Debian Bug report logs - #536726
post-authentication format string vulnerability (CVE-2009-2446)

version graph

Package: mysql-dfsg-5.0; Maintainer for mysql-dfsg-5.0 is (unknown);

Reported by: "Michael S. Gilbert" <michael.s.gilbert@gmail.com>

Date: Sun, 12 Jul 2009 22:03:02 UTC

Severity: important

Tags: pending, security, upstream

Found in versions 5.0.32-7etch8, 5.0.51a-24+lenny1

Fixed in version mysql-dfsg-5.0/5.0.51a-24+lenny2

Done: Sebastien Delafond <seb@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#536726; Package mysql-dfsg-5.0. (Sun, 12 Jul 2009 22:03:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to "Michael S. Gilbert" <michael.s.gilbert@gmail.com>:
New Bug report received and forwarded. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>. (Sun, 12 Jul 2009 22:03:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "Michael S. Gilbert" <michael.s.gilbert@gmail.com>
To: submit@bugs.debian.org
Subject: mysql: post-authentication format string vulnerability
Date: Sun, 12 Jul 2009 17:59:11 -0400
package: mysql-dfsg-5.0
version: 5.0.32-7etch8
severity: important
tags: security

hello, it has been disclosed that mysql has a post-authentication
format string vulnerability [1].  according to that message, affected
versions are claimed to be 5.0.45 and older, which would mean that lenny
and sid are not affected; however, this needs to be checked.

[1] http://seclists.org/fulldisclosure/2009/Jul/0058.html




Information forwarded to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#536726; Package mysql-dfsg-5.0. (Wed, 15 Jul 2009 17:30:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christian Hammers <ch@lathspell.de>:
Extra info received and forwarded to list. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>. (Wed, 15 Jul 2009 17:30:03 GMT) Full text and rfc822 format available.

Message #10 received at 536726@bugs.debian.org (full text, mbox):

From: Christian Hammers <ch@lathspell.de>
To: control@bugs.debian.org
Cc: 536726@bugs.debian.org
Subject: Re: mysql: post-authentication format string vulnerability
Date: Wed, 15 Jul 2009 19:26:28 +0200
retitle 536726 post-authentication format string vulnerability (CVE-2009-2446)
tags 536726 + security upstream
found 536726 5.0.51a-24+lenny1
notfound 536726 5.0.81-1
notfound 536726 5.1.36-1
stop

Hello

Lenny is affected. Sid and the upcoming 5.1 from experimental not.
Tested on amd64.

bye,

-christian-




Changed Bug title to `post-authentication format string vulnerability (CVE-2009-2446)' from `mysql: post-authentication format string vulnerability'. Request was from Christian Hammers <ch@lathspell.de> to control@bugs.debian.org. (Wed, 15 Jul 2009 17:30:04 GMT) Full text and rfc822 format available.

Tags added: security, upstream Request was from Christian Hammers <ch@lathspell.de> to control@bugs.debian.org. (Wed, 15 Jul 2009 17:30:05 GMT) Full text and rfc822 format available.

Bug marked as found in version 5.0.51a-24+lenny1. Request was from Christian Hammers <ch@lathspell.de> to control@bugs.debian.org. (Wed, 15 Jul 2009 17:30:05 GMT) Full text and rfc822 format available.

Bug no longer marked as found in version 5.0.81-1. Request was from Christian Hammers <ch@lathspell.de> to control@bugs.debian.org. (Wed, 15 Jul 2009 17:30:06 GMT) Full text and rfc822 format available.

Bug no longer marked as found in version 5.1.36-1. Request was from Christian Hammers <ch@lathspell.de> to control@bugs.debian.org. (Wed, 15 Jul 2009 17:30:07 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#536726; Package mysql-dfsg-5.0. (Mon, 20 Jul 2009 22:30:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christian Hammers <ch@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>. (Mon, 20 Jul 2009 22:30:06 GMT) Full text and rfc822 format available.

Message #25 received at 536726@bugs.debian.org (full text, mbox):

From: Christian Hammers <ch@debian.org>
To: security@mysql.com
Cc: 536726@bugs.debian.org
Subject: Regarding CVE-2009-2446: Problems with COM_CREATE_DB etc.
Date: Tue, 21 Jul 2009 00:21:31 +0200
Hello MysQL

Debian was notified about
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446
and we would like to backport the fix to our already release 5.0.51
package.

