mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.11) dapper-security; urgency=low * SECURITY UPDATE: denial of service via an empty bit-string literal (b'') - debian/patches/106_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string:: Item_bin_string() in sql/item.cc to parse an empty bit-string literal as an empty string. - CVE-2008-3963 * SECURITY UPDATE: privilege circumvention via the creation of MyISAM tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the data directory. This update is a complete fix for the three CVE numbers listed below. This fix alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. (LP: #254129) - debian/patches/107_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. - CVE-2008-2079 - CVE-2008-4097 - CVE-2008-4098 -- Marc Deslauriers Mon, 10 Nov 2008 13:42:30 -0500 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.10) dapper-proposed; urgency=low * RELIABILITY UPDATE: fix for upstream bug #20908 * debian/patches/105_upstream_20908.dpatch: fix MYSQLlex() in sql_lex.cc to ABORT_SYM on zero-length variable names * References LP: #217772 http://bugs.mysql.com/bug.php?id=20908 -- Jamie Strandboge Tue, 15 Apr 2008 16:28:38 -0400 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.9) dapper-security; urgency=low * Fix for upstream bug #20482: Creation of a view as a join of views or tables could fail if the views or tables are in different databases. This bug was introduced in the update for CVE-2007-2692, which had more restrictive privilege checks. (LP: #209699) -- Jamie Strandboge Tue, 01 Apr 2008 13:03:24 -0400 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.8) dapper-security; urgency=low * no change build for -security upload -- Jamie Strandboge Wed, 19 Mar 2008 15:15:01 -0400 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.7) dapper-proposed; urgency=low * SECURITY UPDATE: buffer overflow via ProcessOldClientHello() in handshake.cpp and input_buffer& operator>> in yassl_imp.cpp * SECURITY UPDATE: buffer overread in HASHwithTransform::Update in hash.cpp * debian/patches/99_SECURITY_CVE-2008-0226_0227.dpatch: properly verify length of input (LP: #186978). Note that while this patch is included, mysql on Ubuntu 6.06 is not compiled with yassl enabled. * SECURITY UPDATE: privilege escalation via crafted CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements * debian/patches/100_SECURITY_CVE-2007-6303.dpatch: make sure lex->definer is non-NULL in sql_view.cc (LP: #185039). This patch also fixes upstream bug #21080, which was needed to keep VIEW definitions in sync. * SECURITY UPDATE: denial of service via crafted EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table * debian/patches/101_SECURITY_CVE-2006-7232.dpatch: make sure thd->lex-describe is non-NULL in sql_select.cc (LP: #161127) * debian/patches/102_view_fix-now.dpatch: update view.test and view.result to use a static year instead of now(). These tests are not part of the build but helps with qa-regression-testing * SECURITY UPDATE: privilege escalation via SQL SECURITY INVOKER stored routines * debian/patches/103_SECURITY_CVE-2007-2692.dpatch: restore THD::db_access when returning from stored routine by performing privilege checks in the execution stage rather than the parsing stage. This patch also fixes upstream bug #18681, which was needed to properly check view security. * References CVE-2008-0226 CVE-2008-0227 CVE-2007-6303 CVE-2006-7232 CVE-2007-2692 http://bugs.mysql.com/bug.php?id=27337 http://bugs.mysql.com/bug.php?id=18681 http://bugs.mysql.com/bug.php?id=21080 -- Jamie Strandboge Thu, 06 Mar 2008 07:53:05 -0500 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.6) dapper-security; urgency=low * SECURITY UPDATE: denial of service via crafted CONTAINS operation when using InnoDB * debian/patches/98_SECURITY_CVE-2007-5925.dpatch: make sure innodb returns error on unsupported operations (db0err.h, page0cur.h, ha_innodb.cc). Also updated mysqld_error.h, mysqld_ername.h and errmsg.txt for the new returned error * SECURITY UPDATE: privilege escalation using symlinks when using DATA DIRECTORY and INDEX DIRECTORY options via a RENAME TABLE statement * debian/patches/98_SECURITY_CVE-2007-5969.dpatch: fix for my_symlink2.c to properly check symlinks when performing a rename operation * SECURITY UPDATE: denial of service via SHOW TABLE STATUS query in federated engine * debian/patches/98_SECURITY_CVE-2007-6304.dpatch: fix for ha_federated.cc to to return error if the response doesn't have enough columns * SECURITY UPDATE: information disclosure when using CREATE TABLE LIKE statements * debian/patches/98_SECURITY_CVE-2007-3781.dpatch: fix to enforce access privileges (sql_parse.cc, handler.h, sql_yacc.yy) * debian/control: Build-Depends on bison * References CVE-2007-5925 CVE-2007-5969 CVE-2007-6304 CVE-2007-3781 LP #172260 -- Jamie Strandboge Wed, 19 Dec 2007 12:52:42 -0500 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.5) dapper-security; urgency=low * SECURITY UPDATE: denial of service via crafted IF clause * debian/patches/SECURITY_CVE-2007-2583.dpatch: fix sql/item_cmpfunc.cc to verify res is not NULL * SECURITY UPDATE: privilege escalation * debian/patches/SECURITY_CVE-2007-2691.dpatch: fix sql/sql_parse.cc to make sure DROP privileges are required when using RENAME TABLE statements * SECURITY UPDATE: denial of service via crafted authentication request * debian/patches/SECURITY_CVE-2007-3780.dpatch: fix sql/sql_parse.cc to not overflow a signed char * SECURITY UPDATE: privilege escalation via views * debian/patches/SECURITY_CVE-2007-3782.dpatch: fix sql/sql_prepare.cc and sql/sql_update.cc to properly verify access privileges to external tables * SECURITY UPDATE: warn on startup if root mysql account has a blank password. debian/mysql-server-5.0.mysql.init: supply 'reset-password' and check for blank password. Based on work by Soren Hansen. * References CVE-2007-2583 CVE-2007-2691 CVE-2007-3780 CVE-2007-3782 Launchpad #119075 -- Jamie Strandboge Tue, 2 Oct 2007 14:46:02 -0400 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.3) dapper-security; urgency=low * SECURITY UPDATE: denial of service via subselects. * debian/patches/46_CVE-2007-1420_subselect_dos.dpatch: backported from Debain upstream. * debian/rules: disabled debconf-updatepo for security update. * References http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414790 CVE-2007-1420 -- Kees Cook Thu, 15 Mar 2007 16:59:46 -0700 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.2) dapper-security; urgency=low * Fix CVE number in previous changelog and dpatch name. -- Martin Pitt Tue, 5 Sep 2006 10:35:26 +0200 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.1) dapper-security; urgency=low * SECURITY UPDATE: Privilege escalation. * Add debian/patches/SECURITY_CVE-2006-4031.dpatch: - Add --{skip-}merge options to disable the MERGE engine. - This closes a potential pitfall when an user creates a merge table, and the admin revokes privileges to the original table without revoking privs to the merged table, too. - Patch ported from upstream BK commit. - References: CVE-2006-4031 http://bugs.mysql.com/bug.php?id=15195 * Note: This version is not vulnerable against the case sensitive database name comparison bug [CVE-2006-4226]. * Add debian/patches/SECURITY_CVE-2006-4227.dpatch: - Routine arguments were evaluated in the security context of the routine itself, not in the caller's context. This could be exploited for privilege escalation in setuid functions. - Patch ported from Debian's 5.0.24-3 upload. - References: CVE-2006-4227 http://bugs.mysql.com/bug.php?id=18630 -- Martin Pitt Mon, 4 Sep 2006 14:37:59 +0000 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06) dapper-security; urgency=low * SECURITY UPDATE: Bring in a new upstream release to resolve a SQL injection vulnerability with multibyte encodings (CVE-2006-2753) * This upload is based on Debian's 5.0.22-2 to also pull in a fix for a critical bug in the postinst with an existing config file. -- Adam Conrad Fri, 16 Jun 2006 21:09:53 +1000 mysql-dfsg-5.0 (5.0.22-2) unstable; urgency=high * Fixed debian-sys-maint related bug in postinst (thanks to Jean-Christophe Dubacq). Closes: #369970 * The last upload was a security patch (which I did not know as I uploaded before the announcement came). I now added the CVE id for reference and set urgency to high as the last entry did not. -- Christian Hammers Wed, 31 May 2006 01:04:11 +0200 mysql-dfsg-5.0 (5.0.22-1) unstable; urgency=low * SECURITY: This upstream release fixes an SQL-injection with multibyte encoding problem. (CVE-2006-2753) * New upstream release. * Upstream fixes REPAIR TABLE problem. Closes: #354300 * Upstream fixes problem that empty strings in varchar and text columns are displayed as NULL. Closes: #368663 -- Christian Hammers Tue, 30 May 2006 23:43:24 +0200 mysql-dfsg-5.0 (5.0.21-3ubuntu1) dapper; urgency=low * Redirect mysql_upgrade output to syslog, instead of littering the console, which appears to royally mess up debconf when I'm unlucky. * Merge with Debian's pending 5.0.21-4 release to get new debconf translations and the BLOCKSIZE fix for the free disk space check. -- Adam Conrad Tue, 23 May 2006 20:56:35 +1000 mysql-dfsg-5.0 (5.0.21-4) unstable; urgency=low * Added "BLOCKSIZE=" to the diskfree check (thanks to Farzad FARID). Closes: #367027, #367083 * Further fixed mysql_upgrade upstream script (thanks to Andreas Pakulat) Closes: #366155 * Adjusted the /proc test in debian/rules from /proc/1 to /proc/self to make building on grsec systems possible (thanks to K. Rosenegger). Closes: #366824 * Updated Russion Debconf translation (thanks to Yuriy Talakan). Closes: #367141 * Updated Czech Debconf translation (thanks to Kiroslav Kure). Closes: #367160 * Updated Galician Debconf translation (thanks to Jacobo Tarrio). Closes: #367384 * Updated Swedish Debconf translation (thanks to Daniel Nylander). Closes: #368186 -- Christian Hammers Wed, 10 May 2006 08:45:42 +0200 mysql-dfsg-5.0 (5.0.21-3) unstable; urgency=low * Fixed FTBFS problem which was caused by a patch that modifies Makefile.am as well as Makefile.in and was not deteced because my desktop was fast enough to patch both files within the same second and so fooled automake. (thanks to Blars Blarson for notifying me). Closes: #366534 -- Christian Hammers Sat, 6 May 2006 19:03:58 +0200 mysql-dfsg-5.0 (5.0.21-2) unstable; urgency=low * Fixed bug in postinst that did not correctly rewrite /etc/mysql/debian.cnf (thanks to Daniel Leidert). Closes: #365433, #366155 -- Christian Hammers Thu, 4 May 2006 02:37:03 +0200 mysql-dfsg-5.0 (5.0.21-1) unstable; urgency=high * SECURITY: New upstream release with some security relevant bugfixes: * "Buffer over-read in check_connection with usernames lacking a trailing null byte" (CVE-2006-1516) * "Anonymous Login Handshake - Information Leakage" (CVE-2006-1517) * "COM_TABLE_DUMP Information Leakage and Arbitrary command execution" (CVE-2006-1518) Closes: #365938, #365939 * Added diskfree check to the init script (thanks to Tim Baverstock). Closes: #365460 * First amd64 upload! -- Christian Hammers Sat, 29 Apr 2006 04:31:27 +0200 mysql-dfsg-5.0 (5.0.20a-2) unstable; urgency=low * The new mysql-upgrade which is started from /etc/mysql/debian-start does now use the debian-sys-maint user for authentication (thanks to Philipp). Closes: #364991 * Wrote patch debian/patches/43* which adds a password option to mysql_update. See MySQL bug #19400. * Added "Provides: libmysqlclient-dev" to libmysqlclient15-dev as I saw no obvious reasons against it (problems should be documented in debian/README.Maintainer!) (thanks to Olaf van der Spek). Closes: #364899 * Updated Netherlands debconf translation (thanks to Vincent Zweije) Closes: #364464 * Updated French debconf translation (thanks to Christian Perrier) Closes: #364401 * Updated Danish debconf translation (thanks to Claus Hindsgaul) Closes: #365135 -- Christian Hammers Wed, 26 Apr 2006 01:14:53 +0200 mysql-dfsg-5.0 (5.0.20a-1) unstable; urgency=low * New upstream release. * Added the new mysql_upgrade script and added it to /etc/mysql/debian-start (thanks to Alessandro Polverini). The script is currently very noise that is a known bug and will be fixed in the next release! Closes: #363458 * No longer creates the "test" database. This actuallay had been tried to archive before (at least patches) exists but apparently was not the case in the last versions (thanks to Olaf van der Spek). Closes: #362126 * Reformatted libmysqlclient15off.NEWS.Debian to changelog format (thanks to Peter Palfrader). Closes: #363062 -- Christian Hammers Sat, 15 Apr 2006 13:05:22 +0200 mysql-dfsg-5.0 (5.0.20-1) unstable; urgency=high * Upstream contains a fix for a nasty bug (MySQL#18153) that users already experienced and that caused corrupted triggers after REPAIR/OPTIMIZE/ALTER TABLE statements. (thanks to Jerome Despatis for pointing out) * Added patch for the "updates on multiple tables is buggy after upgrading from 4.1 to 5.0" problem which MySQL has been committed for the upcoming 5.0.21 release. Closes #352704 * Added Netherlands debconf translation (thanks to Vincent Zweije). Closes: #360443 * Added Galician debconf translation (thanks to Jacobo Tarrio). Closes: #361257 -- Christian Hammers Fri, 7 Apr 2006 00:00:43 +0200 mysql-dfsg-5.0 (5.0.19-3) unstable; urgency=high [ Christian Hammers ] * Fixed libmysqlclient15.README.Debian regarding package name changes (thanks to Leppo). * Moved libheap.a etc. back to /usr/lib/mysql/ as their names are just too generic. Closes: #353924 [ Sean Finney ] * updated danish debconf translation, thanks to Claus Hindsgaul (closes: #357424). [ Adam Conrad ] * Send stderr from 'find' in preinst to /dev/null to tidy up chatter. * Backport patch for CVE-2006-0903 from the upcoming release to resolve a log bypass vulnerability when using non-binary logs (closes: #359701) -- Adam Conrad Tue, 4 Apr 2006 15:23:18 +1000 mysql-dfsg-5.0 (5.0.19-2) unstable; urgency=medium * New upstream release. * Renamed package libmysqlclient15 to libmysqlclient15off due to binary incompatible changes. See /usr/share/doc/libmysqlclient15off/README.Debian * Updated Czech debconf translation (thanks to Miroslav Kure). Closes: #356503 * Updated French debconf translation (thanks to Christian Perrier). Closes: #356332 * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian file is (thanks to Ross Boylan). Closes: #355978 -- Christian Hammers Fri, 17 Mar 2006 02:32:19 +0100 mysql-dfsg-5.0 (5.0.19-1) experimental; urgency=medium * New upstream release. * Renamed package libmysqlclient15 to libmysqlclient15off. See /usr/share/doc/libmysqlclient15off/NEWS.Debian * Updated Czech debconf translation (thanks to Miroslav Kure). Closes: #356503 * Updated French debconf translation (thanks to Christian Perrier). Closes: #356332 * Improved README.Debian (thanks to Olaf van der Spek). Closes: #355702 * Fixed 5.0.18-8 changelog by saying in which package the NEWS.Debian file is (thanks to Ross Boylan). Closes: #355978 -- Christian Hammers Tue, 14 Mar 2006 22:56:13 +0100 mysql-dfsg-5.0 (5.0.18-9) unstable; urgency=medium [ Christian Hammers ] * When using apt-get the check for left-over ISAM tables can abort the installation of mysql-server-5.0 but not prevent the mysql-server-4.1 package from getting removed. The only thing I can do is reflect this in the Debconf notice that is shown and suggest to reinstall mysql-server-4.1 for converting. See: #354850 * Suggests removing of /etc/cron.daily/mysql-server in last NEWS message (thanks to Mourad De Clerck). Closes: #354111 * Added versioned symbols for kfreebsd and Hurd, too (thanks to Aurelien Jarno and Michael Bank). Closes: #353971 * Added versioned symbols for kfreebsd, too (thanks to Aurelien Jarno). Closes: #353971 [ Adam Conrad ] * Add 39_scripts__mysqld_safe.sh__port_dir.dpatch to ensure that the permissions on /var/run/mysqld are always correct, even on a tmpfs. -- Christian Hammers Mon, 6 Mar 2006 21:42:13 +0100 mysql-dfsg-5.0 (5.0.18-8) unstable; urgency=low * The rotation of the binary logs is now configured via expire-logs-days in /etc/mysql/my.cnf and handled completely by the server and no longer in configured in debian-log-rotate.conf and handled by a cron job. Thanks to David Johnson. See /usr/share/doc/mysql-server-5.0/NEWS.Debian * Ran aspell over some files in debian/ and learned a lot :) * debian/rules: Added check if versioned symbols are really there. * Updated SSL-MINI-HOWTO. * Updated copyright (removed the parts regarding the now removed BerkeleyDB table handler and mysql-doc package). * Relocated a variable in preinst (thanks to Michael Heldebrant). Closes: #349258, #352587, #351216 * Updated Danish debconf translation (thanks to Claus Hindsgaul). Closes: #349013 * Updated Swedish debconf translation (thanks to Daniel Nylander). Closes: #349522 * Updated French debconf translation (thanks to Christian Perrier). Closes: #349592 * Fixed typo in README.Debian (thanks to Vincent Ricard). * Prolonged waiting time for mysqld in the init script. Closes: #352070 -- Christian Hammers Mon, 23 Jan 2006 23:13:46 +0100 mysql-dfsg-5.0 (5.0.18-7) unstable; urgency=low * Made mailx in debian-start.inc.sh optional and changed the dependency on it on it to a mere recommendation. Closes: #316297 * the previous FTBFS patches for GNU/Hurd inadvertently led to configure being regenerating, losing a couple trivial things like our versioned symbols patch, causing many nasty problems (closes: #348854). -- sean finney Fri, 20 Jan 2006 20:59:27 +0100 mysql-dfsg-5.0 (5.0.18-6) unstable; urgency=low * Added version comment (thanks to Daniel van Eeden). * Added two patches to build on GNU/Hurd (thanks to Michael Bank). Closes: #348182 * Abort upgrade if old and now unsupported ISAM tables are present (thanks to David Coe). Closes: #345895 -- Christian Hammers Tue, 17 Jan 2006 19:25:59 +0100 mysql-dfsg-5.0 (5.0.18-5) unstable; urgency=low * Bump shlibdeps for libmysqlclient15 to (>= 5.0.15-1), which was the first non-beta release from upstream, as well as being shortly after we broke the ABI in Debian by introducing versioned symbols. -- Adam Conrad Fri, 13 Jan 2006 13:18:03 +1100 mysql-dfsg-5.0 (5.0.18-4) unstable; urgency=low * Munge our dependencies further to smooth upgrades even more, noting that we really need 5.0 to conflict with 4.1, and stealing a page from the book of mysql-common, it doesn't hurt to hint package managers in the direction of "hey, this stuff is a complete replacement for 4.1" * Change the description of mysql-server and mysql-client to remove the references to it being "transition", and instead point out that it's the way to get the "current best version" of each package installed. -- Adam Conrad Wed, 11 Jan 2006 11:39:45 +1100 mysql-dfsg-5.0 (5.0.18-3) unstable; urgency=low * Make the mysql-{client,server}-5.0 conflict against mysql-{client,server} versioned, so they can be installed side-by-side and upgrade properly. * Add myself to Uploaders; since I have access to the alioth repository. -- Adam Conrad Tue, 10 Jan 2006 19:15:48 +1100 mysql-dfsg-5.0 (5.0.18-2) unstable; urgency=low * Removed the transitional package that forced an upgrade from mysql-server-4.1 to mysql-server-5.0 as I was convinced that having a general "mysql-server" package with adjusted dependencies is enough (thanks to Adam Conrad). * Updated logcheck.ignore files (thanks to Jamie McCarthy). Closes: #340193 -- Christian Hammers Mon, 9 Jan 2006 21:54:53 +0100 mysql-dfsg-5.0 (5.0.18-1) unstable; urgency=low * New upstream version. * Added empty transitional packages that force an upgrade from the server and client packages that have been present in Sarge. * Fixed SSL-MINI-HOWTO (thanks to Jonas Smedegaard). Closes: #340589 -- Christian Hammers Mon, 2 Jan 2006 21:17:51 +0100 mysql-dfsg-5.0 (5.0.17-1) unstable; urgency=low * Never released as Debian package. -- Christian Hammers Thu, 22 Dec 2005 07:49:52 +0100 mysql-dfsg-5.0 (5.0.16-1) unstable; urgency=low * New upstream version. * Removed the error logs from the logrotate script as Debian does not use them anymore. Closes: #339628 -- Christian Hammers Tue, 22 Nov 2005 01:19:11 +0100 mysql-dfsg-5.0 (5.0.15-2) unstable; urgency=medium * Added 14_configure__gcc-atomic.h.diff to fix FTBFS on m68k (thanks to Stephen R Marenka). Closes: #337082 * Removed dynamic linking against libstdc++ as it was not really needed (thanks to Adam Conrad). Closes: #328613 * Fixed the "/var/lib/mysql is a symlink" workaround that accidently left a stalled symlink (thanks to Thomas Lamy). Closes: #336759 * As the init script cannot distinguish between a broken startup and one that just takes very long the "failed" message now says "or took more than 6s" (thanks to Olaf van der Spek). Closes: #335547 -- Christian Hammers Thu, 3 Nov 2005 22:00:15 +0100 mysql-dfsg-5.0 (5.0.15-1) unstable; urgency=low * New upstream version. 