[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-5.5 - 5.5.25-0ubuntu1

---
mysql-5.5 (5.5.25-0ubuntu1) quantal; urgency=low

  * New upstream release (LP: #1011371, LP: #986892)
  * d/rules: change get-orig-source to pull from a working mirror.
  * d/control: Build with default compiler instead of gcc 4.5
 -- Clint Byrum cl...@ubuntu.com   Mon, 11 Jun 2012 23:34:14 -0700

** Changed in: mysql-5.5 (Ubuntu Quantal)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Marc Deslauriers]

FYI, I can only reproduce CVE-2012-2122 on real hardware that supports
SSE4. Oneiric and higher, amd64 only.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[sseitz]

Regarding #2: 
You're right. I've tried on identical 12.04 LTS 64bit.
Vulnurable on Xeon E5654
Not vulnurable on Xeon E5345
Both machines are paravirtualizes Xen DomU, so it looks like the system is 
vulnurable by the availability of sse4 only. It looks like the existence of  
Xen virtualizationlayer doesn't matter.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Antono Vasiljev]

12.04 http://shelr.tv/records/4fd6173a966080489418

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-dfsg-5.0 - 5.0.96-0ubuntu3

---
mysql-dfsg-5.0 (5.0.96-0ubuntu3) hardy-security; urgency=low

  * SECURITY UPDATE: authentication bypass (LP: #1011371)
- debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
  in sql/password.c.
- CVE-2012-2122
  * debian/mysql-server.preinst: Removed to prevent service from remaining
stopped after getting updated. The upgrade logic is still present in
mysql-common.preinst. (LP: #988325)
 -- Marc Deslauriers marc.deslauri...@ubuntu.com   Mon, 11 Jun 2012 09:04:56 
-0400

** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-5.5 - 5.5.24-0ubuntu0.12.04.1

---
mysql-5.5 (5.5.24-0ubuntu0.12.04.1) precise-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.24 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
 -- Marc Deslauriers marc.deslauri...@ubuntu.com   Mon, 11 Jun 2012 07:34:33 
-0400

** Changed in: mysql-5.5 (Ubuntu Precise)
   Status: Confirmed = Fix Released

** Changed in: mysql-5.1 (Ubuntu Oneiric)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.10.1

---
mysql-5.1 (5.1.63-0ubuntu0.11.10.1) oneiric-security; urgency=low

  * SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
 -- Marc Deslauriers marc.deslauri...@ubuntu.com   Sun, 10 Jun 2012 20:49:35 
-0400

** Changed in: mysql-5.1 (Ubuntu Natty)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.04.1

---
mysql-5.1 (5.1.63-0ubuntu0.11.04.1) natty-security; urgency=low

  * SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
 -- Marc Deslauriers marc.deslauri...@ubuntu.com   Mon, 11 Jun 2012 07:25:44 
-0400

** Changed in: mysql-dfsg-5.1 (Ubuntu Lucid)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

This bug was fixed in the package mysql-dfsg-5.1 -
5.1.63-0ubuntu0.10.04.1

---
mysql-dfsg-5.1 (5.1.63-0ubuntu0.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
 -- Marc Deslauriers marc.deslauri...@ubuntu.com   Mon, 11 Jun 2012 07:27:41 
-0400

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Launchpad Bug Tracker]

** Branch linked: lp:ubuntu/hardy-security/mysql-dfsg-5.0

** Branch linked: lp:ubuntu/lucid-security/mysql-dfsg-5.1

** Branch linked: lp:ubuntu/natty-security/mysql-5.1

** Branch linked: lp:ubuntu/oneiric-security/mysql-5.1

** Branch linked: lp:ubuntu/precise-security/mysql-5.5

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1011371] Re: mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

[Marc Deslauriers]

bug #64884 is CVE-2012-2122

** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
   Importance: Undecided = High

** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
   Status: New = Confirmed

** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
 Assignee: (unassigned) = Marc Deslauriers (mdeslaur)

** Changed in: mysql-dfsg-5.0 (Ubuntu Lucid)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.0 (Ubuntu Natty)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.0 (Ubuntu Oneiric)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.0 (Ubuntu Precise)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.0 (Ubuntu Quantal)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.1 (Ubuntu Hardy)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.1 (Ubuntu Lucid)
   Importance: Undecided = High

** Changed in: mysql-dfsg-5.1 (Ubuntu Lucid)
   Status: New = Confirmed

** Changed in: mysql-dfsg-5.1 (Ubuntu Lucid)
 Assignee: (unassigned) = Marc Deslauriers (mdeslaur)

** Changed in: mysql-dfsg-5.1 (Ubuntu Natty)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.1 (Ubuntu Oneiric)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.1 (Ubuntu Precise)
   Status: New = Invalid

** Changed in: mysql-dfsg-5.1 (Ubuntu Quantal)
   Status: New = Invalid

** Changed in: mysql-5.5 (Ubuntu Hardy)
   Status: New = Invalid

** Changed in: mysql-5.5 (Ubuntu Lucid)
   Status: New = Invalid

** Changed in: mysql-5.5 (Ubuntu Natty)
   Status: New = Invalid

** Changed in: mysql-5.5 (Ubuntu Oneiric)
   Status: New = Invalid

** Changed in: mysql-5.5 (Ubuntu Precise)
   Importance: Undecided = High

** Changed in: mysql-5.5 (Ubuntu Precise)
   Status: New = Confirmed

** Changed in: mysql-5.5 (Ubuntu Precise)
 Assignee: (unassigned) = Marc Deslauriers (mdeslaur)

** Changed in: mysql-5.5 (Ubuntu Quantal)
   Importance: Undecided = High

** Changed in: mysql-5.5 (Ubuntu Quantal)
   Status: New = Confirmed

** Changed in: mysql-5.5 (Ubuntu Quantal)
 Assignee: (unassigned) = Clint Byrum (clint-fewbar)

** Changed in: mysql-5.1 (Ubuntu Hardy)
   Status: New = Invalid

** Changed in: mysql-5.1 (Ubuntu Lucid)
   Status: New = Invalid

** Changed in: mysql-5.1 (Ubuntu Natty)
   Importance: Undecided = High

** Changed in: mysql-5.1 (Ubuntu Natty)
   Status: New = Confirmed

** Changed in: mysql-5.1 (Ubuntu Natty)
 Assignee: (unassigned) = Marc Deslauriers (mdeslaur)

** Changed in: mysql-5.1 (Ubuntu Oneiric)
   Importance: Undecided = High

** Changed in: mysql-5.1 (Ubuntu Oneiric)
   Status: New = Confirmed

** Changed in: mysql-5.1 (Ubuntu Oneiric)
 Assignee: (unassigned) = Marc Deslauriers (mdeslaur)

** Changed in: mysql-5.1 (Ubuntu Precise)
   Status: New = Invalid

** Changed in: mysql-5.1 (Ubuntu Quantal)
   Status: New = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371

Title:
  mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/1011371/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs