Your message dated Wed, 26 Apr 2017 15:07:33 +0000 with message-id <e1d3oxv-00078b...@fasolo.debian.org> and subject line Bug#860547: fixed in mysql-5.7 5.7.18-1 has caused the Debian Bug report #860547, regarding Security fixes from the April 2017 CPU to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 860547: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860547 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: mysql-5.7 Version: 5.7.17-1 Severity: grave Tags: security upstream fixed-upstream The Oracle Critical Patch Update for April 2017 will be released on Tuesday, April 18. According to the pre-release announcement [1], it will contain information about CVEs fixed in MySQL 5.7.18. The CVE numbers will be available when the CPU is released. Please note that the MySQL release cycle has changed from every two months to every three months. The releases are now synchronized with the CPU announcements. Best regards, Norvald H. Ryeng [1] http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
--- End Message ---
--- Begin Message ---Source: mysql-5.7 Source-Version: 5.7.18-1 We believe that the bug you reported is fixed in the latest version of mysql-5.7, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 860...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Lars Tangvald <lars.tangv...@oracle.com> (supplier of updated mysql-5.7 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 19 Apr 2017 07:23:52 +0200 Source: mysql-5.7 Binary: libmysqlclient20 libmysqld-dev libmysqlclient-dev mysql-client-core-5.7 mysql-client-5.7 mysql-server-core-5.7 mysql-server-5.7 mysql-server mysql-client mysql-testsuite mysql-testsuite-5.7 mysql-source-5.7 Architecture: source amd64 all Version: 5.7.18-1 Distribution: unstable Urgency: high Maintainer: Robie Basak <robie.ba...@ubuntu.com> Changed-By: Lars Tangvald <lars.tangv...@oracle.com> Description: libmysqlclient-dev - MySQL database development files libmysqlclient20 - MySQL database client library libmysqld-dev - MySQL embedded database development files mysql-client - MySQL database client (metapackage depending on the latest versio mysql-client-5.7 - MySQL database client binaries mysql-client-core-5.7 - MySQL database core client binaries mysql-server - MySQL database server (metapackage depending on the latest versio mysql-server-5.7 - MySQL database server binaries and system database setup mysql-server-core-5.7 - MySQL database server binaries mysql-source-5.7 - MySQL source mysql-testsuite - MySQL regression tests mysql-testsuite-5.7 - MySQL 5.7 testsuite Closes: 844275 860547 Changes: mysql-5.7 (5.7.18-1) unstable; urgency=high (security fixes) . [ Lars Tangvald ] * Imported upstream version 5.7.18 to fix security issues: - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3331 - CVE-2017-3450 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455 - CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459 - CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 - CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468 - CVE-2017-3599 CVE-2017-3600 (Closes: #860547) * d/patches: Dropped fixes that are applied upstream - fix_test_events_2 - fix_mysql_config_flags (Closes: #844275) * Add connection_control plugin (LP: #1633485) This is a security-enhancing plugin (disabled by default) that enables rate limiting of connection attempts https://dev.mysql.com/doc/refman/5.7/en/connection-control-plugin.html * d/server-core.install: Remove my-default.cnf The config file has not been maintained in a long time, and would cause errors if used with a 5.7 server. Removed from build by upstream . [ Robie Basak ] * Drop innotop The bundled innotop util was not