Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 16 Update: mysql-5.5.24-1.fc16
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Tuesday 26th June 2012 21:30:56 UTC (over 4 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9324
2012-06-13 20:58:21
--------------------------------------------------------------------------------

Name        : mysql
Product     : Fedora 16
Version     : 5.5.24
Release     : 1.fc16
URL         : http://www.mysql.com
Summary     : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

--------------------------------------------------------------------------------
Update Information:

Update to MySQL 5.5.24, for various fixes described at
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
including the fix for CVE-2012-2122
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun 11 2012 Tom Lane  5.5.24-1
- Update to MySQL 5.5.24, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
  including the fix for CVE-2012-2122
Resolves: #830680
- Tweak logrotate script to put the right permissions on mysqld.log
- Minor specfile fixes for recent packaging guidelines changes
* Sat Apr 28 2012 Tom Lane  5.5.23-1
- Update to MySQL 5.5.23, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
* Sat Mar 24 2012 Tom Lane  5.5.22-1
- Update to MySQL 5.5.22, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
- Turn on PrivateTmp in service file
Resolves: #782513
- Comment out the contents of /etc/logrotate.d/mysqld, so that manual
  action is needed to enable log rotation.  Given the multiple ways in
  which the rotation script can fail, it seems imprudent to try to make
  it run by default.
Resolves: #799735
* Tue Mar 20 2012 Honza Horak  5.5.21-3
- Revise mysql_plugin test patch so it moves plugin files to
  a temporary directory (better solution to #789530)
* Tue Mar 13 2012 Honza Horak  5.5.21-2
- Fix ssl-related tests to specify expected cipher explicitly
Related: #789600
- Fix several strcpy calls to check destination size
* Mon Feb 27 2012 Tom Lane  5.5.21-1
- Update to MySQL 5.5.21, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html
- Hack openssl regression test to still work with rawhide's openssl
- Fix assorted failures in post-install regression tests (mysql-test RPM)
Resolves: #789530
* Fri Feb 10 2012 Tom Lane  5.5.20-2
- Revise our test-disabling method to make it possible to disable tests on
a
  platform-specific basis, and also to get rid of mysql-disable-test.patch,
  which broke in just about every upstream update (Honza Horak)
- Disable cycle-counter-dependent regression tests on ARM, since there is
  not currently any support for that in Fedora ARM kernels
Resolves: #773116
- Add some comments to mysqld.service documenting how to customize it
Resolves: #785243
* Fri Jan 27 2012 Tom Lane  5.5.20-1
- Update to MySQL 5.5.20, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html
  as well as security fixes described at
  http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Resolves: #783828
- Re-include the mysqld logrotate script, now that it's not so bogus
Resolves: #547007
* Wed Jan  4 2012 Tom Lane  5.5.19-1
- Update to MySQL 5.5.19, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html
* Sun Nov 20 2011 Tom Lane  5.5.18-1
- Update to MySQL 5.5.18, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html
* Sat Nov 12 2011 Tom Lane  5.5.17-1
- Update to MySQL 5.5.17, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html
- Get rid of version-number assumption in sysv-to-systemd conversion
trigger
* Wed Nov  2 2011 Honza Horak  5.5.16-4
- Don't assume all ethernet devices are named ethX
Resolves: #682365
- Exclude user definition from my.cnf, user is defined in mysqld.service
now
Resolves: #661265
* Sun Oct 16 2011 Tom Lane  5.5.16-3
- Fix unportable usage associated with va_list arguments
Resolves: #744707
* Sun Oct 16 2011 Tom Lane  5.5.16-2
- Update to MySQL 5.5.16, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html
* Fri Jul 29 2011 Tom Lane  5.5.15-2
- Update to MySQL 5.5.15, for various fixes described at
  http://dev.mysql.com/doc/refman/5.5/en/news-5-5-15.html
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #814605 - CVE-2012-2122 mysql: incorrect type cast in
check_scramble() leading to authentication bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=814605
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mysql' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 2ms