changelog

mariadb-5.5 (5.5.50-1ubuntu0.14.04.1) trusty-security; urgency=low

  * SECURITY UPDATE: New upstream release 5.5.50 (LP: #1605493)
    - CVE-2016-5440
    - CVE-2016-3615
    - CVE-2016-3521
    - CVE-2016-3477
  * Update previous changelog entries to contain new CVE identifiers

 -- Otto Kekäläinen <otto@debian.org>  Fri, 22 Jul 2016 09:24:36 +0300

mariadb-5.5 (5.5.49-1ubuntu0.14.04.1) trusty-security; urgency=low

  * SECURITY UPDATE: New upstream release 5.5.49
    - CVE-2016-5444
    - CVE-2016-3452
    - CVE-2016-0647
    - CVE-2016-0648
    - CVE-2016-0666
    - CVE-2016-0643
  * After the release of 5.5.49 it was announced that 5.5.48 included fixes for
    the following security vulnerabilities:
    - CVE-2016-0640
    - CVE-2016-0644
    - CVE-2016-0646
    - CVE-2016-0649
    - CVE-2016-0650
    - CVE-2016-0641
  * Updated previous changelog entries to contain new CVE identifiers.

 -- Otto Kekäläinen <otto@debian.org>  Fri, 22 Apr 2016 22:13:38 +0300

mariadb-5.5 (5.5.47-1ubuntu0.14.04.1) trusty-security; urgency=low

  * SECURITY UPDATE: New upstream release 5.5.47
    - CVE-2016-0546
    - CVE-2016-0505
    - CVE-2016-0596
    - CVE-2016-0597
    - CVE-2016-0616
    - CVE-2016-0598
    - CVE-2016-0600
    - CVE-2016-0606
    - CVE-2016-0608
    - CVE-2016-0609
    - CVE-2016-0642
    - CVE-2016-0651
    - CVE-2016-2047
    - Adds the mariadb-slow.log into the logrotate file, as the file
      name mariadb-slow.log is the log name in the default config file.

 -- Otto Kekäläinen <otto@seravo.fi>  Thu, 10 Dec 2015 10:24:40 +0200

mariadb-5.5 (5.5.46-1ubuntu0.14.04.2) trusty-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.46 to fix security issues (LP: #1512241):
    - CVE-2016-3471
    - CVE-2015-7744
    - CVE-2015-4913
    - CVE-2015-4870
    - CVE-2015-4861
    - CVE-2015-4858
    - CVE-2015-4836
    - CVE-2015-4830
    - CVE-2015-4826
    - CVE-2015-4815
    - CVE-2015-4807
    - CVE-2015-4802
    - CVE-2015-4792
  * Upstream release 5.5.45 fixes for the following security vulnerabilities:
    - CVE-2015-4816
    - CVE-2015-4819
    - CVE-2015-4879
  * Update new Oracle CVE identifiers to old MariaDB changelog entries
  * New patch: Extend date in test suite so that main.events_1 will pass

 -- Otto Kekäläinen <otto@seravo.fi>  Tue, 03 Nov 2015 11:41:30 +0200

mariadb-5.5 (5.5.44-1ubuntu0.14.04.1) trusty-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.44 to fix security issues (LP: #1464895):
    - CVE-2015-3152
    - CVE-2015-2648
    - CVE-2015-2582
    - CVE-2015-4752
    - CVE-2015-2643
    - CVE-2015-4864
    - CVE-2015-2620
  * Upstream also includes lots of line ending changes (from CRLF -> LF)
  * Removed hotfix patch now included in upstream release (MDEV-8115)

 -- Otto Kekäläinen <otto@seravo.fi>  Sat, 13 Jun 2015 21:09:48 +0300

mariadb-5.5 (5.5.43-1ubuntu0.14.04.2) trusty-security; urgency=low

  * SECURITY UPDATE: Update to 5.5.43 to fix security issues (LP: #1451677):
    - CVE-2015-0501
    - CVE-2015-2571
    - CVE-2015-0505
    - CVE-2015-0499
    - CVE-2015-4757
  * Hotfix patch to fix the server crash caused by mysql_upgrade (MDEV-8115)

 -- Otto Kekäläinen <otto@seravo.fi>  Tue, 05 May 2015 09:17:31 +0300

mariadb-5.5 (5.5.41-1ubuntu0.14.04.1) trusty-security; urgency=medium

  * Critical backport from 10.0 (commit 439123d):
    Fix mariadb-server-5.5.postinst so that the flag removal will not emit
    an error code if there are no previous debian-*.flag files (LP: #1417917)

 -- Otto Kekäläinen <otto@seravo.fi>  Wed, 04 Feb 2015 11:28:16 +0200

mariadb-5.5 (5.5.41-0ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.41 to fix security issues (LP: #1414755)
    - CVE-2015-0411
    - CVE-2015-0382
    - CVE-2015-0381
    - CVE-2015-0432
    - CVE-2014-6568
    - CVE-2015-0374
  * As approved by Seth Arnold, this security update also imports the latest
    mariadb-5.5 packaging from Debian which includes useful and low-risk
    fixes:
    - Updated Dutch translation by Frans Spiesschaert
    - Updated control file so that mariadb-client-5.5 breaks and replaces
      the package mariadb-server-5.5 to allow overwriting the innochecksum
      man page file which has changed location (LP: #1368124) as per
      doc https://www.debian.org/doc/debian-policy/ch-relationships.html#s7.6.1
    - Backported the fix of #770177 from 10.0 to 5.5 so that the migration
      question will not be asked repeatedly. (LP: #1392539)
   * Close delta between 14.10 and 14.04 in regards of packaging.
   * Backported new cacert.pem etc from 5.5 the replace the expired ones

