[Pkg-mysql-commits] r2252 - mysql-5.5/branches/unstable/debian
James Downing Page
jamespage at moszumanska.debian.org
Fri Jan 17 17:20:34 UTC 2014
tags 711600 pending
thanks
Author: jamespage
Date: 2014-01-17 17:20:34 +0000 (Fri, 17 Jan 2014)
New Revision: 2252
Modified:
mysql-5.5/branches/unstable/debian/changelog
mysql-5.5/branches/unstable/debian/mysql-server-5.5.postinst
Log:
SECURITY UPDATE:
- CVE-2013-2162: Insecure creation of the credential file debian.cnf.
Set umask to 066 before creating debian.cnf file. (Closes: #711600)
(LP: #1185573)
Modified: mysql-5.5/branches/unstable/debian/changelog
===================================================================
--- mysql-5.5/branches/unstable/debian/changelog 2014-01-17 17:17:17 UTC (rev 2251)
+++ mysql-5.5/branches/unstable/debian/changelog 2014-01-17 17:20:34 UTC (rev 2252)
@@ -29,6 +29,10 @@
* Sync changes from NMU 5.5.33+dfsg-0+wheezy1:
- d/NEWS: Add NEWS file to document changes needed to existing databases
to drop insecure database permissions.
+ SECURITY UPDATE:
+ - CVE-2013-2162: Insecure creation of the credential file debian.cnf.
+ Set umask to 066 before creating debian.cnf file. (Closes: #711600)
+ (LP: #1185573)
-- Clint Byrum <spamaps at debian.org> Thu, 26 Sep 2013 18:51:57 -0700
Modified: mysql-5.5/branches/unstable/debian/mysql-server-5.5.postinst
===================================================================
--- mysql-5.5/branches/unstable/debian/mysql-server-5.5.postinst 2014-01-17 17:17:17 UTC (rev 2251)
+++ mysql-5.5/branches/unstable/debian/mysql-server-5.5.postinst 2014-01-17 17:20:34 UTC (rev 2252)
@@ -173,7 +173,9 @@
else
pass=`perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)'`;
if [ ! -d "$mysql_cfgdir" ]; then install -o 0 -g 0 -m 0755 -d $mysql_cfgdir; fi
+ umask 066
cat /dev/null > $dc
+ umask 022
echo "# Automatically generated for Debian scripts. DO NOT TOUCH!" >>$dc
echo "[client]" >>$dc
echo "host = localhost" >>$dc
More information about the Pkg-mysql-commits
mailing list