maintained. For details, see: http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/2017-January/010180.html Checksums-Sha1: af67fd65dedae7d9456bca2ef343b46a3bf69272 3255 mysql-5.7_5.7.18-1.dsc 346e91db0160434488493966054eb25f712c89c8 61612105 mysql-5.7_5.7.18.orig.tar.gz 56966d0cfdbabe0d51bc75951c210315bd53a763 3291820 mysql-5.7_5.7.18-1.debian.tar.xz a190b5166c01a6348ad9aec3f05da212da673cf9 1297472 libmysqlclient-dev_5.7.18-1_amd64.deb 890b10d01eba096a6382e24829130385141b2bf2 1850642 libmysqlclient20-dbgsym_5.7.18-1_amd64.deb f076f3447dcfd0a672247a343615a0946ef2070e 952002 libmysqlclient20_5.7.18-1_amd64.deb d19eb6461cd58daf0b975930b7576af3c65f809b 6632684 libmysqld-dev_5.7.18-1_amd64.deb bb7e772b5989845ce8991239a2411c8cb6e1995d 11942 mysql-5.7_5.7.18-1_amd64.buildinfo fe2ee423f84c712d1e897c6a1e431e477ab13ac8 17671678 mysql-client-5.7-dbgsym_5.7.18-1_amd64.deb 0b2454ca645499b2a1081fc24f4b5a4ffe30f8e9 2431644 mysql-client-5.7_5.7.18-1_amd64.deb 0d00a2bdf10938ef5f048d2ae15b01205367c3e1 62065540 mysql-client-core-5.7-dbgsym_5.7.18-1_amd64.deb 5685df980ff2fa7c6f384a831bf760c50bd9e025 7033952 mysql-client-core-5.7_5.7.18-1_amd64.deb 76e8fe99a025f6fba7c4586c83f8312d434e6499 155492 mysql-client_5.7.18-1_all.deb c34bac40e8945d51844412d9ff077899b1e79d57 17281462 mysql-server-5.7-dbgsym_5.7.18-1_amd64.deb 8f3a10d4a881432a4251cabfd296f6d1b64d7b09 3308928 mysql-server-5.7_5.7.18-1_amd64.deb f2b42501d7a4c8003a37f1f24cb64bc6b168b6ec 82381706 mysql-server-core-5.7-dbgsym_5.7.18-1_amd64.deb 9758078b9bf11ed94b2d940df774f6dc6b802ba9 7817456 mysql-server-core-5.7_5.7.18-1_amd64.deb 45fe61e86b866ded445232b0668a005dd3efe4ce 155616 mysql-server_5.7.18-1_all.deb d6044bbee6421e366b70e802c8df3be3cccd14a6 61932096 mysql-source-5.7_5.7.18-1_amd64.deb ce3d9d9b2fad849264fd7e8b6435296fcf321933 122285890 mysql-testsuite-5.7-dbgsym_5.7.18-1_amd64.deb 2b35d7d6b0b700cc30de2f360ec2a3a724c6dcc6 22613380 mysql-testsuite-5.7_5.7.18-1_amd64.deb 78cc66836a7628b4a4e8fd59952358246ae5b64f 155474 mysql-testsuite_5.7.18-1_all.deb Checksums-Sha256: 9e9e7e368c90e5f3d7624603efd8195c833a85fb2cc4d2400ee9e3df316b4d83 3255 mysql-5.7_5.7.18-1.dsc ae6f5e2cf7b936496cf60260cd7fd5a0862c21f48cd240448021c4ea067a0f0c 61612105 mysql-5.7_5.7.18.orig.tar.gz 3941392c361f78e3d83bda640d070e4e35af3ecd2fff1c251a6bd010b389f372 3291820 mysql-5.7_5.7.18-1.debian.tar.xz c41c5daf45364a3e9d626570f40be9b11510a4d00fa6fbfad830d38cf7baa07f 1297472 libmysqlclient-dev_5.7.18-1_amd64.deb 1b2d70f333ae1de17dfe1afa4b35f8d8472c5e344d673f0297b4355306d6561a 1850642 libmysqlclient20-dbgsym_5.7.18-1_amd64.deb f7c4747cf9f67e8fc75860f27ab39e4426866bdd7826fdcab1e9f9827336110b 952002 libmysqlclient20_5.7.18-1_amd64.deb 951a630b33bd33f7f1d61e73d50cced130ecf11d0e66bd75784e2dee89cca5cd 6632684 libmysqld-dev_5.7.18-1_amd64.deb 1247359f4acd150fa558a1458a30c4a6182c76ee325bcae01981061f28421083 11942 mysql-5.7_5.7.18-1_amd64.buildinfo 7812a17ead569973650e4332aea82c33d168e35028b50b736970c3d4f172dbaa 17671678 mysql-client-5.7-dbgsym_5.7.18-1_amd64.deb 8c79da9d40e1cd2191742297dbaa5bb325ed8d5ebcd7a166bd526d10eeb91a57 2431644 mysql-client-5.7_5.7.18-1_amd64.deb 91736d85c876dd684551aeb0cc5355ece0c6e32f12539c774baf31a52c4bbd8b 62065540 mysql-client-core-5.7-dbgsym_5.7.18-1_amd64.deb 2e86b7cb878285318f85bc5917a4b18748a4aedfa4180bf640b554ec69d60161 7033952 mysql-client-core-5.7_5.7.18-1_amd64.deb a3a2e1f69f1b4e4ce3ee2507331281ba1e49e647764ca90e5a60dc95f557aa27 155492 mysql-client_5.7.18-1_all.deb 67f663837e187353c8b6e8e52bb715ba7a3abedb8d4724c1285bc242d011218e 17281462 mysql-server-5.7-dbgsym_5.7.18-1_amd64.deb 4285d22e7d7c3b702292689356cbffa70550429d2d2717e102abbc80b93c4d4b 3308928 mysql-server-5.7_5.7.18-1_amd64.deb 