5.0 has finally been declared STABLE! * Added small patch to debian/rules that fixed sporadic build errors where stdout and stderr were piped together, got mixed up and broke * Added --with-big-tables to ./configure (thanks to tj.trevelyan). Closes: #333090 * Added capability to parse "-rc" to debian/watch. * Fixed cronscript (thanks to Andrew Deason). Closes: #335244 * Added Swedish debconf translation (thanks to Daniel Nylander). Closes: #333670 * Added comment to README.Debian regarding applications that manually set new-style passwords... Closes: #334444 * Sean Finney: - Fix duplicate reference to [-e|--extended-insert]. Closes: #334957 - Fix default behavior for mysqldumpslow. Closes: #334517 - Reference documentation issue in mysql manpage. Closes: #335219 -- Christian Hammers Fri, 30 Sep 2005 00:10:39 +0200 mysql-dfsg-5.0 (5.0.13rc-1) unstable; urgency=low * New upstream release. Now "release-candidate"! * Removed any dynamic link dependencies to libndbclient.so.0 which is due to its version only distributed as a static library. * Sean Finney: - FTBFS fix related to stripping rpath in debian/rules -- Christian Hammers Mon, 26 Sep 2005 22:09:26 +0200 mysql-dfsg-5.0 (5.0.12beta-5) unstable; urgency=low * The recent FTBFS were probably result of a timing bug in the debian/patches/75_*.dpatch file where Makefile.in got patched just before the Makefile.shared which it depended on. For that reason only some of the autobuilders failed. Closes: #330149 * Fixed chrpath removal (option -k had to be added). * Corrected debconf dependency as requested by Joey Hess. -- Christian Hammers Mon, 26 Sep 2005 18:37:07 +0200 mysql-dfsg-5.0 (5.0.12beta-4) unstable; urgency=low * Removed experimental shared library libndbclient.so.0.0.0 as it is doomed to cause trouble as long as it is present in both MySQL 4.1 and 5.0 without real soname and its own package. We still have libndbclient.a for developers. (thanks to Adam Conrad and mediaforest.net). Closes: #329772 -- Christian Hammers Fri, 23 Sep 2005 12:36:48 +0200 mysql-dfsg-5.0 (5.0.12beta-3) unstable; urgency=medium * Symbol versioning support! wooooohoooooo! (thanks to Steve Langasek) Closes: #236288 * Moved libndbcclient.so.0 to the -dev package as it is provided by libmysqlclient14 and -15 which must be installable simultaneously. * Removed mysql-*-doc suggestions. -- Christian Hammers Tue, 20 Sep 2005 00:07:03 +0200 mysql-dfsg-5.0 (5.0.12beta-2) unstable; urgency=low * Added patch to build on GNU/kFreeBSD (thanks to Aurelien Jarno). Closes: #327702 * Added patch that was already been present on the 4.1 branch which makes the "status" command of the init script more sensible (thanks to Stephen Gildea). Closes: #311836 * Added Vietnamese Debconf translation (thanks to Clytie Siddal). Closes: #313006 * Updated German Debconf translation (thanks to Jens Seidel). Closes: #313957 * Corrected commends in example debian-log-rotate.conf. The default is unlike the mysql-sever-4.1 package which needed to stay backwards compatible now 2 to avoid filling up the disk endlessly. * Fixed watch file to be "-beta" aware. -- Christian Hammers Thu, 15 Sep 2005 20:50:19 +0200 mysql-dfsg-5.0 (5.0.12beta-1) unstable; urgency=medium * Christian Hammers: - New upstream release. - Changed build-dep to libreadline5-dev as requested by Matthias Klose. Closes: #326316 - Applied fix for changed output format of SHOW MASTER LOGS for binary log rotation (thanks to Martin Krueger). Closes: #326427, #326427 - Removed explicit setting of $PATH as I saw no sense in it and it introduced a bug (thanks to Quim Calpe). Closes: #326769 - Removed PID file creation from /etc/init.d/mysql-ndb as it does not work with this daemon (thanks to Quim Calpe). - Updated French Debconf translation (thanks to Christian Perrier). Closes: #324805 - Moved conflicts line in debian/control from libmysqlclient15 to libmysqlclient15-dev and removed some pre-sarge conflicts as suggested by Adam Majer. Closes: #324623 * Sean Finney: - For posterity, CAN-2005-2558 has been fixed since 5.0.7beta. -- Christian Hammers Thu, 15 Sep 2005 19:58:22 +0200 mysql-dfsg-5.0 (5.0.11beta-3) unstable; urgency=low * Temporarily build only with -O2 to circumvent gcc internal errors (thanks to Matthias Klose). Related to: #321165 -- Christian Hammers Thu, 18 Aug 2005 15:44:04 +0200 mysql-dfsg-5.0 (5.0.11beta-2) unstable; urgency=low * Fixed README.Debian regarding the status of mysql-doc. * Added "set +e" around chgrp in mysql-server-5.0.preinst to not fail on .journal files (thanks to Christophe Nowicki). Closes: #318435 -- Christian Hammers Sun, 14 Aug 2005 18:02:08 +0200 mysql-dfsg-5.0 (5.0.11beta-1) unstable; urgency=low * New upstream version. * Added Danish Debconf translations (thanks to Claus Hindsgaul). Closes: #322384 * Updated Czech Debconf translations (thanks to Miroslav Kure). Closes: #321765 -- Christian Hammers Sat, 13 Aug 2005 11:56:15 +0000 mysql-dfsg-5.0 (5.0.10beta-1) unstable; urgency=low * New upstream release. * Christian Hammers: - Added check for mounted /proc to debian/rules. * Sean Finney: - fix for fix_mysql_privilege_tables/mysql_fix_privilege_tables typo in mysql-server-5.0's README.Debian (see #319838). -- Christian Hammers Sun, 31 Jul 2005 00:30:45 +0200 mysql-dfsg-5.0 (5.0.7beta-1) unstable; urgency=low * Second try for new upstream release. * Renamed mysql-common-5.0 to mysql-common as future libmysqlclient16 from e.g. MySQL-5.1 would else introduce mysql-common-5.1 which makes a simultanous installation of libmysqlclient14 impossible as that depends on either mysql-common or mysql-common-5.0 but not on future versions. Thus we decided to always let the newest MySQL version provide mysql-common. * Added ${misc:Depends} as suggested by debhelper manpage. * Raised standard in control file to 3.6.2. * Removed DH_COMPAT from rules in faviour of debian/compat. * Checkes for presence of init script before executing it in preinst. Referres: 315959 * Added 60_includes_mysys.h__gcc40.dpatch for GCC-4.0 compatibility. -- Christian Hammers Wed, 29 Jun 2005 00:39:05 +0200 mysql-dfsg-5.0 (5.0.5beta-1) unstable; urgency=low * New major release! Still beta so be carefull... * Added federated storage engine. -- Christian Hammers Wed, 8 Jun 2005 19:29:45 +0200 mysql-dfsg-4.1 (4.1.12-1) unstable; urgency=low * Christian Hammers: - New upstream release. - Disabled BerkeleyDB finally. It has been obsoleted by InnoDB. * Sean Finney: - Updated French translation from Christian Perrier (Closes: #310526). - Updated Japanese translation from Hideki Yamane (Closes: #310263). - Updated Russian translation from Yuriy Talakan (Closes: #310197). -- Christian Hammers Sat, 4 Jun 2005 05:49:11 +0200 mysql-dfsg-4.1 (4.1.11a-4) unstable; urgency=high * Fixed FTBFS problem which was caused due to the fact that last uploads BerkeleyDB patch was tried to applied on all architectures and not only on those where BerkeleyDB is actually beeing built. Closes: #310296 -- Christian Hammers Mon, 23 May 2005 00:54:51 +0200 mysql-dfsg-4.1 (4.1.11a-3) unstable; urgency=high * Added patch from Piotr Roszatycki to compile the bundled db3 library that is needed for the BerkeleyDB support with versioned symbols so that mysqld no longer crashes when it gets linked together with the Debian db3 version which happens when e.g. using libnss-db. Closes: #308966 -- Christian Hammers Thu, 19 May 2005 01:41:14 +0200 mysql-dfsg-4.1 (4.1.11a-2) unstable; urgency=high * Okay, the hackery with /var/lib/dpkg/info/mysql-server.list will not stand and is removed from the preinst of mysql-server. * New workaround for the symlink problem that does not involve mucking with dpkg's file lists is storing the symlinks in a temporary location across upgrades. As this sometimes fails since apt-get does not always call new.preinst before old.postrm, some remarks were added to README.Debian and the Debconf installation notes to minimize the inconvinience this causes. -- sean finney Sun, 15 May 2005 10:25:31 -0400 mysql-dfsg-4.1 (4.1.11a-1) unstable; urgency=high * Added the "a" to the version number to be able to upload a new .orig.tar.gz file which now has the non-free Docs/ directory removed as this has been forgotten in the 4.1.11 release (thanks to Goeran Weinholt). Closes: #308691 * The Woody package listed /var/lib/mysql and /var/log/mysql in its /var/lib/dpkg/info/mysql-server.list. These directories are often replaced by symlinks to data partitions which triggers a dpkg bug that causes these symlinks to be removed on upgrades. The new preinst prevents this by removing the two lines from the .list file (thanks to Andreas Barth and Jamin W. Collins). See