-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 29 May 2025 22:11:53 +0200 Source: mydumper Binary: mydumper mydumper-dbgsym Architecture: armel Version: 0.10.1-1+deb12u2 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-conova-04) Changed-By: Lee Garrett Description: mydumper - High-performance MySQL backup tool Changes: mydumper (0.10.1-1+deb12u2) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS team. * Fix CVE-2025-30224: - The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted MySQL servers without explicitly disabling the local infile capability. Mydumper had the local infile option enabled by default and does not have an option to disable it. This can lead to an unexpected arbitrary file read if the Mydumper tool connects to an untrusted server. * Add autopkgtest integration tests * Add debian/gbp.conf Checksums-Sha1: 15767acdbec6ada03b9e289c7a0ba8bad36903d2 114520 mydumper-dbgsym_0.10.1-1+deb12u2_armel.deb eed163b5b82733903c4d9f27adefced2dbea088a 9509 mydumper_0.10.1-1+deb12u2_armel-buildd.buildinfo 631264587f4b72077a02ead2b8ccca439033d7d1 41728 mydumper_0.10.1-1+deb12u2_armel.deb Checksums-Sha256: cf9d4958c30b20dc5936989d43aa1a02238d157cccf6b1ae6c0f6d616570c76c 114520 mydumper-dbgsym_0.10.1-1+deb12u2_armel.deb f1d6c70be7196e7b7ff7f6e7a4dcaee2691645a029d82bdb67b10eb2290bef6c 9509 mydumper_0.10.1-1+deb12u2_armel-buildd.buildinfo df26cdf931f0d832db51273f520b9569b8d861e2f294771f899a43083446b8a0 41728 mydumper_0.10.1-1+deb12u2_armel.deb Files: 08e012ddc6028bbdbfa46cb3e0c69dbd 114520 debug optional mydumper-dbgsym_0.10.1-1+deb12u2_armel.deb 2b761d9b27159b951721b15a2658f9f2 9509 database extra mydumper_0.10.1-1+deb12u2_armel-buildd.buildinfo 0e07de487613951b86bbf2b5620d1757 41728 database extra mydumper_0.10.1-1+deb12u2_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvEwFZ4bqkVI+Rh6t+N4VxR6LZYEFAmjB71UACgkQ+N4VxR6L ZYEG5w//bnOY8xVWdw42PLXlbJoQKTQr/QcdeNBwX4+fNlnQUqS5X53SRfsb8B03 QrFCYbkjZN9ail5CgvwWmE+Gxpa4P9hvOvzcAXR4Ptdh2rKMg4aFXSdOaX47gmm4 xLVoLktWZuF0OqF8t6YqCjxdoQgvmmEYLcTAwLSV7dO4JFIZeDkC1GJ0DazQruz4 ZOxRArwrhpLM6TyjNHbQ0QDv/Ay3Rpr/pc1gChBTPdZEPaTPU2JHlxaCjH/JssEx oTA1Bhx9cu98bVcT3sqsB1QVWnR0s59KUWs6/9kkYeIlLpgdu2Too+oKbktvtYYn nTz61YhtGPZu7VkIWUFaunpr3j2HZjR4NHocfjIoI3zuIg3vydCarTxa7IspUofJ mdo8DOOg6YHEzkih7GqESkic3tKFvG83UPaDWq/Bjtczgv5xN8O7TUaNEudlfEfZ d9EJTNhso68VZSEa7JcgGordhJ4Q8P+UoGEJVICjb4rgYNTGOJqFI2y3wm/jNsEE 6LZVqzNI62bJ37rZ5AWohLXse6pZ42lJ0aHFQ5eJihJ/PZnYO6d7QpGhSaxgCuO0 r66gRA39++ie0PtkU53hZkmS79x1qN6iCZmSZLSTmUZAz3LexzGNLRiagp/HWk6M aYPcOj3p0VfhLMyfowxjwyyYvx2ZkHc4UJ09dHRXMe9JJPAuExs= =rpBA -----END PGP SIGNATURE-----