Posted by & filed under MySQL.

MySQL 5.1.61 packages are now available for Debian 6.0 “Squeeze” on amd64 and i386 architectures.

This is a very important security update that fixes unspecified vulnerabilities identified by Oracle in all versions of MySQL 5.1 earlier than 5.1.61. If you did not upgrade to MySQL 5.5, please consider upgrading your MySQL server (at least) to 5.1.61.

FYI, CVE list is as follows :

The corresponding Pinba storage engine has also been rebuilt.

And, as usual, please read the Changelog before upgrading.

14 Responses to “Security update : MySQL 5.1.61”

  1. Stormrider

    Just upgraded MySQL from 5.1.57 without any problems. Thank you!

  2. Jools

    does the mysql-common package still need to be upgraded manually?

  3. Jools

    Looks like it – would be nice to have this sorted, so there are no conflicts between mysql 5.5 and 5.1

  4. jools

    Is that ideal though ? since the config for 5.5 excludes the info for mysql 5.1.x regarding innodb plugin and example lines.

  5. Guillaume Plessis

    It’s not ideal, but it’s safe. You can also stick to mysql-common 5.1 by upgrading it manually or by tricking APT through apt-pinning.

    That’s just about a text file after all 🙂

  6. Poul Halmar

    Wow…..!!!! I was waiting long time for MySQL 5.1.61 upgrade version. I already installed of this upgrade version and it’s more suitable, secure and faster than previous one.
    Thanks for giving us the information of MySQL 5.1.61 upgrade version.

  7. Jools

    how about making a mysql-common-5.x for each that does a deb “provide” for mysql-common, or a mysql-common that is a virtual package that requires either common 5.1 or 5.5 packages ?

    One of those be my solution i guess.. I’m happy to contribute if on of these seems good? I think the meta one, unless ive missed something regarding debian dependencies would work the best ?

  8. Jools

    Thanks for adding my last pull request though (ngx add/remove scripts) – Have you officially announced the github stuff? Maybe a generic forum would work on top, for ideas, and I’m sure many others are willing to help. dotdeb will always be your baby, but you can have some others help nurture her 😉

  9. Guillaume Plessis

    @Jools : building mysql-common-5.x packages is possible, but could lead to upgrade problems when upgrading/downgrading to regular Debian packages. I’ll follow Debian’s choices on this topic, to ease the back ports and interoperability.

    About Github, I don’t think I’ll announce anything. I’ll just post links when people need to report serious issues. It makes no sense to have the same buzz/mess on Github as in Dotdeb’s comments. Maybe a forum could help, you’re right.

    Thanks for your ideas.

  10. Stefan

    Hi all
    Thx for you great work. I’ve installed the mysql 5.5. If I start phpmyadmin I see, that Debian Squeeze use MySQL-Client-Version: 5.0.51a insteed the MySQL-Client-Version for Mysql 5.5.
    How can I fix that?

    Thanks a lot
    St

  11. AMbd

    Fresh squeeze install

    sources.list:
    deb http://packages.dotdeb.org squeeze all

    root@host:~# apt-get install mysql-server-5.1
    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    mysql-server-5.1 : Depends: mysql-client-5.1 (>= 5.1.61-2~dotdeb.0) but it is not going to be installed
    E: Broken packages
    root@host:~#

    Ideas?

  12. Guillaume Plessis

    @AMbd : try to play with apt-cache (ex : apt-cache policy mysql-client-5.1) or tools like dselect or aptitude to understand why APT doesn’t want to install mysql-client-5.1.