dpkg bug #287978. * Updated French Debconf translation (thanks to Christian Perrier). Closes: #308353 -- Christian Hammers Thu, 12 May 2005 21:52:46 +0200 mysql-dfsg-4.1 (4.1.11-3) unstable; urgency=high * The "do you want to remove /var/lib/mysql when purging the package" flag from old versions is removed once this package is beeing installed so that purging an old Woody mysql-server package while having a mysql-server-4.1 package installed can no longer lead to the removal of all databases. Additionaly clarified the wording of this versions Debconf template and added a check that skips this purge in the postrm script if another mysql-server* package has /usr/sbin/mysqld installed. (thanks to Adrian Bunk for spotting that problem) Closes: #307473 * Cronfile was not beeing installed as the filename was not in the correct format for "dh_installcron --name" (thanks to Tomislav Gountchev). Closes: #302712 -- Christian Hammers Sat, 23 Apr 2005 22:55:15 +0200 mysql-dfsg-4.1 (4.1.11-2) unstable; urgency=low * Sean Finney: - don't freak out if we can't remove /etc/mysql during purge. - debian/rules clean works again. * Christian Hammers: - Fixed typo in README.Debian (thanks to Joerg Rieger). Closes: #304897 - Completely removed the passwordless test user as it was not only insecure but also lead to irritations as MySQL checks first the permissions of this user and then those of a password having one. See bug report from Hilko Bengen for details. Closes: #301741 -- Christian Hammers Sat, 16 Apr 2005 15:55:00 +0200 mysql-dfsg-4.1 (4.1.11-1) unstable; urgency=low * New upstream version. * Upstream fix for charset/collation problem. Closes: #282256 * Upstream fix for subselect crash. Closes: #297687 * Corrected minor issue in Debconf template regarding skip-networking (thanks to Isaac Clerencia). Closes: #303417 * Made dependency to gawk unnecessary (thanks to Zoran Dzelajlija). Closes: #302284 * Removed obsolete 50_innodb_mixlen.dpatch. * Removed obsolete 51_CAN-2004-0957_db_grant_underscore.dpatch. -- Christian Hammers Fri, 8 Apr 2005 00:23:53 +0200 mysql-dfsg-4.1 (4.1.10a-7) unstable; urgency=low * Sean Finney: - fix for the mysteriously disappeared cronjob. thanks to Peter Palfrader for pointing out this omission. (closes: #302712). -- sean finney Sat, 02 Apr 2005 16:54:13 -0500 mysql-dfsg-4.1 (4.1.10a-6) unstable; urgency=high * Sean Finney: - the previous upload did not completely address the issue. this one should do so. d'oh. -- sean finney Thu, 31 Mar 2005 03:35:50 +0000 mysql-dfsg-4.1 (4.1.10a-5) unstable; urgency=high * Sean Finney: - the following security issue is addressed in this upload: CAN-2004-0957 (grant privilege escalation on tables with underscores) thanks to sergei at mysql for all his help with this. -- sean finney Wed, 30 Mar 2005 21:19:26 -0500 mysql-dfsg-4.1 (4.1.10a-4) unstable; urgency=low * Sean Finney: - FTBFS fix for amd64/gcc-4.0. Thanks to Andreas Jochens for reporting this (closes: #301807). - ANSI-compatible quoting fix in daily cron job. thanks to Karl Hammar for pointing out the problem in the 4.0 branch. - Added myself as a co-maintainer in the control file (closes: #295312). -- sean finney Tue, 29 Mar 2005 18:54:42 -0500 mysql-dfsg-4.1 (4.1.10a-3) unstable; urgency=low * BerkeleyDB is now disabled by default as its use is discouraged by MySQL. * Added embedded server libraries as they finally do compile. They are currently in libmysqlclient-dev as they are still experimental and only available as .a library (thanks to Keith Packard). Closes: #297062 * Fixed obsolete "tail" syntax (thanks to Sven Mueller). Closes: #301413 * Added CAN numbers for the latest security bugfix upload. * Updated manpage of mysqlmanager (thanks to Justin Pryzby). Closes: #299844 * Added comments to default configuration. -- Christian Hammers Sun, 20 Mar 2005 17:40:18 +0100 mysql-dfsg-4.1 (4.1.10a-2) unstable; urgency=low * Disabled "--with-mysqld-ldflags=-all-static" as it causes sig11 crashes if LDAP is used for groups in /etc/nsswitch.conf. Confirmed by Sean Finney and Daniel Dehennin. Closes: #299382 -- Christian Hammers Mon, 14 Mar 2005 03:01:03 +0100 mysql-dfsg-4.1 (4.1.10a-1) unstable; urgency=high * SECURITY: - The following security related updates are addressed: CAN-2005-0711 (temporary file creation with "CREATE TEMPORARY TABLE") CAN-2005-0709 (arbitrary library injection in udf_init()) CAN-2005-0710 (arbitrary code execution via "CREATE FUNCTION") Closes: #299029, #299031, #299065 * New Upstream Release. - Fixes some server crash conditions. - Upstream includes fix for TMPDIR overriding my.cnf tmpdir setting Closes: #294347 - Fixes InnoDB error message. Closes: #298875 - Fixes resouce limiting. Closes: #285044 * Improved checking whether or not the server is alive in the init script which should make it possible to run several mysqld instances in different chroot environments. Closes: #297772 * Fixed cron script name as dots are not allowed (thanks to Michel v/d Ven). Closes: #298447 * Added -O3 and --with-mysqld-ldflags=-all-static as MySQL recommends to build the server binary statically in order to gain about 13% more performance (thanks to Marcin Kowalski). * Added patch to let mysqld_safe react to signals (thanks to Erich Schubert). Closes: #208364 * (Thanks to Sean Finney for doing a great share of work for this release!) -- Christian Hammers Thu, 3 Mar 2005 02:36:39 +0100 mysql-dfsg-4.1 (4.1.10-4) unstable; urgency=medium * Fixed bug that prevented MySQL from starting after upgrades. Closes: #297198, #296403 * Added comment about logging to syslog to the default my.cnf and the logrotate script (thanks to Ryszard Lach). Closes: #295507 -- Christian Hammers Thu, 3 Mar 2005 00:28:02 +0100 mysql-dfsg-4.1 (4.1.10-3) unstable; urgency=low * Sean Finney: Cronjobs now exit silently when the server package has been removed but not purged (thanks to Vineet Kumar). Closes: #297404 * Fixed comments of /etc/mysql/debian-log-rotate.conf (thanks to Philip Ross). Closes: #297467 * Made mysqld_safe reacting sane on signals (thanks to Erich Schubert). Closes: #208364 -- Christian Hammers Tue, 1 Mar 2005 19:44:34 +0100 mysql-dfsg-4.1 (4.1.10-2) unstable; urgency=low * Converted to dpatch. * debian/ is now maintained via Subversion on svn.debian.org. -- Christian Hammers Tue, 1 Mar 2005 02:16:36 +0100 mysql-dfsg-4.1 (4.1.10-1) unstable; urgency=low * New upstream version. * Upstream fixed memleak bug. Closes: #205587 * Added debian/copyright.more for personal reference. * Lowered default query cache size as suggested by Arjen from MySQL. * Switched from log to log-bin as suggested by Arjen from MySQL. * Fixed typo in my.cnf (thanks to Sebastian Feltel). Closes: #295247 * Replaced --defaults-extra-file by --defaults-file in Debian scripts as former lets password/host etc be overwriteable by /root/.my.cnf. Added socket to /etc/mysql/debian.cnf to let it work. (thanks to SATOH Fumiyasu). Closes: #295170 -- Christian Hammers Tue, 15 Feb 2005 23:47:02 +0100 mysql-dfsg-4.1 (4.1.9-4) unstable; urgency=low * Improved the way mysqld is started and registered with update-rc.d in cases where the admin modifies the runlevel configuration. Most notably removed the debconf question whether or not mysql should start on when booting. Closes: #274264 * Renamed configuration option old-passwords to the more preferred naming convention old_passwords. Same for some others (thanks to Patrice Pawlak). Closes: #293983 -- Christian Hammers Tue, 8 Feb 2005 02:21:18 +0100 mysql-dfsg-4.1 (4.1.9-3) unstable; urgency=low * Renamed ca_ES.po to ca.po to reach a broader audience (thanks to Christian Perrier). Closes: #293786 * Expicitly disabled mysqlfs support as it has never been enabled by configure during the autodetection but fails due to broken upstream code when users try to build the package theirselves while having liborbit-dev installed which triggers the mysqlfs autodetection (thanks to Max Kellermann). Closes: #293431 * Added dependencies to gawk as one script does not work with original-awk (thanks to Petr Ferschmann). Closes: #291634 -- Christian Hammers Sun, 6 Feb 2005 23:33:11 +0100 mysql-dfsg-4.1 (4.1.9-2) unstable; urgency=high * SECURITY: For historical reasons /usr/share/mysql/ was owned and writable by the user "mysql". This is a security problem as some scripts that are run by root are in this directory and could be modified and used by a malicious user who already has mysql privileges to gain full root rights (thanks to Matt Brubeck). Closes: #293345 * Changed "skip-networking" to "bind-address 127.0.0.1" which is more compatible and not less secure but maybe even more, as less people enable networking for all interfaces (thanks to Arjen Lentz). * Enabled InnoDB by default as recommended by Arjen Lentz from MySQL. * Added remarks about hosts.allow to README.Debian (thanks to David Chappell). Closes: #291300 * mysql-server-4.1 now provides mysql-server (thanks to Paul van den Berg). Closes: #287735 -- Christian Hammers Wed, 2 Feb 2005 23:31:55 +0100 mysql-dfsg-4.1 (4.1.9-1) unstable; urgency=low * New upstream version. * mysql-client-4.1 now provides "mysql-client" so that packages depending on mysql-client (ca. 40) can now be used with MySQL-4.1, too. -- Christian Hammers Sun, 23 Jan 2005 22:52:48 +0100 mysql-dfsg-4.1 (4.1.8a-6) unstable; urgency=high * SECURITY: Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered a temporary file vulnerability in the mysqlaccess script of MySQL that could allow an unprivileged user to let root overwrite arbitrary files via a symlink attack and could also could unveil the contents of a temporary file which might contain sensitive information. (CAN-2005-0004, http://lists.mysql.com/internals/20600) Closes: #291122 -- Christian Hammers Tue, 18 Jan 2005 23:11:48 +0100 mysql-dfsg-4.1 (4.1.8a-5) unstable; urgency=medium * Fixed important