character set was not being properly initialized for CAST() with a type like CHAR(2) BINARY, which resulted in incorrect results or even a server crash. (Bug#17903) - For certain queries, the server incorrectly resolved a reference to an aggregate function and crashed. (Bug#20868) - The server crashed when using the range access method to execut a subquery with a ORDER BY DESC clause. (Bug#20869) - Triggers on tables in the mysql database caused a server crash. Triggers for tables in this database now are disallowed. (Bug#18361) - Using SELECT on a corrupt MyISAM table using the dynamic record format could cause a server crash. (Bug#19835) - Use of MIN() or MAX() with GROUP BY on a ucs2 column could cause a server crash. (Bug#20076) - Selecting from a MERGE table could result in a server crash if the underlying tables had fewer indexes than the MERGE table itself. (Bug#21617, Bug#22937) * New upstream release. - This bug would cause trouble for Sarge->Etch upgrades, it was supposed to have been fixed in 5.0.16 but that apparently did not fix the whole problem: Using tables from MySQL 4.x in MySQL 5.x, in particular those with VARCHAR fields and using INSERT DELAYED to update data in the table would result in either data corruption or a server crash. (Bug#16611, Bug#16218, Bug#17294) Closes: #386337 - Fixes data corruption as an automatic client reconnect used to set the wrong character set. Closes: #365050 - Fixes an undefined ulong type in an include file. Closes: #389102 - Fixes wrong output format when using Unicode characters. Closes: #355302 - Fixes mysql_upgrade when using a password. Closes: #371841 [Christian Hammers] * Removed --sysconfdir from debian/rules as it puts /etc/mysql/ at the end of the my.cnf search patch thus overriding $HOME/my.cnf (thanks to Christoph Biedl). Closes: #394992 * The provided patch from bug #385947 was wrong, the variable is called BLOCKSIZE not BLOCK_SIZE according to "strings `which df`" (thanks to Bruno Muller). Closes: #385947 [sean finney] * new dutch debconf translations from Vincent Zweije (closes: #392809). * new japanese debconf translations from Hideki Yamane (closes: #391625). * new italian debconf translations from Luca Monducci (closes: #391741). * new french debconf translations from Christian Perrier (closes: #393334). * ran debconf-updatepo to merge the fuzzies into svn. * massage the following patches so they continue to apply cleanly: - 44_scripts__mysql_config__libs.dpatch to cleanly apply. - 45_warn-CLI-passwords.dpatch - 96_TEMP__libmysqlclient_ssl_symbols.dpatch (note, this patch might no longer be needed, but is retained "just in case" after massaging it) * the following patches have been incorporated upstream: - 70_kfreebsd.dpatch - 80_hurd_mach.dpatch - 87_ps_Hurd.dpatch - 90_TEMP__client__mysql_upgrade__O_EXEC.dpatch - 91_TEMP__client__mysql_upgrade__password.dpatch - 92_TEMP__client__mysql_upgrade__defaultgroups.dpatch - 94_TEMP__CVE-2006-4227.dpatch - 95_TEMP__CVE-2006-4226.dpatch * the udf_example.cc has disappeared from the source code, but there's a udf_example.c which seems to be a good example to use instead :) * update documentation in the configuration to no longer reference using my.cnf in the DATADIR, as it's never been the recommended method for debian systems and hasn't worked since 5.0 was released anyway (closes: #393868). -- Christian Hammers Wed, 25 Oct 2006 19:54:04 +0200 mysql-dfsg-5.0 (5.0.24a-9) unstable; urgency=medium * Having expire_logs_days enabled but log-bin not crashes the server. Using both or none of those options is safe. To prevent this happening during the nightly log rotation via /etc/logrotate.d/mysql the initscript checks for malicious combination of options. See: #368547 * The Sarge package "mysql-server" which used to include the mysqld daemon may still be in unselected-configured state (i.e. after a remove but not purge) in which case its now obsolete cronscript has to be moved away (thanks to Charles Lepple). Closes: #385669 * Updated Danish Debconf translation (thanks to Claus Hindsgaul). Closes: #390315 * Updated Frensh Debconf translation (thanks to Christian Perrier). Closes: #390980 -- Christian Hammers Tue, 3 Oct 2006 14:55:31 +0200 mysql-dfsg-5.0 (5.0.24a-8) unstable; urgency=low * (broken upload) -- Christian Hammers Tue, 3 Oct 2006 14:55:31 +0200 mysql-dfsg-5.0 (5.0.24a-7) unstable; urgency=low * Stopped mysql_config from announcing unnecessary library dependencies which until now cause "NEEDED" dependencies in the "readelf -d" output of libraries who only depend on libmysqlclient.so (thanks to Michal Cihar). Closes: #390692 -- Christian Hammers Sun, 1 Oct 2006 23:59:43 +0200 mysql-dfsg-5.0 (5.0.24a-6) unstable; urgency=low [sean finney] * finally add support for setting a root password at install. while this is not a random password as requested in one bug report, we believe it is the best solution and provides a means to set a random password via preseeding if it's really desired (Closes: #316127, #298295). -- sean finney Sun, 01 Oct 2006 23:34:30 +0200 mysql-dfsg-5.0 (5.0.24a-5) unstable; urgency=low * Added ${shlibs:Depends} to debian/control section libmysqlclient-dev as it contains the experimental /usr/lib/mysql/libndbclient.so.0.0.0. * Bumped standards version to 3.7.2. * Added LSB info section to init scripts. * Rephrased Debconf templates as suggested by lintian. * Added benchmark suite in /usr/share/mysql/sql-bench/. * The mysql.timezone* tables are now filled by the postinst script (thanks to Mark Sheppard). Closes: #388491 * Moved Debconf install notes to README.Debian. Displaying them with medium priority was a bug anyway. Closes: #388941 * Replaced /usr/bin/mysql_upgrade by /usr/bin/mysql_upgrade_shell in /etc/mysql/debian-start.sh as it works without errors (thanks to Javier Kohen). Closes: #389443 -- Christian Hammers Wed, 20 Sep 2006 15:01:42 +0200 mysql-dfsg-5.0 (5.0.24a-4) unstable; urgency=high * libmysqlclient.so.15 from 5.0.24 accidentaly exports some symbols that are historically exported by OpenSSL's libcrypto.so. This bug was supposed to be fixed in 5.0.24a bug according to the mysql bug tracking system will only be fixed in 5.0.25 so I backported the patch. People already reported crashing apps due to this (thanks to Duncan Simpson). See also: #385348 Closes: #388262 * Fixed BLOCKSIZE to BLOCK_SIZE in initscript (thanks to Bruno Muller). Closes: #385947 * Added hint to "--extended-insert=0" to mysqldump manpage (thanks to Martin Schulze). * Documented the meaning of "NDB" in README.Debian (thanks to Dan Jacobson). Closes: #386274 * Added patch to build on hurd-i386 (thanks to Cyril Brulebois). Closes: #387369 * Fixed debian-start script to work together with the recend LSB modifications in the initscript (thanks to wens). Closes: #387481 * Reverted tmpdir change in my.cnf back to /tmp to comply with FHS (thanks to Alessandro Valente). Closes: #382778 * Added logcheck filter rule (thanks to Paul Wise). Closes: #381043 * I will definetly not disable InnoDB but added a note to the default my.cnf that disabling it saves about 100MB virtual memory (thanks to Olivier Berger). Closes: #384399 * Added thread_cache_size=8 to default my.cnf as this variable seems to have a negligible memory footprint but can improve performance when lots of threads connect simultaneously as often seen on web servers. -- Christian Hammers Mon, 4 Sep 2006 00:21:50 +0200 mysql-dfsg-5.0 (5.0.24a-3) unstable; urgency=low * Fixed potential tempfile problem in the newly added mysqlreport script. -- Christian Hammers Sun, 3 Sep 2006 23:17:24 +0200 mysql-dfsg-5.0 (5.0.24a-2) unstable; urgency=low * Added "mysqlreport" (GPL'ed) from hackmysql.com. * Temporarily disabled expire_days option as it causes the server to crash. See #368547 * Made output of init scripts LSB compliant (thanks to David Haerdeman). Closes: #385874 -- Christian Hammers Sun, 3 Sep 2006 19:06:53 +0200 mysql-dfsg-5.0 (5.0.24a-1) unstable; urgency=high * New upstream version. * The shared library in the 5.0.24 upstream release accidently exported some symbols that are also exported by the OpenSSL libraries (notably BN_bin2bn) causing unexpected behaviour in applications using these functions (thanks to Peter Cernak). Closes: #385348 * Added note about possible crash on certain i486 clone CPUs. * Made recipient address of startup mysqlcheck output configurable (thanks to Mattias Guns). Closes: #385119 -- Christian Hammers Mon, 28 Aug 2006 01:22:12 +0200 mysql-dfsg-5.0 (5.0.24-3) unstable; urgency=high * SECURITY: CVE-2006-4226: When run on case-sensitive filesystems, MySQL allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. CVE-2006-4227: MySQL evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. Thanks to Stefan Fritsch for reporting. Closes: #384798 -- Christian Hammers Sat, 26 Aug 2006 04:55:17 +0200 mysql-dfsg-5.0 (5.0.24-2) unstable; urgency=high * 5.0.24-1 introduced an ABI incompatibility, which this patch reverts. Programs compiled against 5.0.24-1 are not compatible with any other version and needs a rebuild. This bug already caused a lot of segfaults and crashes in various programs. Thanks to Chad MILLER from MySQL for quickly providing a patch. The shlibdeps version has been increased to 5.0.24-2. Closes: #384047, #384221, #383700 -- Christian Hammers Fri, 25 Aug 2006 21:47:35 +0200 mysql-dfsg-5.0 (5.0.24-1) unstable; urgency=high * SECURITY: Upstream fixes a security bug which allows a user to continue accessing a table using a MERGE TABLE after the right to direct access to the database has been revoked (CVE-2006-4031, MySQL bug #15195). (Well they did not exactly fixed it, they documented the behaviour and allow the admin to disable merge table alltogether...). Closes: #380271 * SECURITY: Applied patch that fixes a possibly insecure filehandling in the recently added mysql_upgrade binary file (MySQL bug #10320). * New upstream version. - Fixes nasty MySQL bug #19618 that leads to crashes when using "SELECT ... WHERE ... not in (1, -1)" (e.g. vbulletin was affected). - Fixes upstream bug #16803 so that linking ~/.mysql_history to /dev/null now has the desired effect of having no history. * Really fixed the runlevels. Closes: #377651 * Added patch for broken upstream handling