SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for mysql-shared-4.1.22-1tr.i586.rpm :
Wed Dec 20 13:00:00 2006 Nived Gopalan 4.1.22-2tr
- New Upstream.

Wed Aug 16 14:00:00 2006 Nived Gopalan 4.1.21-1tr
- New Upstream.

Thu Jun 8 14:00:00 2006 Nived Gopalan 4.1.15-3tr
- SECURITY Fix: A vulnerability has been reported in MySQL caused due to
an error within the server when parsing a query string that is escaped
with the \"mysql_real_escape_string()\" function. This can potentially be
exploited in an environment that uses multi-byte character encoding to
bypass SQL injection escaping.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-2753 to this issue.

Tue May 16 14:00:00 2006 Nived Gopalan 4.1.15-2tr
- SECURITY Fix: Stefano Di Paola has reported some vulnerabilities in
MySQL, which can be exploited by malicious users to disclose
potentially sensitive information and compromise a vulnerable system.
- The check_connection function in sql_parse.cc in MySQL allows remote
attackers to read portions of memory via a username without a trailing
null byte, which causes a buffer over-read.
- sql_parse.cc in MySQL allows remote attackers to obtain sensitive
information via a COM_TABLE_DUMP request with an incorrect packet
length, which includes portions of memory in an error message.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-1516 and CVE-2006-1517 to these issues.

Tue Nov 29 13:00:00 2005 Bipin S 4.1.15-1tr
- New Upstream.

Wed Sep 14 14:00:00 2005 Syed Shabir Zakiullah 4.1.14-1tr
- New Upstream

Mon Aug 1 14:00:00 2005 Erlend Midttun 4.1.13-2tr
- Now also sleep on startup if missing pidfile in initscript

Mon Jul 25 14:00:00 2005 Hasher Jamaludeen 4.1.13-1tr
- New upstream
- Security Fix: MySQL uses a vulnerable version of the zlib library which
can be exploited by malicious users to cause a DoS (Denial of Service),
or potentially by malicious people to execute arbitrary code.
It is possible for malicious users to crash the server in various ways.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-2096.

Thu Jun 2 14:00:00 2005 Syed Shabir Zakiullah 4.1.12-2tr
- Fixed duplicate packaging of /usr/bin/mysqladmin (Fix. Bug #823).
- Man page for mysqladmin now owned by mysql-shared.

Tue May 17 14:00:00 2005 Nived Gopalan 4.1.12-1tr
- New upstream

Tue Apr 19 14:00:00 2005 Syed Shabir Zakiullah 4.1.10a-3tr
- Changed init priority to 74 26

Thu Mar 17 13:00:00 2005 Erlend Midttun 4.1.10a-2tr
- Stefano Di Paola discovered three bugs in MySQL:

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote
authenticated users with INSERT and DELETE privileges to execute
arbitrary code by using CREATE FUNCTION to access libc calls,
as demonstrated by using strcat, on_exit, and exit.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0709 to this issue.


MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote
authenticated users with INSERT and DELETE privileges to bypass
library path restrictions and execute arbitrary libraries by using
INSERT INTO to modify the mysql.func table, which is processed by the
udf_init function.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0710 to this issue.


MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file
names when creating temporary tables, which allows local users with
CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a
symlink attack.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0711 to this issue.

Tue Mar 15 13:00:00 2005 Erlend Midttun 4.1.10a-1tr
- New upstream.

Thu Nov 25 13:00:00 2004 Erlend Midttun 4.1.7-4tr
- Now add conflicts as appropriate.

Wed Nov 10 13:00:00 2004 Erlend Midttun 4.1.7-3tr
- Fix file conflicts.

Tue Nov 9 13:00:00 2004 Oystein Viggen 4.1.7-2tr
- Rebuild with shared openssl

Thu Oct 28 14:00:00 2004 Erlend Midttun 4.1.7-1tr
- New upstream.

Tue Oct 12 14:00:00 2004 Erlend Midttun 4.0.21-1tr
- New upstream.

Tue Aug 3 14:00:00 2004 Erlend Midttun 4.0.20-1tr
- New upstream.

Wed May 5 14:00:00 2004 Oystein Viggen 4.0.18-4tr
- Don\'t hardcode lib directory name

Thu Feb 19 13:00:00 2004 Omar Kilani 4.0.18-1ok
- New upstream.

Thu Dec 18 13:00:00 2003 Erlend Midttun 4.0.17-1tr
- New upstream.

Thu Nov 27 13:00:00 2003 Erlend Midttun 4.0.16-2tr
- Big rebuild.

Sat Oct 11 14:00:00 2003 Tor Hveem 4.0.16-1th
- New upstream version

Tue Sep 16 14:00:00 2003 Chr. H. Toldnes 4.0.15-3tr
- Rebuilt and retagged for release.