Can you confirm that the below snipped is a proper fix?
It comments out the two commands COM_CREATE_DB and COM_DROP_DB like
I saw it in the 5.1 branch.

Sadly the sql_parse.cc file is too big to be viewed using bezaar (gives
timeouts) and I cannot find the original commit or a bug in
bugs.mysql.com which would give me some hints if other changes were
necessary.
http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/annotate/head%3A/sql/sql_parse.cc

thanks for you help,

-christian-


--- old/sql/sql_parse.cc        2009-07-16 22:43:36.000000000 +0200
+++ new/sql/sql_parse.cc        2009-07-16 22:43:59.000000000 +0200
@@ -1920,6 +1920,7 @@
     error=TRUE;                                        // End server
     break;
 
+#ifdef REMOVED
   case COM_CREATE_DB:                          // QQ: To be removed
     {
       char *db=thd->strdup(packet), *alias;
@@ -1964,6 +1965,7 @@
       mysql_rm_db(thd, db, 0, 0);
       break;
     }
+#endif
 #ifndef EMBEDDED_LIBRARY
   case COM_BINLOG_DUMP:
     {
--- old/tests/mysql_client_test.c       2008-01-11 15:43:14.000000000 +0100 
+++ new/tests/mysql_client_test.c       2009-07-21 00:08:55.000000000 +0200 
@@ -12017,7 +12017,7 @@
 {
   int rc;
   myheader("test_bug6081");
-
+/* Those commands were disabled because of CVE-2009-2446.
   rc= simple_command(mysql, COM_DROP_DB, current_db,
                      (ulong)strlen(current_db), 0);
   myquery(rc);
@@ -12032,6 +12032,7 @@
   myquery_r(rc);
   rc= mysql_select_db(mysql, current_db);
   myquery(rc);
+*/
 }




Information forwarded to debian-bugs-dist@lists.debian.org, Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>:
Bug#536726; Package mysql-dfsg-5.0. (Tue, 21 Jul 2009 07:33:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Sergei Golubchik <serg@mysql.com>:
Extra info received and forwarded to list. Copy sent to Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>. (Tue, 21 Jul 2009 07:33:07 GMT) Full text and rfc822 format available.

Message #30 received at 536726@bugs.debian.org (full text, mbox):

From: Sergei Golubchik <serg@mysql.com>
To: Christian Hammers <ch@debian.org>
Cc: security@mysql.com, 536726@bugs.debian.org
Subject: Re: Regarding CVE-2009-2446: Problems with COM_CREATE_DB etc.
Date: Tue, 21 Jul 2009 09:29:04 +0200
Hi, Christian!

On Jul 21, Christian Hammers wrote:
> Hello MysQL
> 
> Debian was notified about
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446
> and we would like to backport the fix to our already release 5.0.51
> package.
> 
> Can you confirm that the below snipped is a proper fix?
> It comments out the two commands COM_CREATE_DB and COM_DROP_DB like
> I saw it in the 5.1 branch.

Yes, your fix should be fine.
If you want to have these commands working, you can apply a standard fix
for these kinds of problems, like

-     mysql_log.write(thd,command,packet);
+     mysql_log.write(thd,command,"%s",packet);
 
> Sadly the sql_parse.cc file is too big to be viewed using bazaar (gives
> timeouts) and I cannot find the original commit or a bug in
> bugs.mysql.com which would give me some hints if other changes were
> necessary.

This is our fix for 5.0:

  http://lists.mysql.com/commits/77649

you probably won't be able to see the bug itself, it's private until the
released version will be out.
But according to comments the fix was pushed to 5.0.84 
 
Regards / Mit vielen Grüßen,
Sergei

-- 
   __  ___     ___ ____  __
  /  |/  /_ __/ __/ __ \/ /   Sergei Golubchik <serg@sun.com>
 / /|_/ / // /\ \/ /_/ / /__  Principal Software Engineer/Server Architect
/_/  /_/\_, /___/\___\_\___/  Sun Microsystems GmbH, HRB München 161028
       <___/                  Sonnenallee 1, 85551 Kirchheim-Heimstetten
Geschäftsführer: Thomas Schroeder, Wolfgang Engels, Wolf Frenkel
Vorsitzender des Aufsichtsrates: Martin Häring




Tags added: pending Request was from Christian Hammers <ch@alioth.debian.org> to control@bugs.debian.org. (Tue, 21 Jul 2009 23:27:02 GMT) Full text and rfc822 format available.