of "host=" to mysql_upgrade.c. * Adjusted /etc/mysql/debian-start to new mysql_upgrade.c -- Christian Hammers Tue, 8 Aug 2006 00:44:13 +0200 mysql-dfsg-5.0 (5.0.22-5) unstable; urgency=low * Added further line to the logcheck ignore files (thanks to Paul Wise). Closes: #381038 -- Christian Hammers Wed, 2 Aug 2006 00:28:50 +0200 mysql-dfsg-5.0 (5.0.22-4) unstable; urgency=low * Upstream fixes a bug in the (never released) version 5.0.23 which could maybe used to crash the server if the mysqlmanager daemon is in use which is not yet the default in Debian. (CVE-2006-3486 *DISPUTED*) * Changed runlevel priority of mysqld from 20 to 19 so that it gets started before apache and proftpd etc. which might depend on an already running database server (thanks to Martin Gruner). Closes: #377651 * Added patch which sets PATH_MAX in ndb (thanks to Cyril Brulebois). Closes: #378949 * Activated YaSSL as licence issues are settled according to: http://bugs.mysql.com/?id=16755. This also closes the FTBFS bug regarding OpenSSL as it is discouraged to use now. Closes: #368639 * Removed SSL-MINI-HOWTO as the official documentation is good enough now. * mysql_upgrade no longer gives --password on the commandline which would be insecure (thanks to Dean Gaudet). Closes: #379199 * Adjusted debian/patches/45* to make consecutive builds in the same source tree possible (thanks to Bob Tanner). Closes: #368661 * mysql-server-5.0 is now suggesting tinyca as yaSSL is enabled and tinyca was found to be really cool :) * Moved tempdir from /tmp to /var/tmp as it will more likely have enough free space as /tmp is often on the root partition and /var or at least /var/tmp is on a bigger one. -- Christian Hammers Mon, 10 Jul 2006 23:30:26 +0200 mysql-dfsg-5.0 (5.0.22-3) unstable; urgency=low * Added patch for MySQL bug #19618: "select x from x where x not in(1,-1)" may crash the server" (thanks to Ruben Puettmann). -- Christian Hammers Fri, 9 Jun 2006 01:41:44 +0200 mysql-dfsg-5.0 (5.0.22-2) unstable; urgency=high * Fixed debian-sys-maint related bug in postinst (thanks to Jean-Christophe Dubacq). Closes: #369970 * The last upload was a security patch (which I did not know as I uploaded before the announcement came). I now added the CVE id for reference and set urgency to high as the last entry did not. -- Christian Hammers Wed, 31 May 2006 01:04:11 +0200 mysql-dfsg-5.0 (5.0.22-1) unstable; urgency=low * SECURITY: This upstream release fixes an SQL-injection with multibyte encoding problem. (CVE-2006-2753) * New upstream release. * Upstream fixes REPAIR TABLE problem. Closes: #354300 * Upstream fixes problem that empty strings in varchar and text columns are displayed as NULL. Closes: #368663 -- Christian Hammers Tue, 30 May 2006 23:43:24 +0200 mysql-dfsg-5.0 (5.0.21-4) unstable; urgency=low * Added "BLOCKSIZE=" to the diskfree check (thanks to Farzad FARID). Closes: #367027, #367083 * Further fixed mysql_upgrade upstream script (thanks to Andreas Pakulat) Closes: #366155 * Adjusted the /proc test in debian/rules from /proc/1 to /proc/self to make building on grsec systems possible (thanks to K. Rosenegger). Closes: #366824 * Updated Russion Debconf translation (thanks to Yuriy Talakan). Closes: #367141 * Updated Czech Debconf translation (thanks to Kiroslav Kure). Closes: #367160 * Updated Galician Debconf translation (thanks to Jacobo Tarrio). Closes: #367384 * Updated Swedish Debconf translation (thanks to Daniel Nylander). Closes: #368186 -- Christian Hammers Wed, 10 May 2006 08:45:42 +0200 mysql-dfsg-5.0 (5.0.21-3) unstable; urgency=low * Fixed FTBFS problem which was caused by a patch that modifies Makefile.am as well as Makefile.in and was not deteced because my desktop was fast enough to patch both files within the same second and so fooled automake. (thanks to Blars Blarson for notifying me). Closes: #366534 -- Christian Hammers Sat, 6 May 2006 19:03:58 +0200 mysql-dfsg-5.0 (5.0.21-2) unstable; urgency=low * Fixed bug in postinst that did not correctly rewrite /etc/mysql/debian.cnf (thanks to Daniel Leidert). Closes: #365433, #366155 -- Christian Hammers Thu, 4 May 2006 02:37:03 +0200 mysql-dfsg-5.0 (5.0.21-1) unstable; urgency=high * SECURITY: New upstream release with some security relevant bugfixes: * "Buffer over-read in check_connection with usernames lacking a trailing null byte" (CVE-2006-1516) * "Anonymous Login Handshake - Information Leakage" (CVE-2006-1517) * "COM_TABLE_DUMP Information Leakage and Arbitrary command execution" (CVE-2006-1518) Closes: #365938, #365939 * Added diskfree check to the init script (thanks to Tim Baverstock). Closes: #365460 * First amd64 upload! -- Christian Hammers Sat, 29 Apr 2006 04:31:27 +0200 mysql-dfsg-5.0 (5.0.20a-2) unstable; urgency=low * The new mysql-upgrade which is started from /etc/mysql/debian-start does now use the debian-sys-maint user for authentication (thanks to Philipp). Closes: #364991 * Wrote patch debian/patches/43* which adds a password option to mysql_update. See MySQL bug #19400. * Added "Provides: libmysqlclient-dev" to libmysqlclient15-dev as I saw no obvious reasons against it (problems should be documented in debian/README.Maintainer!) (thanks to Olaf van der Spek). Closes: #364899 * Updated Netherlands debconf translation (thanks to Vincent Zweije) Closes: #364464 * Updated French debconf translation (thanks to Christian Perrier) Closes: #364401 * Updated Danish debconf translation (thanks to Claus Hindsgaul) Closes: #365135 -- Christian Hammers Wed, 26 Apr 2006 01:14:53 +0200 mysql-dfsg-5.0 (5.0.20a-1) unstable; urgency=low * New upstream release. * Added the new mysql_upgrade script and added it to /etc/mysql/debian-start (thanks to Alessandro Polverini). The script is currently very noise that is a known bug and will be fixed in the next release! Closes: #363458 * No longer creates the "test" database. This actuallay had been tried to archive before (at least patches) exists but apparently was not the case in the last versions (thanks to Olaf van der Spek). Closes: #362126 * Reformatted libmysqlclient15off.NEWS.Debian to changelog format (thanks to Peter Palfrader). Closes: #363062 -- Christian Hammers Sat, 15 Apr 2006 13:05:22 +0200 mysql-dfsg-5.0 (5.0.20-1) unstable; urgency=high * Upstream contains a fix for a nasty bug (MySQL#18153) that users already experienced and that caused corrupted triggers after REPAIR/OPTIMIZE/ALTER TABLE statements. (thanks to Jerome Despatis for pointing out) * Added patch for the "updates on multiple tables is buggy after upgrading from 4.1 to 5.0" problem which MySQL has been committed for the upcoming 5.0.21 release. Closes #352704 * Added Netherlands debconf translation (thanks to Vincent Zweije). Closes: #360443 * Added Galician debconf translation (thanks to Jacobo Tarrio). Closes: #361257 -- Christian Hammers Fri, 7 Apr 2006 00:00:43 +0200 mysql-dfsg-5.0 (5.0.19-3) unstable; urgency=high [ Christian Hammers ] * Fixed libmysqlclient15.README.Debian regarding package name changes (thanks to Leppo). * Moved libheap.a etc. back to /usr/lib/mysql/ as their names are just too generic. Closes: #353924 [ Sean Finney ] * updated danish debconf translation, thanks to Claus Hindsgaul (closes: #357424). [ Adam Conrad ] * Send stderr from 'find' in preinst to /dev/null to tidy up chatter. * Backport patch for CVE-2006-0903 from the upcoming release to resolve a log bypass vulnerability when using non-binary logs (closes: #359701) -- Adam Conrad Tue, 4 Apr 2006 15:23:18 +1000 mysql-dfsg-5.0 (5.0.19-2) unstable; urgency=medium * New upstream release. * Renamed package libmysqlclient15 to libmysqlclient15off due to binary incompatible changes. See /usr/share/doc/libmysqlclient15off/README.Debian * Updated Czech debconf translation (thanks to Miroslav Kure). Closes: #356503 * Updated French debconf translation (thanks to Christian Perrier). Closes: #356332 * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian file is (thanks to Ross Boylan). Closes: #355978 -- Christian Hammers Fri, 17 Mar 2006 02:32:19 +0100 mysql-dfsg-5.0 (5.0.19-1) experimental; urgency=medium * New upstream release. * SECURITY: CVE-2006-3081: A bug where str_to_date(1,NULL) lead to a server crash has been fixed. (this note has been added subsequently for reference) * Renamed package libmysqlclient15 to libmysqlclient15off. See /usr/share/doc/libmysqlclient15off/NEWS.Debian * Updated Czech debconf translation (thanks to Miroslav Kure). Closes: #356503 * Updated French debconf translation (thanks to Christian Perrier). Closes: #356332 * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian file is (thanks to Ross Boylan). Closes: #355978 -- Christian Hammers Tue, 14 Mar 2006 22:56:13 +0100 mysql-dfsg-5.0 (5.0.18-9) unstable; urgency=medium [ Christian Hammers ] * When using apt-get the check for left-over ISAM tables can abort the installation of mysql-server-5.0 but not prevent the mysql-server-4.1 package from getting removed. The only thing I can do is reflect this in the Debconf notice that is shown and suggest to reinstall mysql-server-4.1 for converting. See: #354850 * Suggests removing of /etc/cron.daily/mysql-server in last NEWS message (thanks to Mourad De Clerck). Closes: #354111 * Added versioned symbols for kfreebsd and Hurd, too (thanks to Aurelien Jarno and Michael Bank). Closes: #353971 * Added versioned symbols for kfreebsd, too (thanks to Aurelien Jarno). Closes: #353971 [ Adam Conrad ] * Add 39_scripts__mysqld_safe.sh__port_dir.dpatch to ensure that the permissions on /var/run/mysqld are always correct, even on a tmpfs. -- Christian Hammers Mon, 6 Mar 2006 21:42:13 +0100 mysql-dfsg-5.0 (5.0.18-8) unstable; urgency=low * The rotation of the binary logs is now configured via expire-logs-days in /etc/mysql/my.cnf and handled completely by the server and no longer in configured in debian-log-rotate.conf and handled by a cron job. Thanks to David Johnson. See /usr/share/doc/mysql-server-5.0/NEWS.Debian * Ran aspell over some files in debian/ and learned a lot :) * debian/rules: Added check if versioned symbols are really there. * Updated SSL-MINI-HOWTO. * Updated copyright (removed the parts regarding the now removed BerkeleyDB table handler and mysql-doc package). * Relocated a variable in preinst (thanks to