group.of.nepali.translators team mailing list archive

[Launchpad Bug Tracker <1668934@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package percona-xtrabackup - 2.3.7-0ubuntu1

---------------
percona-xtrabackup (2.3.7-0ubuntu1) zesty; urgency=medium

  * SECURITY UPDATE: Update to 2.3.7 to fix security issue and to
    support update of percona-xtradb-cluster-5.6 to 5.6.34-26.19
    (LP: #1668934):
    - CVE-2016-6225
  * Updates for new upstream release:
    - d/control: Add new BD's on libcurl4-openssl-dev, libev-dev,
      python-docutils, python-sphinx and xxd.
  * d/control,compat: Bumped debhelper compat level to 9.
  * d/control: Bumped Standards-Version to 3.9.8.

 -- James Page <james.page@xxxxxxxxxx>  Mon, 06 Mar 2017 09:45:14 +0000

** Changed in: percona-xtrabackup (Ubuntu Zesty)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6225

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1668934

Title:
  percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19,
  percona-xtrabackup 2.3.7

Status in percona-galera-3 package in Ubuntu:
  Fix Released
Status in percona-xtrabackup package in Ubuntu:
  Fix Released
Status in percona-xtradb-cluster-5.6 package in Ubuntu:
  Triaged
Status in percona-galera-3 source package in Xenial:
  Triaged
Status in percona-xtrabackup source package in Xenial:
  Triaged
Status in percona-xtradb-cluster-5.6 source package in Xenial:
  Triaged
Status in percona-galera-3 source package in Yakkety:
  Triaged
Status in percona-xtrabackup source package in Yakkety:
  Triaged
Status in percona-xtradb-cluster-5.6 source package in Yakkety:
  Triaged
Status in percona-galera-3 source package in Zesty:
  Fix Released
Status in percona-xtrabackup source package in Zesty:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Zesty:
  Triaged

Bug description:
  [Impact]
  The version of percona-xtradb-cluster-5.6 in xenial and later is out of date with know security vulnerabilities; users of this package are a risk of compromise.

  [Test Case]
  To verify the upgrade to the newer versions is OK, deployment of a three unit pxc cluster with sample date, upgrade to new version and re-verification of data will be undertaken.

  [Regression Potential]
  Medium; we're re-aligning across all three packages with Percona's upstream repositories however this will require a version dependency bump in percona-xtrabackup (2.2.x -> 2.3.x); this should be fine, but this tool has potential use outside of percona-xtradb-server-5.6 (its great for online backups of MySQL generally).

  The test plan covers its use in PXC; however I would propose an
  extended bake period in -proposed with a call for testing on the
  ubuntu-server list prior to release to -updates.

  [Original Bug Report]
  The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.

  https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes
  /release-notes_index.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/percona-galera-3/+bug/1668934/+subscriptions