 -- Otto Kekäläinen <otto@seravo.fi>  Tue, 27 Jan 2015 21:15:00 +0200

mariadb-5.5 (5.5.40-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.40 to fix security issues (LP: #1391676)
    - CVE-2014-6507
    - CVE-2014-6491
    - CVE-2014-6500
    - CVE-2014-6469
    - CVE-2014-6555
    - CVE-2014-6559
    - CVE-2014-6494
    - CVE-2014-6496
    - CVE-2014-6464
  * Add bsdutils as mariadb-server dependency like upstream does in 5.5.40.

 -- Otto Kekäläinen <otto@seravo.fi>  Wed, 12 Oct 2014 01:04:24 +0200

mariadb-5.5 (5.5.39-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.39 to fix security issues (LP: #1363222)
    * 5.5.39
      - Fixes an error when handling MyISAM temporary files can be
        exploited to execute arbitrary code (Secunia Advisory SA60599)
    * 5.5.38
      - CVE-2014-2494
      - CVE-2014-4207
      - CVE-2014-4243
      - CVE-2014-4258
      - CVE-2014-4260
  * Import a few important packaging bug fixes available in Debian

 -- Otto Kekäläinen <otto@seravo.fi>  Fri, 29 Aug 2014 23:04:24 +0300

mariadb-5.5 (5.5.37-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Update to 5.5.37 to fix security issues (LP: #1313187)
    - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
    - CVE-2014-0001
    - CVE-2014-0384
    - CVE-2014-2419
    - CVE-2014-2430
    - CVE-2014-2431
    - CVE-2014-2432
    - CVE-2014-2436
    - CVE-2014-2438
    - CVE-2014-2440

 -- Otto Kekäläinen <otto@seravo.fi>  Mon, 28 Apr 2014 09:55:22 +0300

mariadb-5.5 (5.5.36-1) unstable; urgency=low

  [ Otto Kekäläinen ]
  * New upstream release.
  * Updated Danish debconf translation (Closes: #739750).
  * d/control: Added explicit Conflicts/Replaces for mysql-5.6 packages
    (Closes: #739841).
  * d/control: Update for use of virtual-* packages for switching to/from
    MySQL alternatives.

  [ James Page ]
  * d/control: Drop Nicholas from Uploaders, MIA (Closes: #739360).
  * d/control: Add libjemalloc-dev to BD's.

 -- Otto Kekäläinen <otto@seravo.fi>  Sun, 02 Mar 2014 01:38:26 +0200

mariadb-5.5 (5.5.35-1) unstable; urgency=low

  [ Otto Kekäläinen ]
  * New upstream release, fixing the following security issues:
    - Buffer overflow in client/mysql.cc (Closes: #737597).
      - CVE-2014-0001
    - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
      - CVE-2013-5891
      - CVE-2013-5908
      - CVE-2014-0386
      - CVE-2014-0393
      - CVE-2014-0401
      - CVE-2014-0402
      - CVE-2014-0412
      - CVE-2014-0420
      - CVE-2014-0437
  * Upstream https://mariadb.atlassian.net/browse/MDEV-4902
    fixes compatibility with Bison 3.0 (Closes: #733002)
  * Updated Russian debconf translation (Closes: #734426)
  * Updated Japanese debconf translation (Closes: #735284)
  * Updated French debconf translation (Closes: #736480)
  * Renamed SONAME properly (Closes: #732967)

 -- James Page <jamespage@debian.org>  Mon, 17 Feb 2014 16:51:52 +0000

mariadb-5.5 (5.5.32-1) unstable; urgency=low

  [ Otto Kekäläinen ]
  * Initial package for Debian (Closes: #565308), based on upstream
    packaging:
    - mariadb-5.3 by Sergei Golubchik
    - mariadb-5.2 by Kristian Nielsen
    - mariadb-5.1 by Peter Lieverdink
  * Bring packaging up-to-date inline with mysql-5.5 packaging.
  * Refine control file and tidy lintian warnings
  * Rename libmysqlclient18 -> libmariadbclient18.
  * Add suitable Breaks/Replaces/Provides to support migration
    to/from mysql-server-5.5.
  * Plus multiple other updates based on feedback from Debian maintainers

  [ James Page ]
  * d/control,rules: Cherry picked fix from mysql-5.5 packaging to disable
    x86 assembler in taocrypt on i386 architectures, removing need for
    gcc-4.4 dependency.
  * d/control: Add myself to uploaders.
  * d/control: Update Vcs fields for new location on git.debian.org.

 -- Otto Kekäläinen <otto@seravo.fi>  Tue, 24 Sept 2013 15:09:51 +0300