upstream bug that causes from_unixtime(0) to return NULL instead of "1970-01-01 00:00:00" which fails on NOT NULL columns. Closes: #287792 * Fixes upstream bug in mysql_list_fields() . Closes: #282486 * Fixes bug that lead to double rotated logfiles when mysql-server 4.0 was previously installed (thanks to Olaf van der Spek). Closes: #289851 * Fixed typo in README.Debian (thanks to Mark Nipper). Closes: #289131 * Changed max_allowed_packet in my.cnf to 16M as in 4.0.x (thanks to Olaf van der Spek). Closes: #289840 * Updated French debconf translation (thanks to Christian Perrier). Closes: #287955 -- Christian Hammers Thu, 13 Jan 2005 01:29:05 +0100 mysql-dfsg-4.1 (4.1.8a-4) unstable; urgency=low * Broken patch again :-( -- Christian Hammers Sun, 9 Jan 2005 23:47:55 +0100 mysql-dfsg-4.1 (4.1.8a-3) unstable; urgency=low * The mutex patch was a bit too x86 centric. This broke the alpha build. -- Christian Hammers Sun, 9 Jan 2005 14:18:49 +0100 mysql-dfsg-4.1 (4.1.8a-2) unstable; urgency=medium * Some Makefiles that were patched by me got overwritten by the GNU autotools, probably because I also patched ./configure. Fixed now, the critical mutex patch is now back in again. Closes: #286961 * Added patch to make MySQL compile on ARM (thanks to Adam Majer). Closes: #285071 -- Christian Hammers Thu, 6 Jan 2005 09:30:13 +0100 mysql-dfsg-4.1 (4.1.8a-1) unstable; urgency=medium * Upstream 4.1.8 had some problems in their GNU Autotools files so they released 4.1.8a. Debian's 4.1.8 was fixed by running autoreconf but this again overwrote MySQL changes to ltmain.sh which are supposed to fix some problems on uncommon architectures (maybe the FTBFS on alpha, arm, m68k and sparc?). * libmysqlclient_r.so.14 from 4.1.8-3 also missed a link dependency to libz which lead to unresolved symbols visible with "ldd -r" (thanks to Laurent Bonnaud). Closes: #287573 -- Christian Hammers Wed, 29 Dec 2004 14:26:33 +0100 mysql-dfsg-4.1 (4.1.8-3) unstable; urgency=low * Fixed checking for error messages by forcing english language output by adding LC_ALL=C to debian-start (thanks to Rene Konasz) Closes: #285709 * Fixed bashisms in Debian scripts. Closes: #286863 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #287003 * Improved 4.0 to 4.1 upgrade if /var/lib/mysql is a symlink (thanks to Thomas Lamy). Closes: #286560 * Added patch for FTBFS problem where no LinuxThreads can be found. I don't know if this still applies but it should not hurt. The patch is debian/patches/configure__AMD64-LinuxThreads-vs-NPTL.diff -- Christian Hammers Sun, 26 Dec 2004 14:04:20 +0100 mysql-dfsg-4.1 (4.1.8-2) unstable; urgency=low * If /var/lib/mysql is a symlink then it is kept as such. * Added the old-passwords option to the default my.cnf to stay compatible to clients that are still compiled to libmysqlclient10 and libmysqlclient12 for licence reasons. * Adjusted tetex build-deps to ease backporting (thanks to Norbert Tretkowski from backports.org). -- Christian Hammers Tue, 21 Dec 2004 01:00:27 +0100 mysql-dfsg-4.1 (4.1.8-1) unstable; urgency=medium * New upstream version. Closes: #286175 * Added conflict to libmysqlclient-dev (thanks to Adam Majer). Closes: #286538 * Added debconf-updatepo to debian/rules:clean. * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #285107 * Updated French Debconf translation (thanks to Christian Perrier). Closes: #285977 * Renamed cz.po to cs.po (thanks to Miroslav Kure). Closes: #285438 * Aplied patch for changed server notice to debian-start (thanks to Adam Majer). Closes: #286035 * Changed nice value in default my.cnf as nohup changed its behaviour (thanks to Dariush Pietrzak). Closes: #285446 * Increased verbosity of preinst script in cases where it cannot stop a running server (thanks to Jan Minar). Closes: #285982 * Splitted the code parts of /etc/mysql/debian-start to /usr/share/mysql/debian-start.inc.sh (thanks to Jan Minar). Closes: #285988 -- Christian Hammers Mon, 20 Dec 2004 00:33:21 +0100 mysql-dfsg-4.1 (4.1.7-4) unstable; urgency=medium * Removed OpenSSL support. After a short discussion with MySQL, I decided to drop OpenSSL support as 1. MySQL started shipping their binaries without it, too and do not seem to support it in favour of using a different library somewhen. 2. MySQL did not adjust their licence to grant permission to link against OpenSSL. 3. Even if they did, third parties who use libmysqlclient.so often do not realise licencing problems or even do not want OpenSSL. (thanks to Jordi Mallach and the responders to MySQL bug #6924) Closes: #283786 * debian/control: Improved depends and conflicts to mysql-4.0. -- Christian Hammers Thu, 2 Dec 2004 22:02:28 +0100 mysql-dfsg-4.1 (4.1.7-3) unstable; urgency=low * Raised version to make it higher as the one in experimental. -- Christian Hammers Wed, 1 Dec 2004 21:09:20 +0100 mysql-dfsg-4.1 (4.1.7-2) unstable; urgency=low * Patched scripts/mysql_install_db so that it no longer creates a passwordless test database during installation (thanks to Patrick Schnorbus). Closes: #281158 * Added Czech debconf translation (thanks to Miroslav Kure). Closes: #283222 -- Christian Hammers Wed, 1 Dec 2004 01:29:31 +0100 mysql-dfsg-4.1 (4.1.7-1) unstable; urgency=low * New upstream branch! * Adjusted debian/control to make this package suitable to get parallel to version 4.0.x into unstable and sarge. The package names are different so that "mysql-server" still defaults to the rock-stable 4.0 instead to this announced-to-be-stable 4.1. * Added --with-mutex=i86/gcc-assemler to the Berkeley-DB configure to prevent the use of NPLT threads when compiling under kernel 2.6 because the binaries are else not runable on kernel 2.4 hosts. Closes: #278638, #274598 -- Christian Hammers Sun, 31 Oct 2004 20:15:03 +0100 mysql-dfsg (4.1.6-1) experimental; urgency=low * New upstream version. * Fixed symlinks in libmysqlclient-dev package. Closes: #277028 * This time I did not update the libtool files as they were pretty up to date and I want to have a shorter diff file. -- Christian Hammers Wed, 20 Oct 2004 00:07:58 +0200 mysql-dfsg (4.1.5-3) experimental; urgency=low * debian/postinst: mysql_install_db changed parameter from --IN-RPM to --rpm which caused problems during installs. Closes: #276320 -- Christian Hammers Sat, 16 Oct 2004 20:36:46 +0200 mysql-dfsg (4.1.5-2) experimental; urgency=low * Activated support for ndb clustering (thanks to Kevin M. Rosenberg). Closes: #275109 -- Christian Hammers Wed, 6 Oct 2004 01:58:00 +0200 mysql-dfsg (4.1.5-1) experimental; urgency=low * WARNING: The upstream branch 4.1 is still considered BETA. The Debian packages for 4.1 were done without big testing. If you miss a new functionality or binary, contact me and I check add the relevant configure option or include the program. * New MAJOR upstream version. Thanks to the great demand here's now the first MySQL 4.1 experimental release. FEEDBACK IS WELCOME. * 4.0->4.1 notes: - debian/patches/alpha.diff could not be applied, I fix that later - debian/patches/scripts__mysql_install_db.sh.diff was obsolete - debian/patches/scripts__Makefile.in was neccessary due to a dependency to the removed non-free Docs/ directory. Upstream has been contacted. - Build-Deps: += automake1.7 - debian/rules: embedded servers examples did not compile, removed -- Christian Hammers Sun, 26 Sep 2004 19:46:47 +0200 mysql-dfsg (4.0.21-3) unstable; urgency=low * Upstream tried to fix a security bug in mysqlhotcopy and broke it :-) Applied a patch (see debian/patches) from Martin Pitt. Closes: #271632 * Between 4.0.20 and 4.0.21 the Debian specific changes in /usr/bin/mysqld_safe that piped the error log to syslog got lost and are now back again. * Fixed capitalization in debconf headings. * Changed wording of the initscript status message to make heartbeat happier. Closes: #271591 -- Christian Hammers Fri, 17 Sep 2004 18:42:25 +0200 mysql-dfsg (4.0.21-2) unstable; urgency=medium * The dependencies between mysql-client and libmysqlclient12 were too loose, when upgrading only the client this can lead to non working binaries due to relocation errors (thanks to Dominic Cleal). Closes: #271803 * Fixed typo in mysqldump.1 manpage (thanks to Nicolas Francois). Closes: #271334 -- Christian Hammers Wed, 15 Sep 2004 15:38:11 +0200 mysql-dfsg (4.0.21-1) unstable; urgency=high * SECURITY: This upstream version fixes some security problems that might at least allow a DoS attack on the server. * Fixed an old bug in concurrent accesses to `MERGE' tables (even one `MERGE' table and `MyISAM' tables), that could've resulted in a crash or hang of the server. (Bug #2408) * Fixed bug in privilege checking where, under some conditions, one was able to grant privileges on the database, he has no privileges on. (Bug #3933) * Fixed crash in `MATCH ... AGAINST()' on a phrase search operator with a missing closing double quote. (Bug #3870) * Fixed potential memory overrun in `mysql_real_connect()' (which required a compromised DNS server and certain operating systems). (Bug #4017) * New upstream version. * Fixes bug that made x="foo" in WHERE sometimes the same as x="foo ". Closes: #211618 * Updated Japanese Debconf translation (thanks to Hideki Yamane). Closes: #271097 -- Christian Hammers Sat, 11 Sep 2004 23:15:44 +0200 mysql-dfsg (4.0.20-14) unstable; urgency=low * Dave Rolsky spottet that -DBIG_JOINS was not properly enabled. It allowes joining 64 instead of an 32 tables to join. -- Christian Hammers Thu, 9 Sep 2004 20:24:02 +0200 mysql-dfsg (4.0.20-13) unstable; urgency=medium * Fixed a bug in the initscript which caused the check for not properly closed i.e. corrupt tables that is executed when the server starts not to run in background as supposed. Although the check does not repair anything on servers with several thousand tables the script was reported to take some minutes which is quite annoying. (Thanks