Reply sent to Sebastien Delafond <seb@debian.org>:
You have taken responsibility. (Thu, 03 Sep 2009 02:27:04 GMT) Full text and rfc822 format available.

Notification sent to "Michael S. Gilbert" <michael.s.gilbert@gmail.com>:
Bug acknowledged by developer. (Thu, 03 Sep 2009 02:27:04 GMT) Full text and rfc822 format available.

Message #37 received at 536726-close@bugs.debian.org (full text, mbox):

From: Sebastien Delafond <seb@debian.org>
To: 536726-close@bugs.debian.org
Subject: Bug#536726: fixed in mysql-dfsg-5.0 5.0.51a-24+lenny2
Date: Thu, 03 Sep 2009 01:58:13 +0000
Source: mysql-dfsg-5.0
Source-Version: 5.0.51a-24+lenny2

We believe that the bug you reported is fixed in the latest version of
mysql-dfsg-5.0, which is due to be installed in the Debian FTP archive:

libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
mysql-client_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny2_all.deb
mysql-common_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny2_all.deb
mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
mysql-server_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 536726@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastien Delafond <seb@debian.org> (supplier of updated mysql-dfsg-5.0 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 27 Aug 2009 10:31:25 +0200
Source: mysql-dfsg-5.0
Binary: libmysqlclient15off libmysqlclient15-dev mysql-common mysql-client-5.0 mysql-server-5.0 mysql-server mysql-client
Architecture: source all i386
Version: 5.0.51a-24+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
Changed-By: Sebastien Delafond <seb@debian.org>
Description: 
 libmysqlclient15-dev - MySQL database development files
 libmysqlclient15off - MySQL database client library
 mysql-client - MySQL database client (metapackage depending on the latest versio
 mysql-client-5.0 - MySQL database client binaries
 mysql-common - MySQL database common files
 mysql-server - MySQL database server (metapackage depending on the latest versio
 mysql-server-5.0 - MySQL database server binaries
Closes: 536726
Changes: 
 mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high
 .
   * SECURITY:
     Fix for CVE-2009-2446: Multiple format string vulnerabilities in the
     dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL
     4.0.0 through 5.0.83 allow remote authenticated users to cause a denial
     of service (daemon crash) and possibly have unspecified other impact via
     format string specifiers in a database name in a (1) COM_CREATE_DB or
     (2) COM_DROP_DB request. Closes: #536726.
     Complete debdiff for 5.0.51a-24+lenny2 generously contributed by
     Christian Hammers <ch@debian.org>.
Checksums-Sha1: 
 dbacd17f4cce8c23d20dd03e0ef70d7c9d103f08 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 f4a9e089b8322f5cc333b16b3f27bab840f823cf 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 c9522b9211734b3855b1ef98fa318eee3588e255 60754 mysql-common_5.0.51a-24+lenny2_all.deb
 ec3271b8958baf89766d2b334db0edc6f4863777 55140 mysql-server_5.0.51a-24+lenny2_all.deb
 714690f6d1089a55418c4ebc2bdb7ef1dfa9e881 52942 mysql-client_5.0.51a-24+lenny2_all.deb
 d461f802a21c89cc8bb92e1be71937c5d952579d 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 a3dc78456ab492a5f9be9bcafa90cb471cdde1c2 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 5fe0256ad34aa8fb1affdf86d24c2b9f7d28cc74 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 930724d7acdb7e35110646b26139cfe0aa25ce78 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
Checksums-Sha256: 
 e5385c4037ed8e468227a252ca33c7a89f13e833aadae98345c1cf10d93dc8e5 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 e608f452d88774275357fcf2c675868a3509474549375f1c374299ad9f42732a 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 e4b5f28d37029e9f88722986ea6f07fb23971030a4fa355bf7e43433e7c4ea16 60754 mysql-common_5.0.51a-24+lenny2_all.deb
 0ae02bbe5f11c1258a0315468b3f4cc13ea4176c9387bc29e594457c34c5d03c 55140 mysql-server_5.0.51a-24+lenny2_all.deb
 6722ebb14ab015b6f9595056e608bcc425887ca5db4f78198248660f79f22b25 52942 mysql-client_5.0.51a-24+lenny2_all.deb
 060e5c3456c40b0ab5d93bdcd225470c5a354f07da239e48d261414db2d05e5e 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 a1377e8abdccceb6514823aed566d57829cb792e78a990526d0bcc333132eb3f 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 2cf75766bb638bfb6fa883f75804bdb4fcb544ef79b309f9c6f574d8fb49f2f4 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 bc21f501f0f6292cdc46a5d18d90e03d1248a8ebae2ab70bbf788742210b2add 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
Files: 
 55c6c40c4cee89c4b9602b1f5c9fbab2 1745 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 73e71bc1448601de508d0aa47ca3c0c2 336017 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 29e2385383abbe3b88e370d7c024d8c1 60754 misc optional mysql-common_5.0.51a-24+lenny2_all.deb
 1b33f8d6803d58f3510f2b1a6fff9935 55140 misc optional mysql-server_5.0.51a-24+lenny2_all.deb
 1559a30bde9a3c81192c90401b11988c 52942 misc optional mysql-client_5.0.51a-24+lenny2_all.deb
 a4384b5580df4a2f92e0fb0850100128 1859180 libs optional libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 f105e413fd396eb1babf2e44c79f3393 7192962 libdevel optional libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 f662a309b3aeca56a98034b2a254f1eb 7785324 misc optional mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 6628ec53d3a651053b4426a51fac77a0 26514714 misc optional mysql-server-5.0_5.0.51a-24+lenny2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqWYcQACgkQiZgNKcDdyD9TfACfVu5r/HOQrKk03eCekkGVa5yW
Us0AmQH1zMENzFpW6Np7V+qV8SjTdcMx
=whgW
-----END PGP SIGNATURE-----