Michael Heldebrant). Closes: #349258, #352587, #351216 * Updated Danish debconf translation (thanks to Claus Hindsgaul). Closes: #349013 * Updated Swedish debconf translation (thanks to Daniel Nylander). Closes: #349522 * Updated French debconf translation (thanks to Christian Perrier). Closes: #349592 * Fixed typo in README.Debian (thanks to Vincent Ricard). * Prolonged waiting time for mysqld in the init script. Closes: #352070 -- Christian Hammers Mon, 23 Jan 2006 23:13:46 +0100 mysql-dfsg-5.0 (5.0.18-7) unstable; urgency=low * Made mailx in debian-start.inc.sh optional and changed the dependency on it on it to a mere recommendation. Closes: #316297 * the previous FTBFS patches for GNU/Hurd inadvertently led to configure being regenerating, losing a couple trivial things like our versioned symbols patch, causing many nasty problems (closes: #348854). -- sean finney Fri, 20 Jan 2006 20:59:27 +0100 mysql-dfsg-5.0 (5.0.18-6) unstable; urgency=low * Added version comment (thanks to Daniel van Eeden). * Added two patches to build on GNU/Hurd (thanks to Michael Bank). Closes: #348182 * Abort upgrade if old and now unsupported ISAM tables are present (thanks to David Coe). Closes: #345895 -- Christian Hammers Tue, 17 Jan 2006 19:25:59 +0100 mysql-dfsg-5.0 (5.0.18-5) unstable; urgency=low * Bump shlibdeps for libmysqlclient15 to (>= 5.0.15-1), which was the first non-beta release from upstream, as well as being shortly after we broke the ABI in Debian by introducing versioned symbols. -- Adam Conrad Fri, 13 Jan 2006 13:18:03 +1100 mysql-dfsg-5.0 (5.0.18-4) unstable; urgency=low * Munge our dependencies further to smooth upgrades even more, noting that we really need 5.0 to conflict with 4.1, and stealing a page from the book of mysql-common, it doesn't hurt to hint package managers in the direction of "hey, this stuff is a complete replacement for 4.1" * Change the description of mysql-server and mysql-client to remove the references to it being "transition", and instead point out that it's the way to get the "current best version" of each package installed. -- Adam Conrad Wed, 11 Jan 2006 11:39:45 +1100 mysql-dfsg-5.0 (5.0.18-3) unstable; urgency=low * Make the mysql-{client,server}-5.0 conflict against mysql-{client,server} versioned, so they can be installed side-by-side and upgrade properly. * Add myself to Uploaders; since I have access to the alioth repository. -- Adam Conrad Tue, 10 Jan 2006 19:15:48 +1100 mysql-dfsg-5.0 (5.0.18-2) unstable; urgency=low * Removed the transitional package that forced an upgrade from mysql-server-4.1 to mysql-server-5.0 as I was convinced that having a general "mysql-server" package with adjusted dependencies is enough (thanks to Adam Conrad). * Updated logcheck.ignore files (thanks to Jamie McCarthy). Closes: #340193 -- Christian Hammers Mon, 9 Jan 2006 21:54:53 +0100 mysql-dfsg-5.0 (5.0.18-1) unstable; urgency=low * New upstream version. * Added empty transitional packages that force an upgrade from the server and client packages that have been present in Sarge. * Fixed SSL-MINI-HOWTO (thanks to Jonas Smedegaard). Closes: #340589 -- Christian Hammers Mon, 2 Jan 2006 21:17:51 +0100 mysql-dfsg-5.0 (5.0.17-1) unstable; urgency=low * Never released as Debian package. -- Christian Hammers Thu, 22 Dec 2005 07:49:52 +0100 mysql-dfsg-5.0 (5.0.16-1) unstable; urgency=low * New upstream version. * Removed the error logs from the logrotate script as Debian does not use them anymore. Closes: #339628 -- Christian Hammers Tue, 22 Nov 2005 01:19:11 +0100 mysql-dfsg-5.0 (5.0.15-2) unstable; urgency=medium * Added 14_configure__gcc-atomic.h.diff to fix FTBFS on m68k (thanks to Stephen R Marenka). Closes: #337082 * Removed dynamic linking against libstdc++ as it was not really needed (thanks to Adam Conrad). Closes: #328613 * Fixed the "/var/lib/mysql is a symlink" workaround that accidently left a stalled symlink (thanks to Thomas Lamy). Closes: #336759 * As the init script cannot distinguish between a broken startup and one that just takes very long the "failed" message now says "or took more than 6s" (thanks to Olaf van der Spek). Closes: #335547 -- Christian Hammers Thu, 3 Nov 2005 22:00:15 +0100 mysql-dfsg-5.0 (5.0.15-1) unstable; urgency=low * New upstream version. 5.0 has finally been declared STABLE! * Added small patch to debian/rules that fixed sporadic build errors where stdout and stderr were piped together, got mixed up and broke * Added --with-big-tables to ./configure (thanks to tj.trevelyan). Closes: #333090 * Added capability to parse "-rc" to debian/watch. * Fixed cronscript (thanks to Andrew Deason). Closes: #335244 * Added Swedish debconf translation (thanks to Daniel Nylander). Closes: #333670 * Added comment to README.Debian regarding applications that manually set new-style passwords... Closes: #334444 * Sean Finney: - Fix duplicate reference to [-e|--extended-insert]. Closes: #334957 - Fix default behavior for mysqldumpslow. Closes: #334517 - Reference documentation issue in mysql manpage. Closes: #335219 -- Christian Hammers Fri, 30 Sep 2005 00:10:39 +0200 mysql-dfsg-5.0 (5.0.13rc-1) unstable; urgency=low * New upstream release. Now "release-candidate"! * Removed any dynamic link dependencies to libndbclient.so.0 which is due to its version only distributed as a static library. * Sean Finney: - FTBFS fix related to stripping rpath in debian/rules -- Christian Hammers Mon, 26 Sep 2005 22:09:26 +0200 mysql-dfsg-5.0 (5.0.12beta-5) unstable; urgency=low * The recent FTBFS were probably result of a timing bug in the debian/patches/75_*.dpatch file where Makefile.in got patched just before the Makefile.shared which it depended on. For that reason only some of the autobuilders failed. Closes: #330149 * Fixed chrpath removal (option -k had to be added). * Corrected debconf dependency as requested by Joey Hess. -- Christian Hammers Mon, 26 Sep 2005 18:37:07 +0200 mysql-dfsg-5.0 (5.0.12beta-4) unstable; urgency=low * Removed experimental shared library libndbclient.so.0.0.0 as it is doomed to cause trouble as long as it is present in both MySQL 4.1 and 5.0 without real soname and its own package. We still have libndbclient.a for developers. (thanks to Adam Conrad and mediaforest.net). Closes: #329772 -- Christian Hammers Fri, 23 Sep 2005 12:36:48 +0200 mysql-dfsg-5.0 (5.0.12beta-3) unstable; urgency=medium * Symbol versioning support! wooooohoooooo! (thanks to Steve Langasek) Closes: #236288 * Moved libndbcclient.so.0 to the -dev package as it is provided by libmysqlclient14 and -15 which must be installable simultaneously. * Removed mysql-*-doc suggestions. -- Christian Hammers Tue, 20 Sep 2005 00:07:03 +0200 mysql-dfsg-5.0 (5.0.12beta-2) unstable; urgency=low * Added patch to build on GNU/kFreeBSD (thanks to Aurelien Jarno). Closes: #327702 * Added patch that was already been present on the 4.1 branch which makes the "status" command of the init script more sensible (thanks to Stephen Gildea). Closes: #311836 * Added Vietnamese Debconf translation (thanks to Clytie Siddal). Closes: #313006 * Updated German Debconf translation (thanks to Jens Seidel). Closes: #313957 * Corrected commends in example debian-log-rotate.conf. The default is unlike the mysql-sever-4.1 package which needed to stay backwards compatible now 2 to avoid filling up the disk endlessly. * Fixed watch file to be "-beta" aware. -- Christian Hammers Thu, 15 Sep 2005 20:50:19 +0200 mysql-dfsg-5.0 (5.0.12beta-1) unstable; urgency=medium * Christian Hammers: - New upstream release. - Changed build-dep to libreadline5-dev as requested by Matthias Klose. Closes: #326316 - Applied fix for changed output format of SHOW MASTER LOGS for binary log rotation (thanks to Martin Krueger). Closes: #326427, #326427 - Removed explicit setting of $PATH as I saw no sense in it and it introduced a bug (thanks to Quim Calpe). Closes: #326769 - Removed PID file creation from /etc/init.d/mysql-ndb as it does not work with this daemon (thanks to Quim Calpe). - Updated French Debconf translation (thanks to Christian Perrier). Closes: #324805 - Moved conflicts line in debian/control from libmysqlclient15 to libmysqlclient15-dev and removed some pre-sarge conflicts as suggested by Adam Majer. Closes: #324623 * Sean Finney: - For posterity, CAN-2005-2558 has been fixed since 5.0.7beta. -- Christian Hammers Thu, 15 Sep 2005 19:58:22 +0200 mysql-dfsg-5.0 (5.0.11beta-3) unstable; urgency=low * Temporarily build only with -O2 to circumvent gcc internal errors (thanks to Matthias Klose). Related to: #321165 -- Christian Hammers Thu, 18 Aug 2005 15:44:04 +0200 mysql-dfsg-5.0 (5.0.11beta-2) unstable; urgency=low * Fixed README.Debian regarding the status of mysql-doc. * Added "set +e" around chgrp in mysql-server-5.0.preinst to not fail on .journal files (thanks to Christophe Nowicki). Closes: #318435 -- Christian Hammers Sun, 14 Aug 2005 18:02:08 +0200 mysql-dfsg-5.0 (5.0.11beta-1) unstable; urgency=low * New upstream version. * Added Danish Debconf translations (thanks to Claus Hindsgaul). Closes: #322384 * Updated Czech Debconf translations (thanks to Miroslav Kure). Closes: #321765 -- Christian Hammers Sat, 13 Aug 2005 11:56:15 +0000 mysql-dfsg-5.0 (5.0.10beta-1) unstable; urgency=low * New upstream release. * Christian Hammers: - Added check for mounted /proc to debian/rules. * Sean Finney: - fix for fix_mysql_privilege_tables/mysql_fix_privilege_tables typo in mysql-server-5.0's README.Debian (see #319838). -- Christian Hammers Sun, 31 Jul 2005 00:30:45 +0200 mysql-dfsg-5.0 (5.0.7beta-1) unstable; urgency=low * Second try for new upstream release. * Renamed mysql-common-5.0 to mysql-common as future libmysqlclient16 from e.g. MySQL-5.1 would else introduce mysql-common-5.1 which makes a simultanous installation of libmysqlclient14 impossible as that depends on either mysql-common or mysql-common-5.0 but not on future versions. Thus we decided to always let the newest MySQL version provide mysql-common. * Added ${misc:Depends} as suggested by debhelper manpage. * Raised standard in control file to 3.6.2. * Removed DH_COMPAT from rules in faviour of debian/compat. * Checkes for presence of init script before executing it in preinst. Referres: 315959 * Added 60_includes_mysys.h__gcc40.dpatch