64a54c6bd1986160b3dd05eb916739889f24472d8d8fa4f55550ef972a98a1a9 82381706 mysql-server-core-5.7-dbgsym_5.7.18-1_amd64.deb 1fdf4a2576c720b0fe7e0f57cec2e4a386b10f58c3e42c5a75d8668e69349b41 7817456 mysql-server-core-5.7_5.7.18-1_amd64.deb 61f26322b0aac105957d3346e8f69f30f40423e7c7dfbf170e57616fe7299ac4 155616 mysql-server_5.7.18-1_all.deb 604828776dba7ffde62a7b3adbfb7b5b458f266b64d3a212efec0516de0295fb 61932096 mysql-source-5.7_5.7.18-1_amd64.deb 361f37addac819ba54773fd146830034c853134e8c90b9f6e96b2416c06b1ee0 122285890 mysql-testsuite-5.7-dbgsym_5.7.18-1_amd64.deb 728cd1291dc2af0172e98e601b41116f190b282fec5d2c99b66d0dcd2a918422 22613380 mysql-testsuite-5.7_5.7.18-1_amd64.deb 6aa0d87d054e42b7a98f19b19f7bf53612dcf8a34450da5acb87ee4654cf8899 155474 mysql-testsuite_5.7.18-1_all.deb Files: 8dd4f97fb5d84b14748b3d5041f82b78 3255 database optional mysql-5.7_5.7.18-1.dsc dfcdf70d393884298b7cbf21e821c457 61612105 database optional mysql-5.7_5.7.18.orig.tar.gz 60914f539ca2c656aaa7c1a72e3f0b99 3291820 database optional mysql-5.7_5.7.18-1.debian.tar.xz a04d67cac49222c7bf5e919d9d47eb0a 1297472 libdevel optional libmysqlclient-dev_5.7.18-1_amd64.deb ccdc7b05b3c40d67119f733cb5765cb2 1850642 debug extra libmysqlclient20-dbgsym_5.7.18-1_amd64.deb 5f6087905a8d5d431479f54e7fe96e90 952002 libs optional libmysqlclient20_5.7.18-1_amd64.deb 17b0bf3009a634b109d8fa840390ddad 6632684 libdevel optional libmysqld-dev_5.7.18-1_amd64.deb 41c4bedc425fd34fbdfdafd8b60a2ed4 11942 database optional mysql-5.7_5.7.18-1_amd64.buildinfo bc554073fcdd9f6c8200b08e1cb884ca 17671678 debug extra mysql-client-5.7-dbgsym_5.7.18-1_amd64.deb 1deab11558208691e8caa6e3c13e02d4 2431644 database optional mysql-client-5.7_5.7.18-1_amd64.deb 7698f4f00579b7cb6f417d49ca2e8c9a 62065540 debug extra mysql-client-core-5.7-dbgsym_5.7.18-1_amd64.deb 0798dd02ee46490804a07bf4a7138911 7033952 database optional mysql-client-core-5.7_5.7.18-1_amd64.deb a45b87692102205ebe9ec982d7936227 155492 database optional mysql-client_5.7.18-1_all.deb 420af7df8a8598be027ee82a9de44d4a 17281462 debug extra mysql-server-5.7-dbgsym_5.7.18-1_amd64.deb 22da256eb61d70350fc786cbb01d5d97 3308928 database optional mysql-server-5.7_5.7.18-1_amd64.deb 8c9f9384704061356a55d4a0229ae5e2 82381706 debug extra mysql-server-core-5.7-dbgsym_5.7.18-1_amd64.deb 39658ec18a623ff41bd538b41d34d0ea 7817456 database optional mysql-server-core-5.7_5.7.18-1_amd64.deb d4215d16f415baea60387db7783a8bd2 155616 database optional mysql-server_5.7.18-1_all.deb a225a5b7eb093f3693d7c55ffb6ea950 61932096 database optional mysql-source-5.7_5.7.18-1_amd64.deb eb2316ee1da79d00936975565bbfd0ca 122285890 debug extra mysql-testsuite-5.7-dbgsym_5.7.18-1_amd64.deb f01582bbbcd13999bf6b8865f1e8e8c1 22613380 database optional mysql-testsuite-5.7_5.7.18-1_amd64.deb 8d5f3a904c936dfe1a1d42ef4e8813cf 155474 database optional mysql-testsuite_5.7.18-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJZAJ8wAAoJEOVkucJ1vdUuEhcP+wQFz43iidTIZBjwHXQTtcg/ TAhtE662xaYsUQCceX+3tKOORvYK/GYV0zRjPGn2LukurY/Bcju1cEieoza4hnqm rujnUOFsXF/hxYLguOLpBR6PJfcKErtdKj68ZRHKvSjpwsfwLEBw2FV2jh4nWHyT Owl+/v0OvrLQLJioFOSvhSUUD9C48SbETVpjLcO4JeEVKbQf6hj/8fZe9XrtRRDd oCdkSU183sLlA9i05dY47dQclaCJtc7KJxu5a3JKQtp1wh7U0Cr4lHpODWSi1iJQ IoWTQzYxbS/NVZLEdyzDPGaF5fR7KkQ79c/aTJZ8FjP7W961UlRFlnKZWCYcJfw9 20Yrz9MQD05T2JVGQbbs291Eps1hrQz4MvZ4DLp1Ra1m5tk3WzSCaNOaGazdAMuk yDb5jqo+V0nOdNEmA5+AulL5pRVm6rBKEAmnJVsuq6lOYd+vZO3Yc0cXcQ9O7N4t B1Lsik3nepHWeEzhBryUaitmVWD0i3Sq2gZFzs8aFdHhZpf3xbrgqYGtyZDz10N6 7hvynfHyygx4s8sZW+djKqU1rrZ41+a1EW92n0aTBUkZR5lg0/eCqxEOVoIm/r6O i8EMKIq9nxRSkdRvnotJQ8sln6hSDX8YhRmEK6Rp6/+m12aQKoiGssUXgAgPn4H6 AWCVvT903f5dxmwIOEsy =iy9f -----END PGP SIGNATURE-----
--- End Message ---
