group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #11510
[Bug 1668934] Re: percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7
This bug was fixed in the package percona-xtradb-cluster-5.6 -
5.6.34-26.19-0ubuntu1
---------------
percona-xtradb-cluster-5.6 (5.6.34-26.19-0ubuntu1) zesty; urgency=medium
* SECURITY UPDATE: Update to 5.6.34-26.19 to fix security issues
(LP: #1668934):
- CVE-2015-4766
- CVE-2015-4792
- CVE-2015-4800
- CVE-2015-4802
- CVE-2015-4815
- CVE-2015-4819
- CVE-2015-4826
- CVE-2015-4830
- CVE-2015-4833
- CVE-2015-4836
- CVE-2015-4858
- CVE-2015-4861
- CVE-2015-4862
- CVE-2015-4864
- CVE-2015-4866
- CVE-2015-4870
- CVE-2015-4879
- CVE-2015-4890
- CVE-2015-4895
- CVE-2015-4904
- CVE-2015-4905
- CVE-2015-4910
- CVE-2015-4913
- CVE-2015-7744
- CVE-2016-0503
- CVE-2016-0504
- CVE-2016-0505
- CVE-2016-0546
- CVE-2016-0594
- CVE-2016-0595
- CVE-2016-0596
- CVE-2016-0597
- CVE-2016-0598
- CVE-2016-0600
- CVE-2016-0605
- CVE-2016-0606
- CVE-2016-0607
- CVE-2016-0608
- CVE-2016-0609
- CVE-2016-0610
- CVE-2016-0611
- CVE-2016-0616
- CVE-2016-0640
- CVE-2016-0641
- CVE-2016-0642
- CVE-2016-0643
- CVE-2016-0644
- CVE-2016-0646
- CVE-2016-0647
- CVE-2016-0648
- CVE-2016-0649
- CVE-2016-0650
- CVE-2016-0655
- CVE-2016-0661
- CVE-2016-0665
- CVE-2016-0666
- CVE-2016-0668
- CVE-2016-2047
- CVE-2016-3452
- CVE-2016-3459
- CVE-2016-3471
- CVE-2016-3477
- CVE-2016-3486
- CVE-2016-3492
- CVE-2016-3501
- CVE-2016-3521
- CVE-2016-3614
- CVE-2016-3615
- CVE-2016-5439
- CVE-2016-5440
- CVE-2016-5444
- CVE-2016-5507
- CVE-2016-5584
- CVE-2016-5609
- CVE-2016-5612
- CVE-2016-5626
- CVE-2016-5627
- CVE-2016-5629
- CVE-2016-5630
- CVE-2016-6662
- CVE-2016-6663
- CVE-2016-8283
- CVE-2016-8284
- CVE-2016-8288
* Changes for new upstream version:
- d/p/fix_mtr_ssl_cert.patch: Drop, included upstream.
- d/rules,percona-xtradb-cluster-server-5.6.docs: Tweak install
of tests and docs for new PXC version.
- d/control: Bump minimum versions of percona-galera-3 and
percona-xtrabackup.
- d/rules: Add misc compiler flags to no-error nonnull-compare,
unused-result and no-deprecated-declarations.
- d/control: Add BD on dh-python.
- d/percona-xtradb-cluster-server-5.6.preinst: Add creation of
/var/lib/mysql-files as part of package install.
- d/p/weak-memory-compat.patch: Re-enable builds for architectures
with weak memory models (ppc64el, arm64, armhf, powerpc, s390x).
* d/repack.sh: Switch tar file compression to bz2.
* d/*: wrap-and-sort.
* d/control,compat: Bump debhelper compat level to 9.
-- James Page <james.page@xxxxxxxxxx> Mon, 06 Mar 2017 09:41:46 +0000
** Changed in: percona-xtradb-cluster-5.6 (Ubuntu Zesty)
Status: Triaged => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4766
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4792
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4800
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4802
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4815
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4819
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4826
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4830
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4833
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4836
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4858
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4861
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4862
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4864
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4866
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4870
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4879
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4890
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4895
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4904
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4905
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4910
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-4913
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7744
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0503
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0504
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0505
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0546
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0594
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0595
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0596
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0597
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0598
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0600
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0605
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0606
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0607
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0608
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0609
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0610
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0611
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0616
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0640
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0641
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0642
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0643
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0644
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0646
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0647
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0648
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0649
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0650
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0655
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0661
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0665
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0666
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0668
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2047
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3452
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3459
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3471
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3477
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3486
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3492
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3501
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3521
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3614
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3615
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5439
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5440
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5444
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5507
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5584
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5609
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5612
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5626
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5627
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5629
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5630
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6662
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6663
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-8283
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-8284
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-8288
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1668934
Title:
percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19,
percona-xtrabackup 2.3.7
Status in percona-galera-3 package in Ubuntu:
Fix Released
Status in percona-xtrabackup package in Ubuntu:
Fix Released
Status in percona-xtradb-cluster-5.6 package in Ubuntu:
Fix Released
Status in percona-galera-3 source package in Xenial:
Triaged
Status in percona-xtrabackup source package in Xenial:
Triaged
Status in percona-xtradb-cluster-5.6 source package in Xenial:
Triaged
Status in percona-galera-3 source package in Yakkety:
Triaged
Status in percona-xtrabackup source package in Yakkety:
Triaged
Status in percona-xtradb-cluster-5.6 source package in Yakkety:
Triaged
Status in percona-galera-3 source package in Zesty:
Fix Released
Status in percona-xtrabackup source package in Zesty:
Fix Released
Status in percona-xtradb-cluster-5.6 source package in Zesty:
Fix Released
Bug description:
[Impact]
The version of percona-xtradb-cluster-5.6 in xenial and later is out of date with know security vulnerabilities; users of this package are a risk of compromise.
[Test Case]
To verify the upgrade to the newer versions is OK, deployment of a three unit pxc cluster with sample date, upgrade to new version and re-verification of data will be undertaken.
[Regression Potential]
Medium; we're re-aligning across all three packages with Percona's upstream repositories however this will require a version dependency bump in percona-xtrabackup (2.2.x -> 2.3.x); this should be fine, but this tool has potential use outside of percona-xtradb-server-5.6 (its great for online backups of MySQL generally).
The test plan covers its use in PXC; however I would propose an
extended bake period in -proposed with a call for testing on the
ubuntu-server list prior to release to -updates.
[Original Bug Report]
The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.
https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes
/release-notes_index.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/percona-galera-3/+bug/1668934/+subscriptions