for GCC-4.0 compatibility. -- Christian Hammers Wed, 29 Jun 2005 00:39:05 +0200 mysql-dfsg-5.0 (5.0.5beta-1) unstable; urgency=low * New major release! Still beta so be carefull... * Added federated storage engine. -- Christian Hammers Wed, 8 Jun 2005 19:29:45 +0200 mysql-dfsg-4.1 (4.1.12-1) unstable; urgency=low * Christian Hammers: - New upstream release. - Disabled BerkeleyDB finally. It has been obsoleted by InnoDB. * Sean Finney: - Updated French translation from Christian Perrier (Closes: #310526). - Updated Japanese translation from Hideki Yamane (Closes: #310263). - Updated Russian translation from Yuriy Talakan (Closes: #310197). -- Christian Hammers Sat, 4 Jun 2005 05:49:11 +0200 mysql-dfsg-4.1 (4.1.11a-4) unstable; urgency=high * Fixed FTBFS problem which was caused due to the fact that last uploads BerkeleyDB patch was tried to applied on all architectures and not only on those where BerkeleyDB is actually beeing built. Closes: #310296 -- Christian Hammers Mon, 23 May 2005 00:54:51 +0200 mysql-dfsg-4.1 (4.1.11a-3) unstable; urgency=high * Added patch from Piotr Roszatycki to compile the bundled db3 library that is needed for the BerkeleyDB support with versioned symbols so that mysqld no longer crashes when it gets linked together with the Debian db3 version which happens when e.g. using libnss-db. Closes: #308966 -- Christian Hammers Thu, 19 May 2005 01:41:14 +0200 mysql-dfsg-4.1 (4.1.11a-2) unstable; urgency=high * Okay, the hackery with /var/lib/dpkg/info/mysql-server.list will not stand and is removed from the preinst of mysql-server. * New workaround for the symlink problem that does not involve mucking with dpkg's file lists is storing the symlinks in a temporary location across upgrades. As this sometimes fails since apt-get does not always call new.preinst before old.postrm, some remarks were added to README.Debian and the Debconf installation notes to minimize the inconvinience this causes. -- sean finney Sun, 15 May 2005 10:25:31 -0400 mysql-dfsg-4.1 (4.1.11a-1) unstable; urgency=high * Added the "a" to the version number to be able to upload a new .orig.tar.gz file which now has the non-free Docs/ directory removed as this has been forgotten in the 4.1.11 release (thanks to Goeran Weinholt). Closes: #308691 * The Woody package listed /var/lib/mysql and /var/log/mysql in its /var/lib/dpkg/info/mysql-server.list. These directories are often replaced by symlinks to data partitions which triggers a dpkg bug that causes these symlinks to be removed on upgrades. The new preinst prevents this by removing the two lines from the .list file (thanks to Andreas Barth and Jamin W. Collins). See dpkg bug #287978. * Updated French Debconf translation (thanks to Christian Perrier). Closes: #308353 -- Christian Hammers Thu, 12 May 2005 21:52:46 +0200 mysql-dfsg-4.1 (4.1.11-3) unstable; urgency=high * The "do you want to remove /var/lib/mysql when purging the package" flag from old versions is removed once this package is beeing installed so that purging an old Woody mysql-server package while having a mysql-server-4.1 package installed can no longer lead to the removal of all databases. Additionaly clarified the wording of this versions Debconf template and added a check that skips this purge in the postrm script if another mysql-server* package has /usr/sbin/mysqld installed. (thanks to Adrian Bunk for spotting that problem) Closes: #307473 * Cronfile was not beeing installed as the filename was not in the correct format for "dh_installcron --name" (thanks to Tomislav Gountchev). Closes: #302712 -- Christian Hammers Sat, 23 Apr 2005 22:55:15 +0200 mysql-dfsg-4.1 (4.1.11-2) unstable; urgency=low * Sean Finney: - don't freak out if we can't remove /etc/mysql during purge. - debian/rules clean works again. * Christian Hammers: - Fixed typo in README.Debian (thanks to Joerg Rieger). Closes: #304897 - Completely removed the passwordless test user as it was not only insecure but also lead to irritations as MySQL checks first the permissions of this user and then those of a password having one. See bug report from Hilko Bengen for details. Closes: #301741 -- Christian Hammers Sat, 16 Apr 2005 15:55:00 +0200 mysql-dfsg-4.1 (4.1.11-1) unstable; urgency=low * New upstream version. * Upstream fix for charset/collation problem. Closes: #282256 * Upstream fix for subselect crash. Closes: #297687 * Corrected minor issue in Debconf template regarding skip-networking (thanks to Isaac Clerencia). Closes: #303417 * Made dependency to gawk unnecessary (thanks to Zoran Dzelajlija). Closes: #302284 * Removed obsolete 50_innodb_mixlen.dpatch. * Removed obsolete 51_CAN-2004-0957_db_grant_underscore.dpatch. -- Christian Hammers Fri, 8 Apr 2005 00:23:53 +0200 mysql-dfsg-4.1 (4.1.10a-7) unstable; urgency=low * Sean Finney: - fix for the mysteriously disappeared cronjob. thanks to Peter Palfrader for pointing out this omission. (closes: #302712). -- sean finney Sat, 02 Apr 2005 16:54:13 -0500 mysql-dfsg-4.1 (4.1.10a-6) unstable; urgency=high * Sean Finney: - the previous upload did not completely address the issue. this one should do so. d'oh. -- sean finney Thu, 31 Mar 2005 03:35:50 +0000 mysql-dfsg-4.1 (4.1.10a-5) unstable; urgency=high * Sean Finney: - the following security issue is addressed in this upload: CAN-2004-0957 (grant privilege escalation on tables with underscores) thanks to sergei at mysql for all his help with this. -- sean finney Wed, 30 Mar 2005 21:19:26 -0500 mysql-dfsg-4.1 (4.1.10a-4) unstable; urgency=low * Sean Finney: - FTBFS fix for amd64/gcc-4.0. Thanks to Andreas Jochens for reporting this (closes: #301807). - ANSI-compatible quoting fix in daily cron job. thanks to Karl Hammar for pointing out the problem in the 4.0 branch. - Added myself as a co-maintainer in the control file (closes: #295312). -- sean finney Tue, 29 Mar 2005 18:54:42 -0500 mysql-dfsg-4.1 (4.1.10a-3) unstable; urgency=low * BerkeleyDB is now disabled by default as its use is discouraged by MySQL. * Added embedded server libraries as they finally do compile. They are currently in libmysqlclient-dev as they are still experimental and only available as .a library (thanks to Keith Packard). Closes: #297062 * Fixed obsolete "tail" syntax (thanks to Sven Mueller). Closes: #301413 * Added CAN numbers for the latest security bugfix upload. * Updated manpage of mysqlmanager (thanks to Justin Pryzby). Closes: #299844 * Added comments to default configuration. -- Christian Hammers Sun, 20 Mar 2005 17:40:18 +0100 mysql-dfsg-4.1 (4.1.10a-2) unstable; urgency=low * Disabled "--with-mysqld-ldflags=-all-static" as it causes sig11 crashes if LDAP is used for groups in /etc/nsswitch.conf. Confirmed by Sean Finney and Daniel Dehennin. Closes: #299382 -- Christian Hammers Mon, 14 Mar 2005 03:01:03 +0100 mysql-dfsg-4.1 (4.1.10a-1) unstable; urgency=high * SECURITY: - The following security related updates are addressed: CAN-2005-0711 (temporary file creation with "CREATE TEMPORARY TABLE") CAN-2005-0709 (arbitrary library injection in udf_init()) CAN-2005-0710 (arbitrary code execution via "CREATE FUNCTION") Closes: #299029, #299031, #299065 * New Upstream Release. - Fixes some server crash conditions. - Upstream includes fix for TMPDIR overriding my.cnf tmpdir setting Closes: #294347 - Fixes InnoDB error message. Closes: #298875 - Fixes resouce limiting. Closes: #285044 * Improved checking whether or not the server is alive in the init script which should make it possible to run several mysqld instances in different chroot environments. Closes: #297772 * Fixed cron script name as dots are not allowed (thanks to Michel v/d Ven). Closes: #298447 * Added -O3 and --with-mysqld-ldflags=-all-static as MySQL recommends to build the server binary statically in order to gain about 13% more performance (thanks to Marcin Kowalski). * Added patch to let mysqld_safe react to signals (thanks to Erich Schubert). Closes: #208364 * (Thanks to Sean Finney for doing a great share of work for this release!) -- Christian Hammers Thu, 3 Mar 2005 02:36:39 +0100 mysql-dfsg-4.1 (4.1.10-4) unstable; urgency=medium * Fixed bug that prevented MySQL from starting after upgrades. Closes: #297198, #296403 * Added comment about logging to syslog to the default my.cnf and the logrotate script (thanks to Ryszard Lach). Closes: #295507 -- Christian Hammers Thu, 3 Mar 2005 00:28:02 +0100 mysql-dfsg-4.1 (4.1.10-3) unstable; urgency=low * Sean Finney: Cronjobs now exit silently when the server package has been removed but not purged (thanks to Vineet Kumar). Closes: #297404 * Fixed comments of /etc/mysql/debian-log-rotate.conf (thanks to Philip Ross). Closes: #297467 * Made mysqld_safe reacting sane on signals (thanks to Erich Schubert). Closes: #208364 -- Christian Hammers Tue, 1 Mar 2005 19:44:34 +0100 mysql-dfsg-4.1 (4.1.10-2) unstable; urgency=low * Converted to dpatch. * debian/ is now maintained via Subversion on svn.debian.org. -- Christian Hammers Tue, 1 Mar 2005 02:16:36 +0100 mysql-dfsg-4.1 (4.1.10-1) unstable; urgency=low * New upstream version. * Upstream fixed memleak bug. Closes: #205587 * Added debian/copyright.more for personal reference. * Lowered default query cache size as suggested by Arjen from MySQL. * Switched from log to log-bin as suggested by Arjen from MySQL. * Fixed typo in my.cnf (thanks to Sebastian Feltel). Closes: #295247 * Replaced --defaults-extra-file by --defaults-file in Debian scripts as former lets password/host etc be overwriteable by /root/.my.cnf. Added socket to /etc/mysql/debian.cnf to let it work. (thanks to SATOH Fumiyasu). Closes: #295170 -- Christian Hammers Tue, 15 Feb 2005 23:47:02 +0100 mysql-dfsg-4.1 (4.1.9-4) unstable; urgency=low * Improved the way mysqld is started and registered with update-rc.d in cases where the admin modifies the runlevel configuration. Most notably removed the debconf question whether or not mysql should start on when booting. Closes: #274264 * Renamed configuration option old-passwords to the more preferred naming convention old_passwords. Same for some others (thanks to Patrice Pawlak). Closes: #293983 -- Christian Hammers Tue, 8 Feb 2005 02:21:18 +0100 mysql-dfsg-4.1 (4.1.9-3) unstable; urgency=low * Renamed ca_ES.po to ca.po to reach a broader audience (thanks to