UbuntuUpdates.org

Package "mysql-source-5.7"

Name: mysql-source-5.7

Description:

MySQL source

Latest version: 5.7.32-0ubuntu0.16.04.1
Release: xenial (16.04)
Level: security
Repository: universe
Head package: mysql-5.7
Homepage: http://dev.mysql.com/

Links


Download "mysql-source-5.7"


Other versions of "mysql-source-5.7" in Xenial

Repository Area Version
base universe 5.7.11-0ubuntu6
updates universe 5.7.32-0ubuntu0.16.04.1

Changelog

Version: 5.7.32-0ubuntu0.16.04.1 2020-10-27 13:07:34 UTC

  mysql-5.7 (5.7.32-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.32 to fix security issues
    - CVE-2019-14775, CVE-2020-14672, CVE-2020-14760, CVE-2020-14765,
      CVE-2020-14769, CVE-2020-14771, CVE-2020-14775, CVE-2020-14776,
      CVE-2020-14789, CVE-2020-14790, CVE-2020-14793, CVE-2020-14812,
      CVE-2020-14827, CVE-2020-14867, CVE-2020-14869
  * Removed patch no longer needed with new version:
    - debian/patches/disable_crl_tests.patch

 -- Marc Deslauriers <email address hidden> Fri, 23 Oct 2020 09:05:26 -0400

Source diff to previous version
CVE-2019-14775 RESERVED
CVE-2020-14672 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and
CVE-2020-14760 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.31 and prior.
CVE-2020-14765 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31
CVE-2020-14769 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior,
CVE-2020-14771 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 a
CVE-2020-14775 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 a
CVE-2020-14776 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 a
CVE-2020-14789 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0
CVE-2020-14790 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and prior and 8.0.
CVE-2020-14793 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior,
CVE-2020-14812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.
CVE-2020-14827 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 a
CVE-2020-14867 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior, 5.7.31
CVE-2020-14869 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 a

Version: 5.7.31-0ubuntu0.16.04.1 2020-07-28 16:06:21 UTC

  mysql-5.7 (5.7.31-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.31 to fix security issues
    - CVE-2020-14539, CVE-2020-14540, CVE-2020-14547, CVE-2020-14550,
      CVE-2020-14553, CVE-2020-14559, CVE-2020-14576
  * d/p/disable_tests.patch: updated for new version.
  * d/p/disable_crl_tests.patch: disable some tests that have expired
    certificates until new ones can be obtained from the upstream repo.
  * debian/rules: switch to -DWITH_LIBEVENT=bundled as the system libevent
    in xenial is now too old.

 -- Marc Deslauriers <email address hidden> Mon, 20 Jul 2020 06:50:54 -0400

Source diff to previous version
CVE-2020-14539 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior,
CVE-2020-14540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.30 and prior and 8.0
CVE-2020-14547 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior a
CVE-2020-14550 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and p
CVE-2020-14553 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and pr
CVE-2020-14559 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 an
CVE-2020-14576 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0

Version: 5.7.30-0ubuntu0.16.04.1 2020-05-05 02:07:08 UTC

  mysql-5.7 (5.7.30-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.30 to fix security issues
    - CVE-2020-2760, CVE-2020-2763, CVE-2020-2765, CVE-2020-2780,
      CVE-2020-2804, CVE-2020-2812, CVE-2020-2922
  * debian/patches/year2020.patch: Dropped, no longer needed
  * Use bundled libedit, as new version no longer builds with one in Xenial
    - debian/control: remove libedit-dev Build-Depends.
    - debian/rules: remove -DWITH_EDITLINE=system.

 -- Marc Deslauriers <email address hidden> Wed, 29 Apr 2020 12:43:29 -0400

Source diff to previous version
CVE-2020-2760 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 a
CVE-2020-2763 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior
CVE-2020-2765 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior a
CVE-2020-2780 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29
CVE-2020-2804 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior,
CVE-2020-2812 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and
CVE-2020-2922 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and p

Version: 5.7.29-0ubuntu0.16.04.1 2020-01-27 16:06:23 UTC

  mysql-5.7 (5.7.29-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.29 to fix security issues
    - CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
      CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2589,
      CVE-2020-2660
  * debian/control: added libssl-dev Depends to libmysqlclient-dev. Since
    the previous update switched to building with OpenSSL, some packages
    were failing to build because of the missing dependency.
  * debian/patches/year2020.patch: fixed FTBFS by changing future date to
    2037.

 -- Marc Deslauriers <email address hidden> Tue, 21 Jan 2020 09:10:07 -0500

Source diff to previous version
CVE-2020-2570 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 an
CVE-2020-2572 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prio
CVE-2020-2573 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 an
CVE-2020-2574 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and p
CVE-2020-2577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 a
CVE-2020-2579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior,
CVE-2020-2584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and
CVE-2020-2589 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 a
CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior a

Version: 5.7.28-0ubuntu0.16.04.2 2019-11-18 14:07:17 UTC

  mysql-5.7 (5.7.28-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.28 to fix security issues
    - CVE-2019-2910, CVE-2019-2911, CVE-2019-2914, CVE-2019-2922,
      CVE-2019-2923, CVE-2019-2924, CVE-2019-2938, CVE-2019-2946,
      CVE-2019-2948, CVE-2019-2960, CVE-2019-2969, CVE-2019-2974,
      CVE-2019-2993
  * Removed patches no longer required:
    - debian/patches/mips64el.patch
  * debian/rules: removed -DWITH_SSL=bundled, option no longer works.
  * debian/control: add libssl-dev to Build-Depends.
  * d/additions/apparmor-profile: add missing AppArmor rules
    (LP: #1658233).

 -- Marc Deslauriers <email address hidden> Fri, 15 Nov 2019 08:23:09 -0500

1658233 missing apparmor rules
CVE-2019-2910 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45
CVE-2019-2911 Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior,
CVE-2019-2914 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27
CVE-2019-2922 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45
CVE-2019-2923 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45
CVE-2019-2924 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45
CVE-2019-2938 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 a
CVE-2019-2946 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.
CVE-2019-2948 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior a
CVE-2019-2960 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.27 and prior
CVE-2019-2969 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior, 5.
CVE-2019-2974 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior,
CVE-2019-2993 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 5.7.27 and prior and 8



About   -   Send Feedback to @ubuntu_updates