Hi,
Since Oracle no longer publishes detailed information about security
vulnerabilities that are being fixed in MySQL, and their bug tracker is
no longer public, Ubuntu must now track upstream MySQL releases as
security updates.
MySQL 5.0.95 fixes the following CVEs:
CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102,
CVE-2012-0114, CVE-2012-0484, CVE-2012-0490.
MySQL 5.1.61 fixes the following CVEs:
CVE-2011-2262, CVE-2012-0075, CVE-2012-0112, CVE-2012-0113,
CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0117,
CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484,
CVE-2012-0485, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488,
CVE-2012-0489, CVE-2012-0490, CVE-2012-0491, CVE-2012-0492,
CVE-2012-0493, CVE-2012-0494, CVE-2012-0495, CVE-2012-0496.
For more information about the CVEs listed, please consult the January
2012 Oracle Critical Patch Update Advisory:
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Today, I have pushed updated MySQL 5.0.95 packages for Ubuntu 8.04 LTS,
and updated MySQL 5.1.61 packages for Ubuntu 10.04 LTS, Ubuntu 10.10,
Ubuntu 11.04 and Ubuntu 11.10 into the -proposed pocket. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.
Please report any issues in the tracking bug:
https://launchpad.net/bugs/937869
If no issues are reported, I plan on releasing the packages as security
updates in a couple of weeks.
Thanks,
Marc.
--
Marc Deslauriers
Ubuntu Security Engineer | http://www.ubuntu.com/
Canonical Ltd. | http://www.canonical.com/
--
Ubuntu-qa mailing list
Ubuntu-qa@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-qa