Christian Perrier). Closes: #293786 * Expicitly disabled mysqlfs support as it has never been enabled by configure during the autodetection but fails due to broken upstream code when users try to build the package theirselves while having liborbit-dev installed which triggers the mysqlfs autodetection (thanks to Max Kellermann). Closes: #293431 * Added dependencies to gawk as one script does not work with original-awk (thanks to Petr Ferschmann). Closes: #291634 -- Christian Hammers Sun, 6 Feb 2005 23:33:11 +0100 mysql-dfsg-4.1 (4.1.9-2) unstable; urgency=high * SECURITY: For historical reasons /usr/share/mysql/ was owned and writable by the user "mysql". This is a security problem as some scripts that are run by root are in this directory and could be modified and used by a malicious user who already has mysql privileges to gain full root rights (thanks to Matt Brubeck). Closes: #293345 * Changed "skip-networking" to "bind-address 127.0.0.1" which is more compatible and not less secure but maybe even more, as less people enable networking for all interfaces (thanks to Arjen Lentz). * Enabled InnoDB by default as recommended by Arjen Lentz from MySQL. * Added remarks about hosts.allow to README.Debian (thanks to David Chappell). Closes: #291300 * mysql-server-4.1 now provides mysql-server (thanks to Paul van den Berg). Closes: #287735 -- Christian Hammers Wed, 2 Feb 2005 23:31:55 +0100 mysql-dfsg-4.1 (4.1.9-1) unstable; urgency=low * New upstream version. * mysql-client-4.1 now provides "mysql-client" so that packages depending on mysql-client (ca. 40) can now be used with MySQL-4.1, too. -- Christian Hammers Sun, 23 Jan 2005 22:52:48 +0100 mysql-dfsg-4.1 (4.1.8a-6) unstable; urgency=high * SECURITY: Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered a temporary file vulnerability in the mysqlaccess script of MySQL that could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack and could also could unveil the contents of a temporary file which might contain sensitive information. (CAN-2005-0004, http://lists.mysql.com/internals/20600) Closes: #291122 -- Christian Hammers Tue, 18 Jan 2005 23:11:48 +0100 mysql-dfsg-4.1 (4.1.8a-5) unstable; urgency=medium * Fixed important upstream bug that causes from_unixtime(0) to return NULL instead of "1970-01-01 00:00:00" which fails on NOT NULL columns. Closes: #287792 * Fixes upstream bug in mysql_list_fields() . Closes: #282486 * Fixes bug that lead to double rotated logfiles when mysql-server 4.0 was previously installed (thanks to Olaf van der Spek). Closes: #289851 * Fixed typo in README.Debian (thanks to Mark Nipper). Closes: #289131 * Changed max_allowed_packet in my.cnf to 16M as in 4.0.x (thanks to Olaf van der Spek). Closes: #289840 * Updated French debconf translation (thanks to Christian Perrier). Closes: #287955 -- Christian Hammers Thu, 13 Jan 2005 01:29:05 +0100 mysql-dfsg-4.1 (4.1.8a-4) unstable; urgency=low * Broken patch again :-( -- Christian Hammers Sun, 9 Jan 2005 23:47:55 +0100 mysql-dfsg-4.1 (4.1.8a-3) unstable; urgency=low * The mutex patch was a bit too x86 centric. This broke the alpha build. -- Christian Hammers Sun, 9 Jan 2005 14:18:49 +0100 mysql-dfsg-4.1 (4.1.8a-2) unstable; urgency=medium * Some Makefiles that were patched by me got overwritten by the GNU autotools, probably because I also patched ./configure. Fixed now, the critical mutex patch is now back in again. Closes: #286961 * Added patch to make MySQL compile on ARM (thanks to Adam Majer). Closes: #285071 -- Christian Hammers Thu, 6 Jan 2005 09:30:13 +0100 mysql-dfsg-4.1 (4.1.8a-1) unstable; urgency=medium * Upstream 4.1.8 had some problems in their GNU Autotools files so they released 4.1.8a. Debian's 4.1.8 was fixed by running autoreconf but this again overwrote MySQL changes to ltmain.sh which are supposed to fix some problems on uncommon architectures (maybe the FTBFS on alpha, arm, m68k and sparc?). * libmysqlclient_r.so.14 from 4.1.8-3 also missed a link dependency to libz which lead to unresolved symbols visible with "ldd -r" (thanks to Laurent Bonnaud). Closes: #287573 -- Christian Hammers Wed, 29 Dec 2004 14:26:33 +0100 mysql-dfsg-4.1 (4.1.8-3) unstable; urgency=low * Fixed checking for error messages by forcing english language output by adding LC_ALL=C to debian-start (thanks to Rene Konasz) Closes: #285709 * Fixed bashisms in Debian scripts. Closes: #286863 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #287003 * Improved 4.0 to 4.1 upgrade if /var/lib/mysql is a symlink (thanks to Thomas Lamy). Closes: #286560 * Added patch for FTBFS problem where no LinuxThreads can be found. I don't know if this still applies but it should not hurt. The patch is debian/patches/configure__AMD64-LinuxThreads-vs-NPTL.diff -- Christian Hammers Sun, 26 Dec 2004 14:04:20 +0100 mysql-dfsg-4.1 (4.1.8-2) unstable; urgency=low * If /var/lib/mysql is a symlink then it is kept as such. * Added the old-passwords option to the default my.cnf to stay compatible to clients that are still compiled to libmysqlclient10 and libmysqlclient12 for licence reasons. * Adjusted tetex build-deps to ease backporting (thanks to Norbert Tretkowski from backports.org). -- Christian Hammers Tue, 21 Dec 2004 01:00:27 +0100 mysql-dfsg-4.1 (4.1.8-1) unstable; urgency=medium * New upstream version. Closes: #286175 * Added conflict to libmysqlclient-dev (thanks to Adam Majer). Closes: #286538 * Added debconf-updatepo to debian/rules:clean. * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #285107 * Updated French Debconf translation (thanks to Christian Perrier). Closes: #285977 * Renamed cz.po to cs.po (thanks to Miroslav Kure). Closes: #285438 * Aplied patch for changed server notice to debian-start (thanks to Adam Majer). Closes: #286035 * Changed nice value in default my.cnf as nohup changed its behaviour (thanks to Dariush Pietrzak). Closes: #285446 * Increased verbosity of preinst script in cases where it cannot stop a running server (thanks to Jan Minar). Closes: #285982 * Splitted the code parts of /etc/mysql/debian-start to /usr/share/mysql/debian-start.inc.sh (thanks to Jan Minar). Closes: #285988 -- Christian Hammers Mon, 20 Dec 2004 00:33:21 +0100 mysql-dfsg-4.1 (4.1.7-4) unstable; urgency=medium * Removed OpenSSL support. After a short discussion with MySQL, I decided to drop OpenSSL support as 1. MySQL started shipping their binaries without it, too and do not seem to support it in favour of using a different library somewhen. 2. MySQL did not adjust their licence to grant permission to link against OpenSSL. 3. Even if they did, third parties who use libmysqlclient.so often do not realise licencing problems or even do not want OpenSSL. (thanks to Jordi Mallach and the responders to MySQL bug #6924) Closes: #283786 * debian/control: Improved depends and conflicts to mysql-4.0. -- Christian Hammers Thu, 2 Dec 2004 22:02:28 +0100 mysql-dfsg-4.1 (4.1.7-3) unstable; urgency=low * Raised version to make it higher as the one in experimental. -- Christian Hammers Wed, 1 Dec 2004 21:09:20 +0100 mysql-dfsg-4.1 (4.1.7-2) unstable; urgency=low * Patched scripts/mysql_install_db so that it no longer creates a passwordless test database during installation (thanks to Patrick Schnorbus). Closes: #281158 * Added Czech debconf translation (thanks to Miroslav Kure). Closes: #283222 -- Christian Hammers Wed, 1 Dec 2004 01:29:31 +0100 mysql-dfsg-4.1 (4.1.7-1) unstable; urgency=low * New upstream branch! * Adjusted debian/control to make this package suitable to get parallel to version 4.0.x into unstable and sarge. The package names are different so that "mysql-server" still defaults to the rock-stable 4.0 instead to this announced-to-be-stable 4.1. * Added --with-mutex=i86/gcc-assemler to the Berkeley-DB configure to prevent the use of NPLT threads when compiling under kernel 2.6 because the binaries are else not runable on kernel 2.4 hosts. Closes: #278638, #274598 -- Christian Hammers Sun, 31 Oct 2004 20:15:03 +0100 mysql-dfsg (4.1.6-1) experimental; urgency=low * New upstream version. * Fixed symlinks in libmysqlclient-dev package. Closes: #277028 * This time I did not update the libtool files as they were pretty up to date and I want to have a shorter diff file. -- Christian Hammers Wed, 20 Oct 2004 00:07:58 +0200 mysql-dfsg (4.1.5-3) experimental; urgency=low * debian/postinst: mysql_install_db changed parameter from --IN-RPM to --rpm which caused problems during installs. Closes: #276320 -- Christian Hammers Sat, 16 Oct 2004 20:36:46 +0200 mysql-dfsg (4.1.5-2) experimental; urgency=low * Activated support for ndb clustering (thanks to Kevin M. Rosenberg). Closes: #275109 -- Christian Hammers Wed, 6 Oct 2004 01:58:00 +0200 mysql-dfsg (4.1.5-1) experimental; urgency=low * WARNING: The upstream branch 4.1 is still considered BETA. The Debian packages for 4.1 were done without big testing. If you miss a new functionality or binary, contact me and I check add the relevant configure option or include the program. * New MAJOR upstream version. Thanks to the great demand here's now the first MySQL 4.1 experimental release. FEEDBACK IS WELCOME. * 4.0->4.1 notes: - debian/patches/alpha.diff could not be applied, I fix that later - debian/patches/scripts__mysql_install_db.sh.diff was obsolete - debian/patches/scripts__Makefile.in was neccessary due to a dependency to the removed non-free Docs/ directory. Upstream has been contacted. - Build-Deps: += automake1.7 - debian/rules: embedded servers examples did not compile, removed -- Christian Hammers Sun, 26 Sep 2004 19:46:47 +0200 mysql-dfsg (4.0.21-3) unstable; urgency=low * Upstream tried to fix a security bug in mysqlhotcopy and broke it :-) Applied a patch (see debian/patches) from Martin Pitt. Closes: #271632 * Between 4.0.20 and 4.0.21 the Debian specific changes in /usr/bin/mysqld_safe that piped the error log to syslog got lost and are now back again. * Fixed capitalization in debconf headings. * Changed wording of the initscript status message to make heartbeat happier. Closes: #271591 -- Christian Hammers Fri, 17 Sep 2004 18:42:25 +0200 mysql-dfsg (4.0.21-2) unstable; urgency=medium * The dependencies between mysql-client and libmysqlclient12 were too loose, when upgrading only the client this can lead to non working binaries due to relocation errors (thanks to Dominic Cleal). Closes: #271803 * Fixed typo in mysqldump.1 manpage (thanks to Nicolas Francois). Closes: #271334 -- Christian Hammers Wed, 15 Sep 2004 15:38:11 +0200 mysql-dfsg (4.0.21-1) unstable; urgency=high * SECURITY: This upstream version fixes some security problems that might at least allow a DoS attack on the server. * Fixed an old bug in concurrent accesses to `MERGE' tables (even one `MERGE' table and `MyISAM' tables), that could've resulted in a crash or hang of the server. (Bug #2408) * Fixed bug in privilege checking where, under some conditions, one was able to grant privileges on the database, he has no privileges on. (Bug #3933) * Fixed crash in `MATCH ... AGAINST()' on a phrase search operator with a missing closing double quote. (Bug #3870) * Fixed potential memory overrun in `mysql_real_connect()' (which required a compromised DNS server and certain operating systems). (Bug #4017) * New upstream version. * Fixes bug that made x="foo" in WHERE sometimes the same as x="foo ". Closes: #211618 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #271097 -- Christian Hammers Sat, 11 Sep 2004 23:15:44 +0200 mysql-dfsg (4.0.20-14) unstable; urgency=low * Dave Rolsky spottet that -DBIG_JOINS was not properly enabled. It allowes joining 64 instead of an 32 tables to join. -- Christian Hammers Thu, 9 Sep 2004 20:24:02 +0200 mysql-dfsg (4.0.20-13) unstable; urgency=medium * Fixed a bug in the initscript which caused the check for not properly closed i.e. corrupt tables that is executed when the server starts not to run in background as supposed. Although the check does not repair anything on servers with several thousand tables the script was reported to take some minutes which is quite annoying. (Thanks to Jakob Goldbach). Closes: #270800 -- Christian Hammers Thu, 9 Sep 2004 17:11:05 +0200 mysql-dfsg (4.0.20-12) unstable; urgency=medium * Filter messages regarding table handles that do not support CHECK TABLE in the script that checks for corrupted tables on every start which lead to unnecessary mails (thanks to David Everly). Closes: #269811 * Added a note to the corrupt-table-check mail which notes that a false-positive is reported in the case that immediately after starting the server a client starts using a table (thanks to Uwe Kappe). Closes: #269985 * Added "quote-names" as default to the [mysqldump] section in /etc/mysql/my.cnf as too many users stumble over dump files that could not be read in again due to the valid use of reserved words as table names. This has also be done by upstream in 4.1.1 and has no known drawbacks. Closes: #269865 * Binary logs can now be rotated as well. Defaults to off, though, for compatibilty reasons (thanks to Mark Ferlatte). Closes: #94230, #269110 * The mysql user "debian-sys-maint" now gets all possible rights which makes binary logging possible and helps other package maintainer who wants to use it to create package specific databases and users. * Added example how to change daemon nice level via /etc/mysql/my.cnf * Updated French debconf translations (thanks to Christian Perrier). Closes: #265811 * Renamed options in the default config file that still had old names (thanks to Yves Kreis). Closes: #266445 * Fixed spelling in debconf note. * Added -l and -L to dh_shlibdeps. -- Christian Hammers Fri, 3 Sep 2004 20:10:46 +0200 mysql-dfsg (4.0.20-11) unstable; urgency=high * SECURITY This version fixes a security flaw in mysqlhotcopy which created temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. The issue has been recorded as CAN-2004-0457. -- Christian Hammers Sat, 14 Aug 2004 18:27:19 +0200 mysql-dfsg (4.0.20-10) unstable; urgency=low * MySQL finally updated their copyright page and installed v1.5 of the "Free/Libre and Open Source Software License (FLOSS) - Exception" which will hopefully end the license hell they created by putting the client libraries under GPL instead of LGPL which conflicts with PHP and other software that used to link against MySQL. The license text is not yet in any release MySQL version but visible on their web site and copied into the debian/copyright file. Special thanks to Zak Greant and the debian-legal list for helping to solve this release critical problem. Closes: #242449 * Updated Brazil debconf translation (thanks to Andre Luis Lopes). Closes: #264233 * Updated Japanese debconf translation (thanks to Hideki Yamane). Closes: #264620 * Fixed minor typo in debconf description (thanks to TROJETTE Mohammed Adnene). Closes: #264840 * Improved init and preinst script which now detects stalled servers which do no longer communicate but are present in the process list (thanks to Henrik Johansson). Closes: #263215 -- Christian Hammers Mon, 9 Aug 2004 19:44:28 +0200 mysql-dfsg (4.0.20-9) unstable; urgency=medium * Partly reverted the last patch which gave the mysql-user "debian-sys-maint" more rights as there are old versions of MySQL which have fewer privlige columns. Now only those are set (thanks to Alan Tam). Closes: #263111 -- Christian Hammers Tue, 3 Aug 2004 13:03:02 +0200 mysql-dfsg (4.0.20-8) unstable; urgency=low * Upload stalled. Not released. -- Christian Hammers Sun, 1 Aug 2004 20:27:55 +0200 mysql-dfsg (4.0.20-7) unstable; urgency=medium * Solved the upstream bug that error messages of the server are written in a file that is then rotated away leaving mysqld logging effectively to /dev/null. It now logs to a /usr/bin/logger process which puts the messages into the syslog. Modified files: /etc/init.d/mysql, /usr/bin/mysqld_safe and the logchecker files. Closes: #254070 * The initscript does no longer call mysqlcheck directly but via /etc/mysql/debian-start which is a user customizable config script. * Splitted the debconf "install and update notes" and only show them when it is appropriate (thanks to Steve Langasek). Closes: #240515 * Added NEWS.Debian. * Added hint to -DBIG_ROWS, which is currently not used, to README.Debian. * Corrected typo in myisampack manpage (thanks to Marc Lehmann). Closes: #207090 * Added Catalan debconf translation (thanks to Aleix Badia i Bosch). Closes: #236651 -- Christian Hammers Wed, 28 Jul 2004 01:41:51 +0200 mysql-dfsg (4.0.20-6) unstable; urgency=low * The build arch detected by configure was "pc-linux-gnu (i686)" instead of "pc-linux-gnu (i386)". Was no problem AFAIK but Adam Majer asked me to explicitly change it to i386. Closes: #261382 * Removed some unused shell scripts from /usr/share/mysql. * Added lintian overrides. * Removed rpath by using chrpath. -- Christian Hammers Mon, 26 Jul 2004 00:17:12 +0200 mysql-dfsg (4.0.20-5) unstable; urgency=medium * The mysqlcheck in the init script is only called when the server is really alive. Also, the mysql-user 'debian-sys-maint' now has global select rights (thanks to Nathan Poznick). Closes: #261130 * Moved the debconf question whether to remove the databases or not from mysql-server.config to mysql-server.postrm so that it shows up on purge time and not months earlier (thanks to Wouter Verhelst). Closes: #251838 -- Christian Hammers Fri, 23 Jul 2004 22:41:13 +0200 mysql-dfsg (4.0.20-4) unstable; urgency=low * Added a "mysqlcheck -A --fast" to the 'start' section of the init script to help admins detect corrupt tables after a server crash. Currently it exists with an error message but leaves the server running. Feedback appreciated! * Made postinst script more robust by calling db_stop earlier and so prevent pipe-deadlocks. * Fixed minor typos in initscript (thanks to "C.Y.M."). Closes: 259518 * Added the undocumented "-DBIG_JOINS" that MySQL apparently uses in their MAX binaries. It enables 62 instead of 30 tables in a "join". (thanks to Dave Rolsky). Closes: #260843 * Added a "df --portability /var/lib/mysql/." check to the preinst script as users experienced hard to kill hanging mysqlds in such a situation (thanks to Vaidas Pilkauskas). Closes: #260306 -- Christian Hammers Fri, 23 Jul 2004 00:51:32 +0200 mysql-dfsg (4.0.20-3) unstable; urgency=low * Improved tolerance if the init script has been deleted (thanks to Leonid Shulov for spotting the problem). * Minor wording changes to README.Debian generalizing /root/ by $HOME (thanks to Santiago Vila). Closes: #257725 * Added Japanese debconf translation (thanks to Hideki Yamane). Closes: #256485 * Fixed commend in my.cnf regarding logfile directory (thanks to Jayen Ashar). Closes: #253434 * Correted "ease to" by "ease of" in package description (thanks to Johannes Berg). Closes: #253510 -- Christian Hammers Fri, 9 Jul 2004 00:57:42 +0200 mysql-dfsg (4.0.20-2) unstable; urgency=low * Removed RPM .spec file from the included documentation as it is pretty useless (thanks to Loic Minier). * Added turkish debconf translation (thanks to Recai Oktas). Closes: #252802 -- Christian Hammers Sun, 6 Jun 2004 14:48:26 +0200 mysql-dfsg (4.0.20-1) unstable; urgency=low * New upstream version. -- Christian Hammers Mon, 31 May 2004 23:36:39 +0200 mysql-dfsg (4.0.18-8) unstable; urgency=low * Updated french translation (thanks to Christian Perrier). Closes: #246789 -- Christian Hammers Tue, 4 May 2004 23:26:54 +0200 mysql-dfsg (4.0.18-7) unstable; urgency=low * Added CVE ids for the recent security fixes. 