Summary: | dev-db/mysql-{5.044,community-5.0.45}: security fixes (CVE-2007-378[01]) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | bernd, chainsaw, mysql-bugs |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2007-07-14 17:22:40 UTC
Please try get the package version matrix right. The fixes/issues are in the upstream releases that I corrected the summary to. http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-44.html http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html We have enterprise 5.0.44 in the tree already, but not community 5.0.45. I'll try to have the new community version in the tree before the end of the weekend. community-5.0.45 in CVS now. I'll post testing instructions for arches in a moment. Testing procedures: FEATURES='userpriv test' USE='ssl cluster extraengine' emerge =mysql-5.0.44 FEATURES='userpriv test' USE='ssl cluster extraengine' emerge =mysql-community-5.0.45 There should be _no_ failures at all this time. All past failures accounted for and handled. I can complete the tests on my machines (ppc64-32ul, x86, amd64). Target keywords: mysql: alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86 mysql-community: (none, the package is ~arch only). Arches please test and mark stable. alpha/ia64/x86 after a lot of time passing the tests dercorny asked me about the 5.0.44-r1 version I have in the tree. It runs the identical tests that 5.0.44 does, just moving some more bits into the eclass. It should have the identical result as plain 5.0.44, so feel free to test either. *** Bug 185506 has been marked as a duplicate of this bug. *** 5.0.44-r1 ppc64 stable ppc stable dev-db/mysql-5.0.44-r1 stable for HPPA. sparc stable. amd64 stable time for glsa decision. I tend to vote yes because of the server crash. I vote YES. Same than the last MySQL security bug, i don't understand why we don't use mysqld_safe to automatically restart mysqld... voting GLSA, since the server is shut down... GLSA 200708-10, sorry for the delay... |