[ubuntu/dapper-security] mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_powerpc_translations.tar.gz, mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_hppa_translations.tar.gz, mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_amd64_translations.tar.gz, mysql-dfsg-5.0, mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_ia64_translations.tar.gz, mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_sparc_translations.tar.gz (delayed), mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12_i386_translations.tar.gz 5.0.22-0ubuntu6.06.12 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Feb 10 14:06:16 GMT 2010
mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.12) dapper-security; urgency=low
* SECURITY UPDATE: Cross-site scripting in the command-line client
- debian/patches/108_CVE-2008-4456.dpatch: use xmlencode_print in
client/mysql.cc, add test to mysql-test/*.
- CVE-2008-4456
* SECURITY UPDATE: format string vulnerabilities in the dispatch_command
function
- debian/patches/108_CVE-2009-2446.dpatch: use correct format string in
sql/sql_parse.cc, add test to tests/mysql_client_test.c.
- CVE-2009-2446
* SECURITY UPDATE: denial of service via certain SELECT statements with
subqueries and statements that use the GeomFromWKB function
- debian/patches/108_CVE-2009-4019.dpatch: handle errors in
sql/sql_select.cc, set correct null_value in sql/item_geofunc.cc, add
tests to mysql-test/*.
- CVE-2009-4019
* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
of the mysql_unpacked_real_data_home value
- debian/patches/108_CVE-2009-4030.dpatch: fix initialization order in
sql/mysqld.cc.
- CVE-2009-4030
Date: Mon, 08 Feb 2010 09:03:38 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Christian Hammers <ch at debian.org>
https://launchpad.net/ubuntu/dapper/+source/mysql-dfsg-5.0/5.0.22-0ubuntu6.06.12
-------------- next part --------------
Format: 1.7
Date: Mon, 08 Feb 2010 09:03:38 -0500
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source
Version: 5.0.22-0ubuntu6.06.12
Distribution: dapper-security
Urgency: low
Maintainer: Christian Hammers <ch at debian.org>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libmysqlclient15-dev - mysql database development files
libmysqlclient15off - mysql database client library
mysql-client - mysql database client (current version)
mysql-client-5.0 - mysql database client binaries
mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
mysql-server - mysql database server (current version)
mysql-server-5.0 - mysql database server binaries
Changes:
mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.12) dapper-security; urgency=low
.
* SECURITY UPDATE: Cross-site scripting in the command-line client
- debian/patches/108_CVE-2008-4456.dpatch: use xmlencode_print in
client/mysql.cc, add test to mysql-test/*.
- CVE-2008-4456
* SECURITY UPDATE: format string vulnerabilities in the dispatch_command
function
- debian/patches/108_CVE-2009-2446.dpatch: use correct format string in
sql/sql_parse.cc, add test to tests/mysql_client_test.c.
- CVE-2009-2446
* SECURITY UPDATE: denial of service via certain SELECT statements with
subqueries and statements that use the GeomFromWKB function
- debian/patches/108_CVE-2009-4019.dpatch: handle errors in
sql/sql_select.cc, set correct null_value in sql/item_geofunc.cc, add
tests to mysql-test/*.
- CVE-2009-4019
* SECURITY UPDATE: privilege restriction bypass via incorrect calculation
of the mysql_unpacked_real_data_home value
- debian/patches/108_CVE-2009-4030.dpatch: fix initialization order in
sql/mysqld.cc.
- CVE-2009-4030
Files:
a7e5e72f375a937a016791eb938b0c43 1125 misc optional mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12.dsc
00d09bda2a9e6a8d09bb9b871987049f 167876 misc optional mysql-dfsg-5.0_5.0.22-0ubuntu6.06.12.diff.gz
More information about the dapper-changes
mailing list