← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1668934] Re: percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19, percona-xtrabackup 2.3.7

 

This bug was fixed in the package percona-xtradb-cluster-5.6 -
5.6.34-26.19-0ubuntu0.16.04.1

---------------
percona-xtradb-cluster-5.6 (5.6.34-26.19-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Update to 5.6.34-26.19 to fix security issues
    (LP: #1668934):
    - CVE-2015-4766
    - CVE-2015-4792
    - CVE-2015-4800
    - CVE-2015-4802
    - CVE-2015-4815
    - CVE-2015-4819
    - CVE-2015-4826
    - CVE-2015-4830
    - CVE-2015-4833
    - CVE-2015-4836
    - CVE-2015-4858
    - CVE-2015-4861
    - CVE-2015-4862
    - CVE-2015-4864
    - CVE-2015-4866
    - CVE-2015-4870
    - CVE-2015-4879
    - CVE-2015-4890
    - CVE-2015-4895
    - CVE-2015-4904
    - CVE-2015-4905
    - CVE-2015-4910
    - CVE-2015-4913
    - CVE-2015-7744
    - CVE-2016-0503
    - CVE-2016-0504
    - CVE-2016-0505
    - CVE-2016-0546
    - CVE-2016-0594
    - CVE-2016-0595
    - CVE-2016-0596
    - CVE-2016-0597
    - CVE-2016-0598
    - CVE-2016-0600
    - CVE-2016-0605
    - CVE-2016-0606
    - CVE-2016-0607
    - CVE-2016-0608
    - CVE-2016-0609
    - CVE-2016-0610
    - CVE-2016-0611
    - CVE-2016-0616
    - CVE-2016-0640
    - CVE-2016-0641
    - CVE-2016-0642
    - CVE-2016-0643
    - CVE-2016-0644
    - CVE-2016-0646
    - CVE-2016-0647
    - CVE-2016-0648
    - CVE-2016-0649
    - CVE-2016-0650
    - CVE-2016-0655
    - CVE-2016-0661
    - CVE-2016-0665
    - CVE-2016-0666
    - CVE-2016-0668
    - CVE-2016-2047
    - CVE-2016-3452
    - CVE-2016-3459
    - CVE-2016-3471
    - CVE-2016-3477
    - CVE-2016-3486
    - CVE-2016-3492
    - CVE-2016-3501
    - CVE-2016-3521
    - CVE-2016-3614
    - CVE-2016-3615
    - CVE-2016-5439
    - CVE-2016-5440
    - CVE-2016-5444
    - CVE-2016-5507
    - CVE-2016-5584
    - CVE-2016-5609
    - CVE-2016-5612
    - CVE-2016-5626
    - CVE-2016-5627
    - CVE-2016-5629
    - CVE-2016-5630
    - CVE-2016-6662
    - CVE-2016-6663
    - CVE-2016-8283
    - CVE-2016-8284
    - CVE-2016-8288
  * Changes for new upstream version:
    - d/p/fix_mtr_ssl_cert.patch: Drop, included upstream.
    - d/rules,percona-xtradb-cluster-server-5.6.docs: Tweak install
      of tests and docs for new PXC version.
    - d/control: Bump minimum versions of percona-galera-3 and
      percona-xtrabackup.
    - d/rules: Add misc compiler flags to no-error nonnull-compare,
      unused-result and no-deprecated-declarations.
    - d/percona-xtradb-cluster-server-5.6.preinst: Add creation of
      /var/lib/mysql-files as part of package install.
    - d/p/weak-memory-compat.patch: Re-enable builds for architectures
      with weak memory models (ppc64el, arm64, armhf, powerpc, s390x).

 -- James Page <james.page@xxxxxxxxxx>  Mon, 06 Mar 2017 10:38:21 +0000

** Changed in: percona-galera-3 (Ubuntu Xenial)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1668934

Title:
  percona-xtradb-cluster-5.6 5.6.34-26.19, percona-galera-3 3.19,
  percona-xtrabackup 2.3.7

Status in percona-galera-3 package in Ubuntu:
  Fix Released
Status in percona-xtrabackup package in Ubuntu:
  Fix Released
Status in percona-xtradb-cluster-5.6 package in Ubuntu:
  Fix Released
Status in percona-galera-3 source package in Xenial:
  Fix Released
Status in percona-xtrabackup source package in Xenial:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Xenial:
  Fix Released
Status in percona-galera-3 source package in Yakkety:
  Fix Released
Status in percona-xtrabackup source package in Yakkety:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Yakkety:
  Fix Released
Status in percona-galera-3 source package in Zesty:
  Fix Released
Status in percona-xtrabackup source package in Zesty:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  The version of percona-xtradb-cluster-5.6 in xenial and later is out of date with know security vulnerabilities; users of this package are a risk of compromise.

  [Test Case]
  To verify the upgrade to the newer versions is OK, deployment of a three unit pxc cluster with sample date, upgrade to new version and re-verification of data will be undertaken.

  [Regression Potential]
  Medium; we're re-aligning across all three packages with Percona's upstream repositories however this will require a version dependency bump in percona-xtrabackup (2.2.x -> 2.3.x); this should be fine, but this tool has potential use outside of percona-xtradb-server-5.6 (its great for online backups of MySQL generally).

  The test plan covers its use in PXC; however I would propose an
  extended bake period in -proposed with a call for testing on the
  ubuntu-server list prior to release to -updates.

  [Original Bug Report]
  The version of pxc in Ubuntu is really quite old with a number of security vulnerabilities; we should rebase onto the latest 5.6 release from PXC upstream.

  https://www.percona.com/doc/percona-xtradb-cluster/5.6/release-notes
  /release-notes_index.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/percona-galera-3/+bug/1668934/+subscriptions