Wed Sep 10 14:00:00 2003 Goetz Bock 4.0.15-2bg
- cleaned up the spec file
- made /etc/my.cnf a noreplace
- commented all the debug stuff out, it\'s not build anyway
(look for [bg])
- included static libs into -devel
- fixed init file to be more userfriendly

Wed Sep 10 14:00:00 2003 Goetz Bock 4.0.15-1bg
- new upstream: 4.0.15 to fix security bug

Tue Aug 26 14:00:00 2003 Erlend Midttun 4.0.14-2tr
- Tried to intergrate the changes from 4.0.13-4bg.

Fri Aug 15 14:00:00 2003 Erlend Midttun 4.0.14-1tr
- New upstream with the usual bunch of fixes.
- Add SSL support.

Mon Jun 23 14:00:00 2003 Erlend Midttun 4.0.13-3tr
- Added %defattr.

Wed Jun 18 14:00:00 2003 Erlend Midttun 4.0.13-2tr
- Big rebuild.

Fri May 23 14:00:00 2003 Tor Hveem 4.0.13-1th
- 4.0.13

Mon Apr 28 14:00:00 2003 Erlend Midttun 4.0.12-2em
- Fixed init script.

Mon Apr 28 14:00:00 2003 Erlend Midttun 4.0.12-1em
- Upgraded to 4.0.12.

Mon Mar 31 14:00:00 2003 Erlend Midttun 3.23.56-5em
- Fix broken htmlinfo line.

Mon Mar 24 13:00:00 2003 Erlend Midttun 3.23.56-4em
- Rebuilt against glibc 2.3.2.

Mon Mar 24 13:00:00 2003 Erlend Midttun 3.23.56-3em
- Add mysql group.
- Moved mysql socket to /var/run/mysql/mysql.sock
- Made /var/lib/mysql mode 700.

Thu Mar 20 13:00:00 2003 Erlend Midttun 3.23.56-2em
- Cleanup.

Wed Mar 19 13:00:00 2003 Erlend Midttun 3.23.56-1em
- New upstream to fix sec hole.
- Now make info files.

Sun Mar 9 13:00:00 2003 Gerald Dachs 3.23.55-3gd
- cleaned up init script

Fri Feb 28 13:00:00 2003 Erlend Midttun 3.23.55-2em
- Added config file.
- Moved
*.so to devel.

Tue Feb 25 13:00:00 2003 Erlend Midttun 3.23.55-1em
- Added mysqladmin to
- Removed info files. Should really figure out how to convert it.

Sat Jan 18 13:00:00 2003 Gerald Dachs 3.23.54a-4gd
- didn\'t clean build root

Thu Jan 9 13:00:00 2003 Erlend Midttun 3.23.54a-3em
- shared -> libs

Thu Jan 9 13:00:00 2003 Erlend Midttun 3.23.54a-2em
- Use _initdir macro

Tue Dec 17 13:00:00 2002 Erlend Midttun
- Upgraded to fix security holes.

Fri Mar 15 13:00:00 2002 Christian H. Toldnes
- Rebuild on new zlib, due to broken old one.

Fri Jan 4 13:00:00 2002 Christian H. Toldnes
- New upstream version: 3.23.47
- Now calls stop only once on upgrade.
- Added %clean, general package cleanup.

Tue Jun 5 14:00:00 2001 Oystein Viggen
- New upstream version: 3.23.28

Wed Mar 28 14:00:00 2001 Alexander Reelsen
- Updated to 3.23.36, security fix

Mon Mar 26 14:00:00 2001 Alexander Reelsen
- Fixed init script problems

Mon Feb 19 13:00:00 2001 Oystein Viggen
- Adapt to TSL

Tue Jan 2 13:00:00 2001 Monty
- Added mysql-test to the bench package

Fri Aug 18 14:00:00 2000 Tim Smith
- Added separate libmysql_r directory; now both a threaded
and non-threaded library is shipped.

Tue Sep 28 14:00:00 1999 David Axmark
- Added the support-files/my-example.cnf to the docs directory.

- Removed devel dependency on base since it is about client
development.

Wed Sep 8 14:00:00 1999 David Axmark
- Cleaned up some for 3.23.

Thu Jul 1 14:00:00 1999 David Axmark
- Added support for shared libraries in a separate sub
package. Original fix by David Fox (dsfoxAATTcogsci.ucsd.edu)

- The --enable-assembler switch is now automatically disables on
platforms there assembler code is unavailable. This should allow
building this RPM on non i386 systems.

Mon Feb 22 13:00:00 1999 David Axmark
- Removed unportable cc switches from the spec file. The defaults can
now be overridden with environment variables. This feature is used
to compile the official RPM with optimal (but compiler version
specific) switches.

- Removed the repetitive description parts for the sub rpms. Maybe add
again if RPM gets a multiline macro capability.

- Added support for a pt_BR translation. Translation contributed by
Jorge Godoy .

Wed Nov 4 13:00:00 1998 David Axmark
- A lot of changes in all the rpm and install scripts. This may even
be a working RPM :-)

Sun Aug 16 14:00:00 1998 David Axmark
- A developers changelog for MySQL is available in the source RPM. And
there is a history of major user visible changed in the Reference
Manual. Only RPM specific changes will be documented here.


  
ICM