to Jakob Goldbach). Closes: #270800 -- Christian Hammers Thu, 9 Sep 2004 17:11:05 +0200 mysql-dfsg (4.0.20-12) unstable; urgency=medium * Filter messages regarding table handles that do not support CHECK TABLE in the script that checks for corrupted tables on every start which lead to unnecessary mails (thanks to David Everly). Closes: #269811 * Added a note to the corrupt-table-check mail which notes that a false-positive is reported in the case that immediately after starting the server a client starts using a table (thanks to Uwe Kappe). Closes: #269985 * Added "quote-names" as default to the [mysqldump] section in /etc/mysql/my.cnf as too many users stumble over dump files that could not be read in again due to the valid use of reserved words as table names. This has also be done by upstream in 4.1.1 and has no known drawbacks. Closes: #269865 * Binary logs can now be rotated as well. Defaults to off, though, for compatibilty reasons (thanks to Mark Ferlatte). Closes: #94230, #269110 * The mysql user "debian-sys-maint" now gets all possible rights which makes binary logging possible and helps other package maintainer who wants to use it to create package specific databases and users. * Added example how to change daemon nice level via /etc/mysql/my.cnf * Updated French debconf translations (thanks to Christian Perrier). Closes: #265811 * Renamed options in the default config file that still had old names (thanks to Yves Kreis). Closes: #266445 * Fixed spelling in debconf note. * Added -l and -L to dh_shlibdeps. -- Christian Hammers Fri, 3 Sep 2004 20:10:46 +0200 mysql-dfsg (4.0.20-11) unstable; urgency=high * SECURITY This version fixes a security flaw in mysqlhotcopy which created temporary files in /tmp which had predictable filenames and such could be used for a tempfile run attack. The issue has been recorded as CAN-2004-0457. -- Christian Hammers Sat, 14 Aug 2004 18:27:19 +0200 mysql-dfsg (4.0.20-10) unstable; urgency=low * MySQL finally updated their copyright page and installed v1.5 of the "Free/Libre and Open Source Software License (FLOSS) - Exception" which will hopefully end the license hell they created by putting the client libraries under GPL instead of LGPL which conflicts with PHP and other software that used to link against MySQL. The license text is not yet in any release MySQL version but visible on their web site and copied into the debian/copyright file. Special thanks to Zak Greant and the debian-legal list for helping to solve this release critical problem. Closes: #242449 * Updated Brazil debconf translation (thanks to Andre Luis Lopes). Closes: #264233 * Updated Japanese debconf translation (thanks to Hideki Yamane). Closes: #264620 * Fixed minor typo in debconf description (thanks to TROJETTE Mohammed Adnene). Closes: #264840 * Improved init and preinst script which now detects stalled servers which do no longer communicate but are present in the process list (thanks to Henrik Johansson). Closes: #263215 -- Christian Hammers Mon, 9 Aug 2004 19:44:28 +0200 mysql-dfsg (4.0.20-9) unstable; urgency=medium * Partly reverted the last patch which gave the mysql-user "debian-sys-maint" more rights as there are old versions of MySQL which have fewer privlige columns. Now only those are set (thanks to Alan Tam). Closes: #263111 -- Christian Hammers Tue, 3 Aug 2004 13:03:02 +0200 mysql-dfsg (4.0.20-8) unstable; urgency=low * The mysqlcheck that is started from the initscript will now be backgrounded because it might else prevent the boot process to continue. It also now notifies root by mail and syslog if a table is corrupt. * The "debian-sys-maint" MySQL user now has almost full rights so that other packages might use this account to create databases and user (thanks to Andreas Barth). Closes: #262541 * Added paranoid rules for logcheck. -- Christian Hammers Sun, 1 Aug 2004 21:00:55 +0200 mysql-dfsg (4.0.20-8) unstable; urgency=low * Upload stalled. Not released. -- Christian Hammers Sun, 1 Aug 2004 20:27:55 +0200 mysql-dfsg (4.0.20-7) unstable; urgency=medium * Solved the upstream bug that error messages of the server are written in a file that is then rotated away leaving mysqld logging effectively to /dev/null. It now logs to a /usr/bin/logger process which puts the messages into the syslog. Modified files: /etc/init.d/mysql, /usr/bin/mysqld_safe and the logchecker files. Closes: #254070 * The initscript does no longer call mysqlcheck directly but via /etc/mysql/debian-start which is a user customizable config script. * Splitted the debconf "install and update notes" and only show them when it is appropriate (thanks to Steve Langasek). Closes: #240515 * Added NEWS.Debian. * Added hint to -DBIG_ROWS, which is currently not used, to README.Debian. * Corrected typo in myisampack manpage (thanks to Marc Lehmann). Closes: #207090 * Added Catalan debconf translation (thanks to Aleix Badia i Bosch). Closes: #236651 -- Christian Hammers Wed, 28 Jul 2004 01:41:51 +0200 mysql-dfsg (4.0.20-6) unstable; urgency=low * The build arch detected by configure was "pc-linux-gnu (i686)" instead of "pc-linux-gnu (i386)". Was no problem AFAIK but Adam Majer asked me to explicitly change it to i386. Closes: #261382 * Removed some unused shell scripts from /usr/share/mysql. * Added lintian overrides. * Removed rpath by using chrpath. -- Christian Hammers Mon, 26 Jul 2004 00:17:12 +0200 mysql-dfsg (4.0.20-5) unstable; urgency=medium * The mysqlcheck in the init script is only called when the server is really alive. Also, the mysql-user 'debian-sys-maint' now has global select rights (thanks to Nathan Poznick). Closes: #261130 * Moved the debconf question whether to remove the databases or not from mysql-server.config to mysql-server.postrm so that it shows up on purge time and not months earlier (thanks to Wouter Verhelst). Closes: #251838 -- Christian Hammers Fri, 23 Jul 2004 22:41:13 +0200 mysql-dfsg (4.0.20-4) unstable; urgency=low * Added a "mysqlcheck -A --fast" to the 'start' section of the init script to help admins detect corrupt tables after a server crash. Currently it exists with an error message but leaves the server running. Feedback appreciated! * Made postinst script more robust by calling db_stop earlier and so prevent pipe-deadlocks. * Fixed minor typos in initscript (thanks to "C.Y.M."). Closes: 259518 * Added the undocumented "-DBIG_JOINS" that MySQL apparently uses in their MAX binaries. It enables 62 instead of 30 tables in a "join". (thanks to Dave Rolsky). Closes: #260843 * Added a "df --portability /var/lib/mysql/." check to the preinst script as users experienced hard to kill hanging mysqlds in such a situation (thanks to Vaidas Pilkauskas). Closes: #260306 -- Christian Hammers Fri, 23 Jul 2004 00:51:32 +0200 mysql-dfsg (4.0.20-3) unstable; urgency=low * Improved tolerance if the init script has been deleted (thanks to Leonid Shulov for spotting the problem). * Minor wording changes to README.Debian generalizing /root/ by $HOME (thanks to Santiago Vila). Closes: #257725 * Added Japanese debconf translation (thanks to Hideki Yamane). Closes: #256485 * Fixed commend in my.cnf regarding logfile directory (thanks to Jayen Ashar). Closes: #253434 * Correted "ease to" by "ease of" in package description (thanks to Johannes Berg). Closes: #253510 -- Christian Hammers Fri, 9 Jul 2004 00:57:42 +0200 mysql-dfsg (4.0.20-2) unstable; urgency=low * Removed RPM .spec file from the included documentation as it is pretty useless (thanks to Loic Minier). * Added turkish debconf translation (thanks to Recai Oktas). Closes: #252802 -- Christian Hammers Sun, 6 Jun 2004 14:48:26 +0200 mysql-dfsg (4.0.20-1) unstable; urgency=low * New upstream version. -- Christian Hammers Mon, 31 May 2004 23:36:39 +0200 mysql-dfsg (4.0.18-8) unstable; urgency=low * Updated french translation (thanks to Christian Perrier). Closes: #246789 -- Christian Hammers Tue, 4 May 2004 23:26:54 +0200 mysql-dfsg (4.0.18-7) unstable; urgency=low * Added CVE ids for the recent security fixes. 4.0.18-4 is CAN-2004-0381 (mysqlbug) and 4.0.18-6 is CAN-2004-0388 (mysql_multi) -- Christian Hammers Mon, 19 Apr 2004 18:32:03 +0200 mysql-dfsg (4.0.18-6) unstable; urgency=medium * SECURITY: Fixed minor tempfile-run security problem in mysqld_multi. Unprivileged users could create symlinks to files which were then unknowingly overwritten by run when this script gets executed. Upstream informed. Thanks to Martin Schulze for finding this. -- Christian Hammers Wed, 7 Apr 2004 01:28:22 +0200 mysql-dfsg (4.0.18-5) unstable; urgency=low * Little improvements in debian scripts for last upload. * Added check to logrotate script for the case that a mysql server is running but not be accessible with the username and password from /etc/mysql/debian.conf (thanks to Jeffrey W. Baker). Closes: 239421 -- Christian Hammers Sun, 4 Apr 2004 15:27:40 +0200 mysql-dfsg (4.0.18-4) unstable; urgency=medium * SECURITY: Aplied fix for unprobable tempfile-symlink security problem in mysqlbug reported by Shaun Colley on bugtraq on 2004-03-24. * Updated french debconf translation (thanks to Christian Perrier). Closes: #236878 * Updated portugesian debconf translation (thanks to Nuno Senica). Closes: #239168 * Updated german debconf translation (thanks to Alwin Meschede). Closes: #241749 * Improved debconf template regarding fix_privileges_tables (thanks to Matt Zimmermann for suggestions). Closes: #219400 * Improved README.Debian regarding to password settings (thanks to Yann Dirson). Closes: #241328 -- Christian Hammers Sat, 3 Apr 2004 19:52:15 +0200 mysql-dfsg (4.0.18-3) unstable; urgency=medium * Added Build-Depend to po-debconf to let it build everywhere. -- Christian Hammers Wed, 31 Mar 2004 23:43:33 +0200 mysql-dfsg (4.0.18-2) unstable; urgency=low * Added a "2>/dev/null" to a "which" command as there are two "which" versions