Accepted mysql-dfsg-5.0 5.0.38-0ubuntu1.1 (source)

Ubuntu Installer archive at ubuntu.com
Wed Oct 10 19:57:01 BST 2007 

Accepted:
 OK: mysql-dfsg-5.0_5.0.38.orig.tar.gz
 OK: mysql-dfsg-5.0_5.0.38-0ubuntu1.1.diff.gz
 OK: mysql-dfsg-5.0_5.0.38-0ubuntu1.1.dsc
     -> Component: main Section: misc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  3 Oct 2007 13:32:38 -0400
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source
Version: 5.0.38-0ubuntu1.1
Distribution: feisty-security
Urgency: low
Maintainer: Jamie Strandboge <jamie at ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libmysqlclient15-dev - mysql database development files
 libmysqlclient15off - mysql database client library
 mysql-client - mysql database client (meta package depending on the latest versi
 mysql-client-5.0 - mysql database client binaries
 mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
 mysql-server - mysql database server (meta package depending on the latest versi
 mysql-server-4.1 - mysql database server (transitional package)
 mysql-server-5.0 - mysql database server binaries
Changes: 
 mysql-dfsg-5.0 (5.0.38-0ubuntu1.1) feisty-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted IF clause
   * debian/patches/91_CVE-2007-2583.dpatch: fix sql/item_cmpfunc.cc to verify
     res is not NULL
   * SECURITY UPDATE: privilege escalation
   * debian/patches/91_CVE-2007-2691.dpatch: fix sql/sql_parse.cc to make sure
     DROP privileges are required when using RENAME TABLE statements
   * SECURITY UPDATE: denial of service via crafted authentication request
   * debian/patches/91_CVE-2007-3780.dpatch: fix sql/sql_parse.cc to not
     overflow a signed char
   * SECURITY UPDATE: privilege escalation via views
   * debian/patches/91_CVE-2007-3782.dpatch: fix sql/sql_prepare.cc and
     sql/sql_update.cc to properly verify access privileges to external tables
   * SECURITY UPDATE: warn on startup if root mysql account has a blank
     password. debian/mysql-server-5.0.mysql.init: supply 'reset-password' and
     check for blank password.  Based on work by Soren Hansen.
   * References
     CVE-2007-2583
     CVE-2007-2691
     CVE-2007-3780
     CVE-2007-3782
     Launchpad #119075
Files: 
 1d2d29837f0327bdb007a6f6bb99d458 1209 misc optional mysql-dfsg-5.0_5.0.38-0ubuntu1.1.dsc
 52b584c506693eea79bdf575dbaeabf4 148883 misc optional mysql-dfsg-5.0_5.0.38-0ubuntu1.1.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHC8n5H/9LqRcGPm0RArKoAJ9FPLP1lsIOS7Cm0Y8xpov376HgmwCfVJb+
XMHTiEYAC+Spnbzv1dhIlps=
=HEi8
-----END PGP SIGNATURE-----

More information about the feisty-changes mailing list