4.0.18-4 is CAN-2004-0381 (mysqlbug) and 4.0.18-6 is CAN-2004-0388 (mysql_multi) -- Christian Hammers Mon, 19 Apr 2004 18:32:03 +0200 mysql-dfsg (4.0.18-6) unstable; urgency=medium * SECURITY: Fixed minor tempfile-run security problem in mysqld_multi. Unprivileged users could create symlinks to files which were then unknowingly overwritten by run when this script gets executed. Upstream informed. Thanks to Martin Schulze for finding this. -- Christian Hammers Wed, 7 Apr 2004 01:28:22 +0200 mysql-dfsg (4.0.18-5) unstable; urgency=low * Little improvements in debian scripts for last upload. * Added check to logrotate script for the case that a mysql server is running but not be accessible with the username and password from /etc/mysql/debian.conf (thanks to Jeffrey W. Baker). Closes: 239421 -- Christian Hammers Sun, 4 Apr 2004 15:27:40 +0200 mysql-dfsg (4.0.18-4) unstable; urgency=medium * SECURITY: Aplied fix for unprobable tempfile-symlink security problem in mysqlbug reported by Shaun Colley on bugtraq on 2004-03-24. * Updated french debconf translation (thanks to Christian Perrier). Closes: #236878 * Updated portugesian debconf translation (thanks to Nuno Senica). Closes: #239168 * Updated german debconf translation (thanks to Alwin Meschede). Closes: #241749 * Improved debconf template regarding fix_privileges_tables (thanks to Matt Zimmermann for suggestions). Closes: #219400 * Improved README.Debian regarding to password settings (thanks to Yann Dirson). Closes: #241328 -- Christian Hammers Sat, 3 Apr 2004 19:52:15 +0200 mysql-dfsg (4.0.18-3) unstable; urgency=medium * Added Build-Depend to po-debconf to let it build everywhere. -- Christian Hammers Wed, 31 Mar 2004 23:43:33 +0200 mysql-dfsg (4.0.18-2) unstable; urgency=low * Added a "2>/dev/null" to a "which" command as there are two "which" versions in Debian of which one needs it. Closes: #235363 -- Christian Hammers Tue, 2 Mar 2004 23:31:28 +0100 mysql-dfsg (4.0.18-1) unstable; urgency=low * New upstream version. * Should now compile and run on ia64 (thanks to Thorsten Werner and David Mosberger-Tang). Closes: #226863 #228834 * Converted init scripts to invoce-rc.d (thanks to Erich Schubert). Closes: 232118 * Secondlast upload changed logfile location. Closes: #182655 * Updated Brasilian translation (thanks to Andre Luis Lopes). Closes: #219847 -- Christian Hammers Tue, 17 Feb 2004 23:44:58 +0100 mysql-dfsg (4.0.17-2) unstable; urgency=low * Improved manpage for mysqldumpslow.1 (thanks to Anthony DeRobertis). Closes: #231039 * Improved stopping of crashed daemons in init script (thanks to Matthias Urlichs). Closes: #230327 -- Christian Hammers Mon, 9 Feb 2004 21:54:29 +0100 mysql-dfsg (4.0.17-1) unstable; urgency=low * Made logging into /var/log/mysql/ the default. Closes: #225206 * New upstream version. Closes: #225028 * Turned on a 25MB query cache by default (thanks to Cyril Bouthors). Closes: #226789 * Updated russian translation (thanks to Ilgiz Kalmetev). Closes: #219263 * Upstream fixes the problem that AND was not commutative (thanks for Iain D Broadfoot for mentioning). Closes: #227927 * Fixed minor typo in my.cnf comments (thanks to James Renken). Closes: #221496 * Better documents regex. Closes: #214952 * Fixed minor germanism in debconf template (thanks to Marc Haber). Closes: #224148 * Added explaining comment to my.cnf regarding quoted passwords (Thanks to Patrick von der Hagen). Closes: #224906 * Changed "find -exec" to "find -print0 | xargs -0" in preinst to speed it up. Thanks to Cyril Bouthors. Closes: #220229 -- Christian Hammers Sun, 18 Jan 2004 16:16:25 +0100 mysql-dfsg (4.0.16-2) unstable; urgency=low * Tried to repair undefined weak symbols by adding a little Makefile patch. Closes: #215973 -- Christian Hammers Mon, 27 Oct 2003 22:52:10 +0100 mysql-dfsg (4.0.16-1) unstable; urgency=low * New upstream release. (Mostly little memory problems and other bugfixes it seems) * Replaced "." by ":" in chown calls to comply with the env setting "_POSIX2_VERSION=2000112" (thanks to Robert Luberda). Closes: #217399 * Adjusted syntax in my.cnf to 4.x standard (thanks to Guillaume Plessis). Closes: #217273 * Improved README.Debian password instructions (thanks to Levi Waldron). Closes: #215046 * Improved NIS warning debconf-template (thanks to Jeff Breidenbach). Closes: #215791 * Explicitly added libssl-dev to the libmysqlclient-dev package as it is needed for mysql_config and the libmysqlclient package only depends on libssl which has no unnumbered .so version (thanks to Simon Peter and Davor Ocelic). Closes: #214436, #216162 * Added "-lwrap" to "mysql_config --libmysqld-libs" and filed it as upstream bug #1650 (thanks to Noah Levitt). Closes: #214636 -- Christian Hammers Sat, 25 Oct 2003 01:09:27 +0200 mysql-dfsg (4.0.15a-1) unstable; urgency=low * Same package as 4.0.15-2 but I could not convince the Debian installer to move the packages out of incoming. -- Christian Hammers Tue, 7 Oct 2003 15:10:26 +0200 mysql-dfsg (4.0.15-2) unstable; urgency=low * Updated package description (thanks to Adrian Bunk). Closes: #210988 * Fixed small typos in manpages (thanks to Nicolas Francois). Closes: #211983 * More updates to package description (thanks to Matthias Lutz/ddtp). Closes: #213456 * Updated standards to 3.6.1. * Closes "new 4.0.15 available" bug. Closes: #213349 * Updated README.Debian with notes regarding the MySQL manual section "2.4 Post-installation Setup and Testing" (thanks to Daniel B.). Closes: #210841 -- Christian Hammers Fri, 3 Oct 2003 15:59:39 +0200 mysql-dfsg (4.0.15-1) unstable; urgency=high * SECURITY: Users who are able to use the "ALTER TABLE" command on the "mysql" database may be able to exploit this vulnerability to gain a shell with the privileges of the mysql server (usually running as the 'mysql' user). Closes: #210403 * Fixes small description typos (thanks to Oscar Jarkvik). * Updated Brazilian Portuguese debconf translation. (thanks to Andre Luis Lopes). Closes: 208030 * Replaced depricated '.' by ':' in chown (thanks to Matt Zimmerman). * Fixed manpage typo (thanks to Marc Lehmann). Closes: #207090 -- Christian Hammers Fri, 3 Oct 2003 15:59:35 +0200 mysql-dfsg (4.0.14-1) unstable; urgency=low * New upstream version. -- Christian Hammers Sun, 24 Aug 2003 16:40:36 +0200 mysql-dfsg (4.0.13-3) unstable; urgency=low * Now start mysqld as default unless you choose not when configurig with debconf priority low. So packages depending on the server when installing can access it. Thanks Matt Zimmermann (Closes: #200277) * Made mysql-server de-installable if the config and database files were removed by hand before. Thanks to Ard van Breemen (Closes: #200304) -- Christian Hammers Tue, 8 Jul 2003 22:30:40 +0200 mysql-dfsg (4.0.13-2) unstable; urgency=low * Added "nice" option for mysqld_safe to give mysqld a different priority. Submitted to upstream as MySQL Bug #627. Closes: #192087 * Fixed possible unbound variable in init script. Closes: #194621 * Fixed french debconf translation (thx Christian Perrier) Closes: #194739 * Get rid of automake1.5 (for Eric Dorland). -- Christian Hammers Wed, 11 Jun 2003 18:58:32 +0200 mysql-dfsg (4.0.13-1) unstable; urgency=medium * New upstream version. !!! Fixes a very bad natural join bug which justifies the urgency=medium. !!! http://bugs.mysql.com/bug.php?id=291 * Fixed mysql_fix_privileges manpage (Frederic Briere) Closes: #191776 * preinst: "which" is more chatty normal executable than as builtin. (Thanks to David B Harris). Closes: #188659 -- Christian Hammers Tue, 6 May 2003 22:03:45 +0200 mysql-dfsg (4.0.12-3) unstable; urgency=medium * Reincluded new way of creating my debian-sys-maint user from an old release from experimental. Now works again with old and new privilege table format. (Thanks to Vincent Danjean for spotting the problem) Closes: #188201 * Reincluded hurd build dependency fix from 3.23 branch. (Thanks to Robert Millan). Closes: #185929 * Fixed soname in libmysqlclient-dev. Closes: #188160 * Remove /var/log/mysql/ when purging the package. Closes: #188064 * Removed /usr/share/doc/mysql/ from mysql-server. Closes: #188066 * Let group "adm" be able to read logfiles. Closes: #188067 * Do not call usermod on every upgrade. Closes: #188248 (Thanks to Philippe Troin for the last three) * Fixed mysql-server.preinst so that it works on shells where which is a builtin, too. (Thanks to Erich Schubert) Closes: #181525 -- Christian Hammers Fri, 11 Apr 2003 11:32:45 +0200 mysql-dfsg (4.0.12-2) unstable; urgency=low * * NEW MAJOR UPSTREAM RELEASE: * MySQL 4 has finally been declared as 'stable'. Hurray! Read changelogs. Thanks to all testers, esp. Jose Luis Tallon, of the versions that were in the "experimental" section before. * Modified postinst script to run mysql_fix_privileges on every update. IMPORTANT: Please report if this breaks anything, it is not supposed to. * Wrote a SSL-MINI-HOWTO.txt! * Added zlib1g-dev to libmysqlclient12-dev. Closes: 186656 * Changed section of libmysqlclient12-dev to libdevel. * Added even more selfwritten manpages. * Fixed typos. -- Christian Hammers Sun, 6 Apr 2003 13:47:32 +0200 mysql-dfsg (4.0.10.gamma-1) experimental; urgency=low * New upstream version. * They merged some of my patches from debian/patches. Whoa! * This release should fix the error-logfile problem where mysqld keeps the error.log open while logrotate removes it. -- Christian Hammers Wed, 12 Feb 2003 22:39:48 +0100 mysql-dfsg (4.0.9.gamma-1) experimental; urgency=low * New upstream version. * Updated the GNU autoconf files to make building on MIPS work. See bug #176829. -- Christian Hammers Wed, 29 Jan 2003 22:07:44 +0100 mysql-dfsg (4.0.8.gamma-1) experimental; urgency=low * New upstream release. * Improved logging of init script. Closes: #174790 * We have now libmysqlclient.so.12 instead of .11. -- Christian Hammers Thu, 9 Jan 2003 20:14:11 +0100 mysql-dfsg (4.0.7.gamma-1) experimental; urgency=high * SECURITY: This version fixes an upstream security release that is only present in the 4.x branch which is currently only in the experimental distribution and therefore will not get a DSA. * New upstream release. -- Christian Hammers Sat, 28 Dec 2002 15:51:39 +0100 mysql-dfsg (4.0.6.gamma-2) experimental; urgency=low * Added --system to addgroup. Closes: #173866 -- Christian Hammers Sat, 21 Dec 2002 15:28:26 +0100 mysql-dfsg (4.0.6.gamma-1) experimental; urgency=low * New upstream version. Now Gamma! * There are no longer changes to the .orig.tar.gz neccessary to make diff happy. docs/ has still to be deleted, although, as it is non-free. * Incorporated patches from unstable. * Added mysqlmanager and a couple of other new scripts. * Enabled libmysqld embedded server library. * Enabled SSL and Virtual-IO support. (CORBA based MySQL-FS seems to be not existing..) -- Christian Hammers Fri, 20 Dec 2002 22:30:51 +0100 mysql-dfsg (4.0.5a.beta-3) experimental; urgency=low * Modified postinst to work with old and new mysql.user table format and fixed spelling typo in postinst. Thanks to Roger Aich. * Updated config.