Reply sent to Sebastien Delafond <seb@debian.org>:
You have taken responsibility. (Fri, 04 Sep 2009 19:12:21 GMT) Full text and rfc822 format available.

Notification sent to "Michael S. Gilbert" <michael.s.gilbert@gmail.com>:
Bug acknowledged by developer. (Fri, 04 Sep 2009 19:12:21 GMT) Full text and rfc822 format available.

Message #42 received at 536726-close@bugs.debian.org (full text, mbox):

From: Sebastien Delafond <seb@debian.org>
To: 536726-close@bugs.debian.org
Subject: Bug#536726: fixed in mysql-dfsg-5.0 5.0.51a-24+lenny2
Date: Fri, 04 Sep 2009 18:32:33 +0000
Source: mysql-dfsg-5.0
Source-Version: 5.0.51a-24+lenny2

We believe that the bug you reported is fixed in the latest version of
mysql-dfsg-5.0, which is due to be installed in the Debian FTP archive:

libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
mysql-client_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-24+lenny2_all.deb
mysql-common_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-24+lenny2_all.deb
mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
mysql-server_5.0.51a-24+lenny2_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-24+lenny2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 536726@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastien Delafond <seb@debian.org> (supplier of updated mysql-dfsg-5.0 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 27 Aug 2009 10:31:25 +0200
Source: mysql-dfsg-5.0
Binary: libmysqlclient15off libmysqlclient15-dev mysql-common mysql-client-5.0 mysql-server-5.0 mysql-server mysql-client
Architecture: source all i386
Version: 5.0.51a-24+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>
Changed-By: Sebastien Delafond <seb@debian.org>
Description: 
 libmysqlclient15-dev - MySQL database development files
 libmysqlclient15off - MySQL database client library
 mysql-client - MySQL database client (metapackage depending on the latest versio
 mysql-client-5.0 - MySQL database client binaries
 mysql-common - MySQL database common files
 mysql-server - MySQL database server (metapackage depending on the latest versio
 mysql-server-5.0 - MySQL database server binaries
Closes: 536726
Changes: 
 mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high
 .
   * SECURITY:
     Fix for CVE-2009-2446: Multiple format string vulnerabilities in the
     dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL
     4.0.0 through 5.0.83 allow remote authenticated users to cause a denial
     of service (daemon crash) and possibly have unspecified other impact via
     format string specifiers in a database name in a (1) COM_CREATE_DB or
     (2) COM_DROP_DB request. Closes: #536726.
     Complete debdiff for 5.0.51a-24+lenny2 generously contributed by
     Christian Hammers <ch@debian.org>.
Checksums-Sha1: 
 dbacd17f4cce8c23d20dd03e0ef70d7c9d103f08 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 f4a9e089b8322f5cc333b16b3f27bab840f823cf 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 c9522b9211734b3855b1ef98fa318eee3588e255 60754 mysql-common_5.0.51a-24+lenny2_all.deb
