<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    As noted in the changelog for 5.5.53 at
    <a class="moz-txt-link-freetext" href="https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html">https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html</a>,<br>
    MySQL 5.5.53 contains a change that requires packaging changes and
    could potentially impact users:<br>
    <br>
    By default the server will restrict the server's access for <font
      size="3">SELECT INTO OUTFILE and LOAD DATA operations to
      /var/lib/mysql-files, and requires the directory to be present at
      startup.<br>
      This behavior can be changed at build-time to either turn such
      access off completely or make it unrestricted (current behavior).<br>
      <br>
      We strongly recommend keeping the default behavior to improve the
      default security, i.e. change packaging to create the mysql-files
      directory. We're not aware of any other packages that rely on this
      functionality, but there is a risk of this change disrupting user
      workflows.<br>
      <br>
      --<br>
      Lars</font><br>
    <br>
    <div class="moz-cite-prefix">On 10/17/2016 10:05 AM, Norvald H.
      Ryeng wrote:<br>
    </div>
    <blockquote cite="mid:op.ypgwqxrffswwb0@atum22.no.oracle.com"
      type="cite">Source: mysql-5.5
      <br>
      Version: 5.5.52-0+deb8u1
      <br>
      Severity: grave
      <br>
      Tags: security upstream fixed-upstream
      <br>
      <br>
      The Oracle Critical Patch Update for October 2016 will be released
      on Tuesday, October 18. According to the pre-release announcement
      [1], it will contain information about CVEs fixed in MySQL 5.5.53.
      <br>
      <br>
      The CVE numbers will be available when the CPU is released.
      <br>
      <br>
      Regards,
      <br>
      <br>
      Norvald H. Ryeng
      <br>
      <br>
      [1]
<a class="moz-txt-link-freetext" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html</a><br>
      <br>
      _______________________________________________
      <br>
      pkg-mysql-maint mailing list
      <br>
      <a class="moz-txt-link-abbreviated" href="mailto:pkg-mysql-maint@lists.alioth.debian.org">pkg-mysql-maint@lists.alioth.debian.org</a>
      <br>
<a class="moz-txt-link-freetext" href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint">http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint</a>
      <br>
    </blockquote>
    <br>
  </body>
</html>