in Debian of which one needs it. Closes: #235363 -- Christian Hammers Tue, 2 Mar 2004 23:31:28 +0100 mysql-dfsg (4.0.18-1) unstable; urgency=low * New upstream version. * Should now compile and run on ia64 (thanks to Thorsten Werner and David Mosberger-Tang). Closes: #226863 #228834 * Converted init scripts to invoce-rc.d (thanks to Erich Schubert). Closes: 232118 * Secondlast upload changed logfile location. Closes: #182655 * Updated Brasilian translation (thanks to Andre Luis Lopes). Closes: #219847 -- Christian Hammers Tue, 17 Feb 2004 23:44:58 +0100 mysql-dfsg (4.0.17-2) unstable; urgency=low * Improved manpage for mysqldumpslow.1 (thanks to Anthony DeRobertis). Closes: #231039 * Improved stopping of crashed daemons in init script (thanks to Matthias Urlichs). Closes: #230327 -- Christian Hammers Mon, 9 Feb 2004 21:54:29 +0100 mysql-dfsg (4.0.17-1) unstable; urgency=low * Made logging into /var/log/mysql/ the default. Closes: #225206 * New upstream version. Closes: #225028 * Turned on a 25MB query cache by default (thanks to Cyril Bouthors). Closes: #226789 * Updated russian translation (thanks to Ilgiz Kalmetev). Closes: #219263 * Upstream fixes the problem that AND was not commutative (thanks for Iain D Broadfoot for mentioning). Closes: #227927 * Fixed minor typo in my.cnf comments (thanks to James Renken). Closes: #221496 * Better documents regex. Closes: #214952 * Fixed minor germanism in debconf template (thanks to Marc Haber). Closes: #224148 * Added explaining comment to my.cnf regarding quoted passwords (Thanks to Patrick von der Hagen). Closes: #224906 * Changed "find -exec" to "find -print0 | xargs -0" in preinst to speed it up. Thanks to Cyril Bouthors. Closes: #220229 -- Christian Hammers Sun, 18 Jan 2004 16:16:25 +0100 mysql-dfsg (4.0.16-2) unstable; urgency=low * Tried to repair undefined weak symbols by adding a little Makefile patch. Closes: #215973 -- Christian Hammers Mon, 27 Oct 2003 22:52:10 +0100 mysql-dfsg (4.0.16-1) unstable; urgency=low * New upstream release. (Mostly little memory problems and other bugfixes it seems) * Replaced "." by ":" in chown calls to comply with the env setting "_POSIX2_VERSION=2000112" (thanks to Robert Luberda). Closes: #217399 * Adjusted syntax in my.cnf to 4.x standard (thanks to Guillaume Plessis). Closes: #217273 * Improved README.Debian password instructions (thanks to Levi Waldron). Closes: #215046 * Improved NIS warning debconf-template (thanks to Jeff Breidenbach). Closes: #215791 * Explicitly added libssl-dev to the libmysqlclient-dev package as it is needed for mysql_config and the libmysqlclient package only depends on libssl which has no unnumbered .so version (thanks to Simon Peter and Davor Ocelic). Closes: #214436, #216162 * Added "-lwrap" to "mysql_config --libmysqld-libs" and filed it as upstream bug #1650 (thanks to Noah Levitt). Closes: #214636 -- Christian Hammers Sat, 25 Oct 2003 01:09:27 +0200 mysql-dfsg (4.0.15a-1) unstable; urgency=low * Same package as 4.0.15-2 but I could not convince the Debian installer to move the packages out of incoming. -- Christian Hammers Tue, 7 Oct 2003 15:10:26 +0200 mysql-dfsg (4.0.15-2) unstable; urgency=low * Updated package description (thanks to Adrian Bunk). Closes: #210988 * Fixed small typos in manpages (thanks to Nicolas Francois). Closes: #211983 * More updates to package description (thanks to Matthias Lutz/ddtp). Closes: #213456 * Updated standards to 3.6.1. * Closes "new 4.0.15 available" bug. Closes: #213349 * Updated README.Debian with notes regarding the MySQL manual section "2.4 Post-installation Setup and Testing" (thanks to Daniel B.). Closes: #210841 -- Christian Hammers Fri, 3 Oct 2003 15:59:39 +0200 mysql-dfsg (4.0.15-1) unstable; urgency=high * SECURITY: Users who are able to use the "ALTER TABLE" command on the "mysql" database may be able to exploit this vulnerability to gain a shell with the privileges of the mysql server (usually running as the 'mysql' user). Closes: #210403 * Fixes small description typos (thanks to Oscar Jarkvik). * Updated Brazilian Portuguese debconf translation. (thanks to Andre Luis Lopes). Closes: 208030 * Replaced depricated '.' by ':' in chown (thanks to Matt Zimmerman). * Fixed manpage typo (thanks to Marc Lehmann). Closes: #207090 -- Christian Hammers Fri, 3 Oct 2003 15:59:35 +0200 mysql-dfsg (4.0.14-1) unstable; urgency=low * New upstream version. -- Christian Hammers Sun, 24 Aug 2003 16:40:36 +0200 mysql-dfsg (4.0.13-3) unstable; urgency=low * Now start mysqld as default unless you choose not when configurig with debconf priority low. So packages depending on the server when installing can access it. Thanks Matt Zimmermann (Closes: #200277) * Made mysql-server de-installable if the config and database files were removed by hand before. Thanks to Ard van Breemen (Closes: #200304) -- Christian Hammers Tue, 8 Jul 2003 22:30:40 +0200 mysql-dfsg (4.0.13-2) unstable; urgency=low * Added "nice" option for mysqld_safe to give mysqld a different priority. Submitted to upstream as MySQL Bug #627. Closes: #192087 * Fixed possible unbound variable in init script. Closes: #194621 * Fixed french debconf translation (thx Christian Perrier) Closes: #194739 * Get rid of automake1.5 (for Eric Dorland). -- Christian Hammers Wed, 11 Jun 2003 18:58:32 +0200 mysql-dfsg (4.0.13-1) unstable; urgency=medium * New upstream version. !!! Fixes a very bad natural join bug which justifies the urgency=medium. !!! http://bugs.mysql.com/bug.php?id=291 * Fixed mysql_fix_privileges manpage (Frederic Briere) Closes: #191776 * preinst: "which" is more chatty normal executable than as builtin. (Thanks to David B Harris). Closes: #188659 -- Christian Hammers Tue, 6 May 2003 22:03:45 +0200 mysql-dfsg (4.0.12-3) unstable; urgency=medium * Reincluded new way of creating my debian-sys-maint user from an old release from experimental. Now works again with old and new privilege table format. (Thanks to Vincent Danjean for spotting the problem) Closes: #188201 * Reincluded hurd build dependency fix from 3.23 branch. (Thanks to Robert Millan). Closes: #185929 * Fixed soname in libmysqlclient-dev. Closes: #188160 * Remove /var/log/mysql/ when purging the package. Closes: #188064 * Removed /usr/share/doc/mysql/ from mysql-server. Closes: #188066 * Let group "adm" be able to read logfiles. Closes: #188067 * Do not call usermod on every upgrade. Closes: #188248 (Thanks to Philippe Troin for the last three) * Fixed mysql-server.preinst so that it works on shells where which is a builtin, too. (Thanks to Erich Schubert) Closes: #181525 -- Christian Hammers Fri, 11 Apr 2003 11:32:45 +0200 mysql-dfsg (4.0.12-2) unstable; urgency=low * * NEW MAJOR UPSTREAM RELEASE: * MySQL 4 has finally been declared as 'stable'. Hurray! Read changelogs. Thanks to all testers, esp. Jose Luis Tallon, of the versions that were in the "experimental" section before. * Modified postinst script to run mysql_fix_privileges on every update. IMPORTANT: Please report if this breaks anything, it is not supposed to. * Wrote a SSL-MINI-HOWTO.txt! * Added zlib1g-dev to libmysqlclient12-dev. Closes: 186656 * Changed section of libmysqlclient12-dev to libdevel. * Added even more selfwritten manpages. * Fixed typos. -- Christian Hammers Sun, 6 Apr 2003 13:47:32 +0200 mysql-dfsg (4.0.10.gamma-1) experimental; urgency=low * New upstream version. * They merged some of my patches from debian/patches. Whoa! * This release should fix the error-logfile problem where mysqld keeps the error.log open while logrotate removes it. -- Christian Hammers Wed, 12 Feb 2003 22:39:48 +0100 mysql-dfsg (4.0.9.gamma-1) experimental; urgency=low * New upstream version. * Updated the GNU autoconf files to make building on MIPS work. See bug #176829. -- Christian Hammers Wed, 29 Jan 2003 22:07:44 +0100 mysql-dfsg (4.0.8.gamma-1) experimental; urgency=low * New upstream release. * Improved logging of init script. Closes: #174790 * We have now libmysqlclient.so.12 instead of .11. -- Christian Hammers Thu, 9 Jan 2003 20:14:11 +0100 mysql-dfsg (4.0.7.gamma-1) experimental; urgency=high * SECURITY: This version fixes an upstream security release that is only present in the 4.x branch which is currently only in the experimental distribution and therefore will not get a DSA. * New upstream release. -- Christian Hammers Sat, 28 Dec 2002 15:51:39 +0100 mysql-dfsg (4.0.6.gamma-2) experimental; urgency=low * Added --system to addgroup. Closes: #173866 -- Christian Hammers Sat, 21 Dec 2002 15:28:26 +0100 mysql-dfsg (4.0.6.gamma-1) experimental; urgency=low * New upstream version. Now Gamma! * There are no longer changes to the .orig.tar.gz neccessary to make diff happy. docs/ has still to be deleted, although, as it is non-free. * Incorporated patches from unstable. * Added mysqlmanager and a couple of other new scripts. * Enabled libmysqld embedded server library. * Enabled SSL and Virtual-IO support. (CORBA based MySQL-FS seems to be not existing..) -- Christian Hammers Fri, 20 Dec 2002 22:30:51 +0100 mysql-dfsg (4.0.5a.beta-3) experimental; urgency=low * Modified postinst to work with old and new mysql.user table format and fixed spelling typo in postinst. Thanks to Roger Aich. * Updated config.