 ec3271b8958baf89766d2b334db0edc6f4863777 55140 mysql-server_5.0.51a-24+lenny2_all.deb
 714690f6d1089a55418c4ebc2bdb7ef1dfa9e881 52942 mysql-client_5.0.51a-24+lenny2_all.deb
 d461f802a21c89cc8bb92e1be71937c5d952579d 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 a3dc78456ab492a5f9be9bcafa90cb471cdde1c2 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 5fe0256ad34aa8fb1affdf86d24c2b9f7d28cc74 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 930724d7acdb7e35110646b26139cfe0aa25ce78 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
Checksums-Sha256: 
 e5385c4037ed8e468227a252ca33c7a89f13e833aadae98345c1cf10d93dc8e5 1745 mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 e608f452d88774275357fcf2c675868a3509474549375f1c374299ad9f42732a 336017 mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 e4b5f28d37029e9f88722986ea6f07fb23971030a4fa355bf7e43433e7c4ea16 60754 mysql-common_5.0.51a-24+lenny2_all.deb
 0ae02bbe5f11c1258a0315468b3f4cc13ea4176c9387bc29e594457c34c5d03c 55140 mysql-server_5.0.51a-24+lenny2_all.deb
 6722ebb14ab015b6f9595056e608bcc425887ca5db4f78198248660f79f22b25 52942 mysql-client_5.0.51a-24+lenny2_all.deb
 060e5c3456c40b0ab5d93bdcd225470c5a354f07da239e48d261414db2d05e5e 1859180 libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 a1377e8abdccceb6514823aed566d57829cb792e78a990526d0bcc333132eb3f 7192962 libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 2cf75766bb638bfb6fa883f75804bdb4fcb544ef79b309f9c6f574d8fb49f2f4 7785324 mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 bc21f501f0f6292cdc46a5d18d90e03d1248a8ebae2ab70bbf788742210b2add 26514714 mysql-server-5.0_5.0.51a-24+lenny2_i386.deb
Files: 
 55c6c40c4cee89c4b9602b1f5c9fbab2 1745 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc
 73e71bc1448601de508d0aa47ca3c0c2 336017 misc optional mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz
 29e2385383abbe3b88e370d7c024d8c1 60754 misc optional mysql-common_5.0.51a-24+lenny2_all.deb
 1b33f8d6803d58f3510f2b1a6fff9935 55140 misc optional mysql-server_5.0.51a-24+lenny2_all.deb
 1559a30bde9a3c81192c90401b11988c 52942 misc optional mysql-client_5.0.51a-24+lenny2_all.deb
 a4384b5580df4a2f92e0fb0850100128 1859180 libs optional libmysqlclient15off_5.0.51a-24+lenny2_i386.deb
 f105e413fd396eb1babf2e44c79f3393 7192962 libdevel optional libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb
 f662a309b3aeca56a98034b2a254f1eb 7785324 misc optional mysql-client-5.0_5.0.51a-24+lenny2_i386.deb
 6628ec53d3a651053b4426a51fac77a0 26514714 misc optional mysql-server-5.0_5.0.51a-24+lenny2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqWYcQACgkQiZgNKcDdyD9TfACfVu5r/HOQrKk03eCekkGVa5yW
Us0AmQH1zMENzFpW6Np7V+qV8SjTdcMx
=whgW
-----END PGP SIGNATURE-----





Added tag(s) pending. Request was from Sean Finney <seanius@alioth.debian.org> to control@bugs.debian.org. (Sat, 05 Sep 2009 10:24:24 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 04 Oct 2009 07:32:26 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 10:42:12 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.