-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 29 May 2025 22:11:53 +0200 Source: mydumper Binary: mydumper mydumper-dbgsym Architecture: mipsel Version: 0.10.1-1+deb12u2 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Lee Garrett Description: mydumper - High-performance MySQL backup tool Changes: mydumper (0.10.1-1+deb12u2) bookworm; urgency=medium . * Non-maintainer upload by the Debian LTS team. * Fix CVE-2025-30224: - The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted MySQL servers without explicitly disabling the local infile capability. Mydumper had the local infile option enabled by default and does not have an option to disable it. This can lead to an unexpected arbitrary file read if the Mydumper tool connects to an untrusted server. * Add autopkgtest integration tests * Add debian/gbp.conf Checksums-Sha1: d2a3621533ab3307ef928860e4f13c065b14eb3c 119076 mydumper-dbgsym_0.10.1-1+deb12u2_mipsel.deb 9f8c744e4b900b1bda24aad6e11c1a34afae06a0 9449 mydumper_0.10.1-1+deb12u2_mipsel-buildd.buildinfo 1dc229f464040d4e3db35c7584c51c002d5d5e3b 41216 mydumper_0.10.1-1+deb12u2_mipsel.deb Checksums-Sha256: a1516c37536c197e3d2e905c1e3f19a527118f8272af000db061a7d47ebf3310 119076 mydumper-dbgsym_0.10.1-1+deb12u2_mipsel.deb 7ecfcf8b97084d4d85757b0f8274f9d574222a0ddfe1e119008197476b752f9e 9449 mydumper_0.10.1-1+deb12u2_mipsel-buildd.buildinfo 4a01e56332493a079720269fd4f289a8719c3db744549a6a604e698805af2669 41216 mydumper_0.10.1-1+deb12u2_mipsel.deb Files: 473658f930e9c82aec4b64d140a604db 119076 debug optional mydumper-dbgsym_0.10.1-1+deb12u2_mipsel.deb a8485b1ed69b2a2e1706a948cff28ea4 9449 database extra mydumper_0.10.1-1+deb12u2_mipsel-buildd.buildinfo 0242608308a9356a7d077699aef9f656 41216 database extra mydumper_0.10.1-1+deb12u2_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYLhEzFkGpb3yYRVHmlVdU6AM9BUFAmjB6gMACgkQmlVdU6AM 9BUIAA/7BTmBoYv6cXXSSXntWjad/Wlb2GFxPOuPy/aXc4xOkDxeeuvJygQBbttJ LRMJI3zyhzyuIC/SsQGOI0IypVsu4FDPZ7VdUBfgBgZ198y71jhPnHKuk3DAKjMM FLdc5AGweK88GxGv5XNLEoFljpdK/s7jqCjJRtEtO39IKzZXCM5ZrEac30+Bb5Rh PwgcjgA6YFJdKXen6evima5Py6I2irR0z1HFiw6fiCM5aj1FuMq1m9MOv3lHdBL2 Ns0vfVK+S6i+hC/99Vv69TvgqC2r5wyLY2WhORcnuW5/W08UL3FaMn8TTGl1mF8Q VZbuBcbdHLzFxN8BCG/dWrf2A0aO1EXR7ig229OHG0di+dNGNHt5BjAIOmbg4ma/ BTeHbKUO+rMAxvmEUf3bGQGwDClM9waQ5f0XcyR64hJu5L3H0vGHJBfygq/+gXET /cLRdehoWw1pZEN0OMjUB3UP3dsDREjpp3qJkxIvbvoaQHWD+0kwtiQQ0M2w2/+5 ngRXG1EC7Yg1qlh58ay4gddqY7lU9QmBDxiAZF8/wOW0JTNrD/TdaryLT3RBy5Q9 6IUy0u1JFOW6CDMScPVZF+czjYIm4zroYr5bjnAcsEDF2zy7UKqeLZCGv3Cpc2GQ IVEHlThWCwa2jM/V+9k2zj8PGoxbPw8Sd3NwPpAl4Y2lGbftQcY= =OQ+M -----END PGP SIGNATURE-----