{guess,sub} to make the mipsel porters happy. Thanks to Ryan Murray. Closes: #173553 -- Christian Hammers Wed, 18 Dec 2002 15:56:34 +0100 mysql-dfsg (4.0.5a.beta-2) experimental; urgency=low * Upstream removed option "--skip-gemini". So did I. Closes: 173142 -- Christian Hammers Tue, 17 Dec 2002 10:35:49 +0100 mysql-dfsg (4.0.5a.beta-1) experimental; urgency=low * First 4.x experimental package due to continuous user requests :-) Please test and report! * upstream: safe_mysqld has been renamed to mysqld_safe * upstream: new library soname version libmysqlclient.so.11 * Renamed libmysqlclientXX-dev to libmysqlclient-dev as I don't plan to support more than one development environment and this makes the dependencies easier. * FIXME: Skipped parts of the debian/patches/alpha patch as the global.h is not existing. * FIXME: How to get rid this? Old ltconfig patch already applied. "lintian: binary-or-shlib-defines-rpath ./usr/bin/mysql /usr/lib/mysql" -- Christian Hammers Sun, 1 Dec 2002 18:32:32 +0100 mysql-dfsg (3.23.53-4) unstable; urgency=medium * Fixed errno.h problem. Closes: #168533, #168535 -- Christian Hammers Sun, 10 Nov 2002 18:32:08 +0100 mysql-dfsg (3.23.53-3) unstable; urgency=medium * Changed automake build-dep to unversioned automake1.4. Closes: #166391 * Fixed description. Closes: #167270 (Thanks to Soren Boll Overgaard) -- Christian Hammers Tue, 5 Nov 2002 01:25:01 +0100 mysql-dfsg (3.23.53-2) unstable; urgency=low * Reverted user creation in init scripts. Closes: #166432 (Thanks to Birzan George Cristian) -- Christian Hammers Thu, 31 Oct 2002 15:36:25 +0100 mysql-dfsg (3.23.53-1) unstable; urgency=low * New upstream release. -- Christian Hammers Thu, 24 Oct 2002 23:04:16 +0200 mysql-dfsg (3.23.52-3) unstable; urgency=low * Substituted the first-install 'debian-sys-maint' user creation by something ANSI SQL compliant. Closes: #163497 (Thanks to Karl Hammar) * Tightend dependency to debhelper (>= 4.0.12) to be sure that debconf-utils gets installed, too, as I use dh_installdebconf. * Fixed upstream manpage bug in mysqldump.1. Closes: #159779 (Thanks to Colin Watson) * Added comment about MIN_WORD_LEN to mysql-server.README.Debian (Thanks to Philipp Dreimann) * Added a dependency for zlib1g-dev to libmysqlclient10-dev. (Thanks to Jordi Mallach) -- Christian Hammers Sun, 15 Sep 2002 17:14:44 +0200 mysql-dfsg (3.23.52-2) unstable; urgency=low * Fixed typo in preinst scripts. * Removed bashism in init script. * Fixed ambiguous debconf example. Closes: #158884 -- Christian Hammers Fri, 30 Aug 2002 00:51:29 +0200 mysql-dfsg (3.23.52-1) unstable; urgency=low * New upstream version. Closes: #157731 * Clearified the meaning of the debian-sys-maint special user in the README.Debian file. Closes: #153702 * Wrote some words regarding the skip-networking in README.Debian. Closes: #157038 * Added dependency to passwd. * Fixes typo and unnecessarily complication in is_mysql_alive(). * Added check for /etc/mysql/my.cnf in init script. -- Christian Hammers Tue, 27 Aug 2002 01:53:32 +0200 mysql-dfsg (3.23.51-4) unstable; urgency=low * Added a compressed "nm mysqld" output to allow people to trace core dumps with /usr/bin/resolve_stack_dump as suggested in the INSTALL-SOURCE file. Thanks to atudor@labs.agilent.com for the hint. -- Christian Hammers Wed, 24 Jul 2002 20:44:55 +0200 mysql-dfsg (3.23.51-3) unstable; urgency=low * Corrected copyright file: the MySQL client library is licenced under the LGPL-2 not the GPL. From version 4.x it actually will be GPL this is why parts of http://www.mysql.com/ already say so. Closes: #153591 * Corrected german translation. Thanks to Roland Rosenfeld . Closes: #151903 -- Christian Hammers Thu, 11 Jul 2002 20:32:28 +0200 mysql-dfsg (3.23.51-2) unstable; urgency=low * Improved NIS tolerance in preinst script. -- Christian Hammers Sun, 7 Jul 2002 04:43:28 +0200 mysql-dfsg (3.23.51-1) unstable; urgency=medium * New upstream version. * I applied a patch that fixes a binary imcompatibility in the shared libary libmysqlclient.so.10 between 3.23.50 and some versions earlier. Upstream has been contacted and asked for clarification. Closes: #149952 * Added support for NIS i.e. it shows a warning and fails if the needed 'mysql' user does not exists but works if it does. Closes: #143282, #147869 * Substituted $0 in init scripts by something really weird so that "./S20mysql restart" works now, too. (BTW: S20? install file-rc!!!) Closes: #148658 * Now postinst works even if /etc/init.d/mysql is removed. Closes: #151021 * Decided to leave "set +x" in postinst but wrote comment. Closes: #151022 -- Christian Hammers Sun, 7 Jul 2002 04:43:25 +0200 mysql-dfsg (3.23.50-1) unstable; urgency=medium * New upstream version. Fixes a very annoying and important bug that lets all mysql programs including perl scripts etc. segfault when using the read_default_group() function. 3.23.50 is currently a pre-release and expected to be released next week. I plan to propose it for woody as soon as its stability has been proven. The following bug reports are all regarding this issue. Closes: #144960, #145322, #136798, #138143, -- Christian Hammers Sat, 18 May 2002 21:14:01 +0200 mysql-dfsg (3.23.49x-1) unstable; urgency=low * I had to split the package to seperate the manual as it is not GPL like the rest of the software and docs but under a license that e.g. forbids selling printed versions. . The upstream authors were contacted a while ago but did not like to change the situation. . The names of the resulting packages have not changed as the manual already was in a seperate mysql-doc package due to it's size. The source packages are now splitted from one "mysql" to "mysql-dfsg" in main and "mysql-nonfree" in non-free. * No code change! The "x" at the end of the version number ist just to be able to upload a new source package. ("a" was already taken by upstream for their binary upload correction) -- Christian Hammers Wed, 8 May 2002 02:01:41 +0200 mysql (3.23.49-8) unstable; urgency=low * Substituted $0 in init script to let e.g. "/etc# ./init.d/mysql restart" works, too. Closes: #141555 -- Christian Hammers Sun, 7 Apr 2002 15:00:44 +0200 mysql (3.23.49-7) unstable; urgency=low * The Makefiles are totally broken for the --enable-local-infile option. I now patched libmysql/libmysql.c#mysql_init() manually. Closes: #138347 -- Christian Hammers Fri, 29 Mar 2002 23:55:15 +0100 mysql (3.23.49-6) unstable; urgency=low * Moved mysqlcheck from server to client package. Closes: #139799 * Added manpage for mysqlhotcopy. Regarding: #87097 * Added 'sharedscripts' directive to the logrotate script. * Replaced grep by /usr/bin/getent to let the group/user checking work on NIS/LDAP systems, too. Closes: #115677, #101529 -- Christian Hammers Fri, 22 Mar 2002 22:40:51 +0100 mysql (3.23.49-5) unstable; urgency=low * Added skip-innodb to default my.cnf. * Enabled --enable-local-infile, it seems to be a new option that defaults to disable a formerly enabled feaure. Closes: #137115 -- Christian Hammers Sat, 16 Mar 2002 00:29:10 +0100 mysql (3.23.49-4) unstable; urgency=medium * Recompiled against fixed libz. * Enabled --enable-local-infile, it seems to be a new option that defaults to disable a formerly enabled feaure. Closes: #137115 * Fixed README.compile_on_potato. Closes: #136529 * Now a ext3 .jounal file in /var/lib/mysql does not prevent the installation (happens when creating a jounal on an already mounted partition). Closes: #137146 -- Christian Hammers Wed, 13 Mar 2002 13:34:24 +0100 mysql (3.23.49-3) unstable; urgency=low * Added Russian translation. Closes: #135846 * Fixed installation of .info documents. Closes: #135030 -- Christian Hammers Wed, 27 Feb 2002 23:36:35 +0100 mysql (3.23.49-2) unstable; urgency=low * Updated french translation and split template files. Closes: #134754 * Fixed a small debian.cnf related bug in mysql-server.postinst. -- Christian Hammers Tue, 19 Feb 2002 23:13:58 +0100 mysql (3.23.49-1) unstable; urgency=low * New upstream release. (Mainly InnoDB related fixes) * Exported a $HOME variable in the scripts so that /root/.my.cnf is not read anymore. This will avoid problems when admins put only passwords but no usernames in this file. Closes: #132048 * New debian-sys-maint password algorithm (now ~96bit :-)) Closes: #133863 * Recreating debian-sys-main pwd on every install to help people who accidently delete user or password files... * Added /var/log/mysql so that user can put the binary logs in there as mysql cannot write the .001 etc files itself in /var/log which is owned by root. -- Christian Hammers Thu, 14 Feb 2002 22:17:45 +0100 mysql (3.23.47-6) unstable; urgency=low * Dropped a sentence about the new debian-sys-maint user in the debconf note and updated the README.Debian. Related: #132048 * Added more french translation. Closes: #132390 -- Christian Hammers Wed, 6 Feb 2002 09:41:29 +0100 mysql (3.23.47-5) unstable; urgency=low * Fixed grammar error in template. Closes: #132238 * Really fixed typo in logrotate script. Closes: #131711 -- Christian Hammers Tue, 5 Feb 2002 14:20:08 +0100 mysql (3.23.47-4) unstable; urgency=medium * Fixes typo in postinst that let init script fail. Closes: #131743 * Fixed bashism bug that failed on ash. Closes: #131697 * Fixed typo in logrotate script. Closes: #131711 -- Christian Hammers Thu, 31 Jan 2002 23:58:46 +0100 mysql (3.23.47-3) unstable; urgency=low * Added new Debian specific mysql user called 'debian-sys-maint' which is used for pinging the server status, flushing the logs or shutting down the server in maintenance scripts. The credentials of this user are stored in the UID0-only readable file /etc/mysql/debian.cnf. Closes: #129887, #130326, #99274 * Fixed unintended server startup at boottime. Closes: #122676, #130105 * New upstream fixes command line parsing bug: Closes: #128473 * Fixed manpage headers to let apropos work: Closes: #119122 * Added "status" options for /etc/init.d/mysql. Closes: #129020 -- Christian Hammers Sun, 27 Jan 2002 19:46:11 +0100 mysql (3.23.47-2) unstable; urgency=low * Enhanced init scripts by using mysqladmin instead of kill $pid. Thanks to Aaron Brick. -- Christian Hammers Fri, 18 Jan 2002 01:42:23 +0100 mysql (3.23.47-1) unstable; urgency=low * New upstream release. * Updated brazilian translation of debconf descriptions. Closes: #123332 -- Christian Hammers Sun, 6 Jan 2002 21:11:17 +0100 mysql (3.23.46-3) unstable; urgency=low * Fixed bug in postinst where a script was accidently called with "bash -c