{guess,sub} to make the mipsel porters happy. Thanks to Ryan Murray. Closes: #173553 -- Christian Hammers Wed, 18 Dec 2002 15:56:34 +0100 mysql-dfsg (4.0.5a.beta-2) experimental; urgency=low * Upstream removed option "--skip-gemini". So did I. Closes: 173142 -- Christian Hammers Tue, 17 Dec 2002 10:35:49 +0100 mysql-dfsg (4.0.5a.beta-1) experimental; urgency=low * First 4.x experimental package due to continuous user requests :-) Please test and report! * upstream: safe_mysqld has been renamed to mysqld_safe * upstream: new library soname version libmysqlclient.so.11 * Renamed libmysqlclientXX-dev to libmysqlclient-dev as I don't plan to support more than one development environment and this makes the dependencies easier. * FIXME: Skipped parts of the debian/patches/alpha patch as the global.h is not existing. * FIXME: How to get rid this? Old ltconfig patch already applied. "lintian: binary-or-shlib-defines-rpath ./usr/bin/mysql /usr/lib/mysql" -- Christian Hammers Sun, 1 Dec 2002 18:32:32 +0100 mysql-dfsg (3.23.53-4) unstable; urgency=medium * Fixed errno.h problem. Closes: #168533, #168535 -- Christian Hammers Sun, 10 Nov 2002 18:32:08 +0100 mysql-dfsg (3.23.53-3) unstable; urgency=medium * Changed automake build-dep to unversioned automake1.4. Closes: #166391 * Fixed description. Closes: #167270 (Thanks to Soren Boll Overgaard) -- Christian Hammers Tue, 5 Nov 2002 01:25:01 +0100 mysql-dfsg (3.23.53-2) unstable; urgency=low * Reverted user creation in init scripts. Closes: #166432 (Thanks to Birzan George Cristian) -- Christian Hammers Thu, 31 Oct 2002 15:36:25 +0100 mysql-dfsg (3.23.53-1) unstable; urgency=low * New upstream release. -- Christian Hammers Thu, 24 Oct 2002 23:04:16 +0200 mysql-dfsg (3.23.52-3) unstable; urgency=low * Substituted the first-install 'debian-sys-maint' user creation by something ANSI SQL compliant. Closes: #163497 (Thanks to Karl Hammar) * Tightend dependency to debhelper (>= 4.0.12) to be sure that debconf-utils gets installed, too, as I use dh_installdebconf. * Fixed upstream manpage bug in mysqldump.1. Closes: #159779 (Thanks to Colin Watson) * Added comment about MIN_WORD_LEN to mysql-server.README.Debian (Thanks to Philipp Dreimann) * Added a dependency for zlib1g-dev to libmysqlclient10-dev. (Thanks to Jordi Mallach) -- Christian Hammers Sun, 15 Sep 2002 17:14:44 +0200 mysql-dfsg (3.23.52-2) unstable; urgency=low * Fixed typo in preinst scripts. * Removed bashism in init script. * Fixed ambiguous debconf example. Closes: #158884 -- Christian Hammers Fri, 30 Aug 2002 00:51:29 +0200 mysql-dfsg (3.23.52-1) unstable; urgency=low * New upstream version. Closes: #157731 * Clearified the meaning of the debian-sys-maint special user in the README.Debian file. Closes: #153702 * Wrote some words regarding the skip-networking in README.Debian. Closes: #157038 * Added dependency to passwd. * Fixes typo and unnecessarily complication in is_mysql_alive(). * Added check for /etc/mysql/my.cnf in init script. -- Christian Hammers Tue, 27 Aug 2002 01:53:32 +0200 mysql-dfsg (3.23.51-4) unstable; urgency=low * Added a compressed "nm mysqld" output to allow people to trace core dumps with /usr/bin/resolve_stack_dump as suggested in the INSTALL-SOURCE file. Thanks to atudor@labs.agilent.com for the hint. -- Christian Hammers Wed, 24 Jul 2002 20:44:55 +0200 mysql-dfsg (3.23.51-3) unstable; urgency=low * Corrected copyright file: the MySQL client library is licenced under the LGPL-2 not the GPL. From version 4.x it actually will be GPL this is why parts of http://www.mysql.com/ already say so. Closes: #153591 * Corrected german translation. Thanks to Roland Rosenfeld . Closes: #151903 -- Christian Hammers Thu, 11 Jul 2002 20:32:28 +0200 mysql-dfsg (3.23.51-2) unstable; urgency=low * Improved NIS tolerance in preinst script. -- Christian Hammers Sun, 7 Jul 2002 04:43:28 +0200 mysql-dfsg (3.23.51-1) unstable; urgency=medium * New upstream version. * I applied a patch that fixes a binary imcompatibility in the shared libary libmysqlclient.so.10 between 3.23.50 and some versions earlier. Upstream has been contacted and asked for clarification. Closes: #149952 * Added support for NIS i.e. it shows a warning and fails if the needed 'mysql' user does not exists but works if it does. Closes: #143282, #147869 * Substituted $0 in init scripts by something really weird so that "./S20mysql restart" works now, too. (BTW: S20? install file-rc!!!) Closes: #148658 * Now postinst works even if /etc/init.d/mysql is removed. Closes: #151021 * Decided to leave "set +x" in postinst but wrote comment. Closes: #151022 -- Christian Hammers Sun, 7 Jul 2002 04:43:25 +0200 mysql-dfsg (3.23.50-1) unstable; urgency=medium * New upstream version. Fixes a very annoying and important bug that lets all mysql programs including perl scripts etc. segfault when using the read_default_group() function. 3.23.50 is currently a pre-release and expected to be released next week. I plan to propose it for woody as soon as its stability has been proven. The following bug reports are all regarding this issue. Closes: #144960, #145322, #136798, #138143, -- Christian Hammers Sat, 18 May 2002 21:14:01 +0200 mysql-dfsg (3.23.49x-1) unstable; urgency=low * I had to split the package to seperate the manual as it is not GPL like the rest of the software and docs but under a license that e.g. forbids selling printed versions. . The upstream authors were contacted a while ago but did not like to change the situation. . The names of the resulting packages have not changed as the manual already was in a seperate mysql-doc package due to it's size. The source packages are now splitted from one "mysql" to "mysql-dfsg" in main and "mysql-nonfree" in non-free. * No code change! The "x" at the end of the version number ist just to be able to upload a new source package. ("a" was already taken by upstream for their binary upload correction) -- Christian Hammers Wed, 8 May 2002 02:01:41 +0200 mysql (3.23.49-8) unstable; urgency=low * Substituted $0 in init script to let e.g. "/etc# ./init.d/mysql restart" works, too. Closes: #141555 -- Christian Hammers Sun, 7 Apr 2002 15:00:44 +0200 mysql (3.23.49-7) unstable; urgency=low * The Makefiles are totally broken for the --enable-local-infile option. I now patched libmysql/libmysql.c#mysql_init() manually. Closes: #138347 -- Christian Hammers Fri, 29 Mar 2002 23:55:15 +0100 mysql (3.23.49-6) unstable; urgency=low * Moved mysqlcheck from server to client package. Closes: #139799 * Added manpage for mysqlhotcopy. Regarding: #87097 * Added 'sharedscripts' directive to the logrotate script. * Replaced grep by /usr/bin/getent to let the group/user checking work on NIS/LDAP systems, too. Closes: #115677, #101529 -- Christian Hammers Fri, 22 Mar 2002 22:40:51 +0100 mysql (3.23.49-5) unstable; urgency=low * Added skip-innodb to default my.cnf. * Enabled --enable-local-infile, it seems to be a new option that defaults to disable a formerly enabled feaure. Closes: #137115 -- Christian Hammers Sat, 16 Mar 2002 00:29:10 +0100 mysql (3.23.49-4) unstable; urgency=medium * Recompiled against fixed libz. * Enabled --enable-local-infile, it seems to be a new option that defaults to disable a formerly enabled feaure. Closes: #137115 * Fixed README.compile_on_potato. Closes: #136529 * Now a ext3 .jounal file in /var/lib/mysql does not prevent the installation (happens when creating a jounal on an already mounted partition). Closes: #137146 -- Christian Hammers Wed, 13 Mar 2002 13:34:24 +0100 mysql (3.23.49-3) unstable; urgency=low * Added Russian translation. Closes: #135846 * Fixed installation of .info documents. Closes: #135030 -- Christian Hammers Wed, 27 Feb 2002 23:36:35 +0100 mysql (3.23.49-2) unstable; urgency=low * Updated french translation and split template files. Closes: #134754 * Fixed a small debian.cnf related bug in mysql-server.postinst. -- Christian Hammers Tue, 19 Feb 2002 23:13:58 +0100 mysql (3.23.49-1) unstable; urgency=low * New upstream release. (Mainly InnoDB related fixes) * Exported a $HOME variable in the scripts so that /root/.my.cnf is not read anymore. This will avoid problems when admins put only passwords but no usernames in this file. Closes: #132048 * New debian-sys-maint password algorithm (now ~96bit :-)) Closes: #133863 * Recreating debian-sys-main pwd on every install to help people who accidently delete user or password files... * Added /var/log/mysql so that user can put the binary logs in there as mysql cannot write the .001 etc files itself in /var/log which is owned by root. -- Christian Hammers Thu, 14 Feb 2002 22:17:45 +0100 mysql (3.23.47-6) unstable; urgency=low * Dropped a sentence about the new debian-sys-maint user in the debconf note and updated the README.Debian. Related: #132048 * Added more french translation. Closes: #132390 -- Christian Hammers Wed, 6 Feb 2002 09:41:29 +0100 mysql (3.23.47-5) unstable; urgency=low * Fixed grammar error in template. Closes: #132238 * Really fixed typo in logrotate script. Closes: #131711 -- Christian Hammers Tue, 5 Feb 2002 14:20:08 +0100 mysql (3.23.47-4) unstable; urgency=medium * Fixes typo in postinst that let init script fail. Closes: #131743 * Fixed bashism bug that failed on ash. Closes: #131697 * Fixed typo in logrotate script. Closes: #131711 -- Christian Hammers Thu, 31 Jan 2002 23:58:46 +0100 mysql (3.23.47-3) unstable; urgency=low * Added new Debian specific mysql user called 'debian-sys-maint' which is used for pinging the server status, flushing the logs or shutting down the server in maintenance scripts. The credentials of this user are stored in the UID0-only readable file /etc/mysql/debian.cnf. Closes: #129887, #130326, #99274 * Fixed unintended server startup at boottime. Closes: #122676, #130105 * New upstream fixes command line parsing bug: Closes: #128473 * Fixed manpage headers to let apropos work: Closes: #119122 * Added "status" options for /etc/init.d/mysql. Closes: #129020 -- Christian Hammers Sun, 27 Jan 2002 19:46:11 +0100 mysql (3.23.47-2) unstable; urgency=low * Enhanced init scripts by using mysqladmin instead of kill $pid. Thanks to Aaron Brick. -- Christian Hammers Fri, 18 Jan 2002 01:42:23 +0100 mysql (3.23.47-1) unstable; urgency=low * New upstream release. * Updated brazilian translation of debconf descriptions. Closes: #123332 -- Christian Hammers Sun, 6 Jan 2002 21:11:17 +0100 mysql (3.23.46-3) unstable; urgency=low * Fixed bug in postinst where a script was accidently called with "bash -c