MySQL 5.1.41 has been updated to fix a security issue

January 20th, 2010 | by Guillaume Plessis |

I just uploaded new MySQL 5.1.41 packages that fix a remote buffer overflow in MySQL servers that use the embedded YaSSL library :

Since Debian and Dotdeb are impacted, you are strongly encouraged to upgrade your servers.

Tags: , , ,

1 Tweet

  1. 13 Responses to “MySQL 5.1.41 has been updated to fix a security issue”

  2. By dotdeb on Jan 20, 2010 | Reply

    Dotdeb.org: MySQL 5.1.41 has been updated to fix… http://www.dotdeb.org/2010/01/20/mysql-5-1-41-has-been-updated-to-fix-a-security-issue/

    This comment was originally posted on Twitter

  3. By Anthony on Jan 20, 2010 | Reply

    Hi Guillaume thanks for rapidly responding to security updates for your packages

    have you considered push notification of mirrors so that they can replicate these updates quickly?

  4. By Anthony on Jan 20, 2010 | Reply

    sorry forgot to add, uk mirror is now uptodate with this (earlier than the normal 24 hour window)

  5. By Guillaume Plessis on Jan 20, 2010 | Reply

    @Anthony : there is no push to the mirrors yet, but I think I’ll have to think about such a system (inspired from Debian’s one? http://www.debian.org/mirror/ftpmirror#when )

    BTW, thanks for updating the UK mirror so quickly.

  6. By Psychos on Jan 24, 2010 | Reply

    New version of MySQL is 5.1.42.
    http://dev.mysql.com/downloads/mysql/

  7. By Psychos on Feb 1, 2010 | Reply

    New version of MySQL is 5.1.43.
    http://dev.mysql.com/downloads/mysql/

  8. By Guillaume Plessis on Feb 1, 2010 | Reply

    @Psychos : Greeat! But Debian’s one is still 5.1.41 (with bug- and security- fixes)

    http://packages.debian.org/sid/mysql-server-5.1

    Please be some more patient :)

  9. By Moritz on Feb 2, 2010 | Reply

    I’m trying to rebuild your 5.1.43 package with a patch but there are always failing tests (with or without the patch)

    Failing test(s): main.partition_innodb main.information_schema_chmod main.trigger rpl.rpl_rotate_logs

    I’m running AMD64 Lenny. Any ideas? What are your dpkg-buildpackage parameters?

  10. By Guillaume Plessis on Feb 2, 2010 | Reply

    @Moritz : try to set to set this environment variable :

    DEB_BUILD_OPTIONS=nocheck

  11. By Moritz on Feb 2, 2010 | Reply

    @Guillaume: Thank you very much! Works like a charm :-)

    Do you have the tests enabled when building your packages?

  12. By Guillaume Plessis on Feb 3, 2010 | Reply

    @Moritz : Yes, most of them (building MySQL in a chroot makes some of them fail)

  13. By Alberto on Feb 3, 2010 | Reply

    Hi Guillaume,

    First, thanks for your work compiling and packaging mysql 5.1

    I suggest that you could activate the –enable-thread-safe-client flag. It won’t do any harmful, and it will benefit a lot the people (like me ;D) that uses multithreaded applications on debian!

  14. By Guillaume Plessis on Feb 20, 2010 | Reply

    @Alberto : I just checked the last MySQL packages for Lenny. They have the thread safety enabled.

Post a Comment

Additional comments powered by BackType