Bug 11543 - mariadb update to 5.5.33a for security fixes
Summary: mariadb update to 5.5.33a for security fixes
Status: RESOLVED DUPLICATE of bug 9878
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 3
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: AL13N
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-10-27 00:05 CEST by AL13N
Modified: 2013-11-23 11:15 CET (History)
2 users (show)

See Also:
Source RPM: mariadb
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description AL13N 2013-10-27 00:05:14 CEST 
submitted mariadb-5.5.33a-1.mga3 for testing.

Reproducible: 

Steps to Reproduce:
AL13N 2013-10-27 00:07:32 CEST

Assignee: bugsquad => qa-bugs

Comment 1 Dave Hodgins 2013-10-27 00:36:29 CEST 
We'll need an advisory too.

CC: (none) => davidwhodgins
Summary: update to 5.5.33a for security fixes => mariadb update to 5.5.33a for security fixes

Manuel Hiebel 2013-10-27 01:01:39 CEST

Component: RPM Packages => Security

Manuel Hiebel 2013-10-27 01:01:53 CEST

QA Contact: (none) => security

Comment 2 David Walser 2013-10-27 01:08:21 CEST 
Why not update to 5.5.34 to pick up the newest security fixes from the last Ubuntu advisory?

Blocks: (none) => 9878

Comment 3 David Walser 2013-10-27 02:20:05 CET 
(In reply to AL13N from comment #3)
> there is no mariadb 5.5.34 ...
> 
> i donno how ubuntu does it, perhaps they picked a revision change later or
> something...

Well it's mysql on their end, but from the release tag starting with a 0 maybe it's a pre-release?  I dunno.  Important thing is the two CVEs in their advisory and making sure we fix those one way or another.
Comment 4 AL13N 2013-10-27 02:24:38 CET 
there is no mariadb 5.5.34 ...

i donno how ubuntu does it, perhaps they picked a revision change later or something...
Comment 5 David Walser 2013-10-28 13:55:57 CET 
Does this fix CVE-2013-3839 and CVE-2013-5807, fixed in MySQL 5.5.34?  What other CVEs does this fix?  Adding the feedback marker until we have more clarity on the status of this update.

Whiteboard: (none) => feedback

Comment 6 claire robinson 2013-11-07 22:44:00 CET 
Assigning AL13N for now. 

Please reassign to QA when when you've had a chance to take a look. 

Thanks.

CC: (none) => qa-bugs
Assignee: qa-bugs => alien
Whiteboard: feedback => (none)

Comment 7 AL13N 2013-11-07 23:06:53 CET 
There is no clarity, this is Oracle we're talking about...

in any case, there's a mariadb-5.5.34 pretty soon...
Comment 8 David Walser 2013-11-22 14:32:53 CET 
mariadb 5.5.34 upstream is officially released:
https://blog.mariadb.org/mariadb-5-5-34-now-available/
Comment 9 David Walser 2013-11-22 16:02:36 CET 
Since Mageia 2 is closing due to EOL, we don't need two separate bugs for this, and this one doesn't provide any additional information besides what is in Bug 9878.  We can use that bug to push a Mageia 3 update, hopefully to 5.5.34.

*** This bug has been marked as a duplicate of bug 9878 ***

Status: NEW => RESOLVED
Blocks: 9878 => (none)
Resolution: (none) => DUPLICATE

Comment 10 AL13N 2013-11-23 11:15:53 CET 
i know, i'm working on it...

we have a test case that's failing intermittently... need to fix it first...
Note You need to log in before you can comment on or make changes to this bug.