[ubuntu/hardy-security] mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_amd64_translations.tar.gz, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_i386_translations.tar.gz, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_hppa_translations.tar.gz, mysql-dfsg-5.0, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_powerpc_translations.tar.gz, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_ia64_translations.tar.gz, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_lpia_translations.tar.gz, mysql-dfsg-5.0_5.0.51a-3ubuntu5.7_sparc_translations.tar.gz (delayed) 5.0.51a-3ubuntu5.7 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Jun 9 15:05:23 BST 2010
mysql-dfsg-5.0 (5.0.51a-3ubuntu5.7) hardy-security; urgency=low
* SECURITY UPDATE: privilege check bypass via crafted table name argument
to COM_FIELD_LIST
- debian/patches/102_CVE-2010-1848.dpatch: check table name in
sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/101_CVE-2010-1849.dpatch: handle big packets in
sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/100_CVE-2010-1850.dpatch: check table name length in
sql/sql_parse.cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/103_CVE-2010-1626.dpatch: check for symlinks in
myisam/mi_delete_table.c.
- CVE-2010-1626
Date: Mon, 07 Jun 2010 09:01:22 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/mysql-dfsg-5.0/5.0.51a-3ubuntu5.7
-------------- next part --------------
Format: 1.7
Date: Mon, 07 Jun 2010 09:01:22 -0400
Source: mysql-dfsg-5.0
Binary: libmysqlclient15off libmysqlclient15-dev mysql-common mysql-client-5.0 mysql-server-5.0 mysql-server mysql-client
Architecture: source
Version: 5.0.51a-3ubuntu5.7
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libmysqlclient15-dev - MySQL database development files
libmysqlclient15off - MySQL database client library
mysql-client - MySQL database client (meta package depending on the latest versi
mysql-client-5.0 - MySQL database client binaries
mysql-common - MySQL database common files
mysql-server - MySQL database server (meta package depending on the latest versi
mysql-server-5.0 - MySQL database server binaries
Changes:
mysql-dfsg-5.0 (5.0.51a-3ubuntu5.7) hardy-security; urgency=low
.
* SECURITY UPDATE: privilege check bypass via crafted table name argument
to COM_FIELD_LIST
- debian/patches/102_CVE-2010-1848.dpatch: check table name in
sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
- CVE-2010-1848
* SECURITY UPDATE: denial of service via large packets
- debian/patches/101_CVE-2010-1849.dpatch: handle big packets in
sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
- CVE-2010-1849
* SECURITY UPDATE: arbitrary code execution via crafted table name
argument to COM_FIELD_LIST
- debian/patches/100_CVE-2010-1850.dpatch: check table name length in
sql/sql_parse.cc.
- CVE-2010-1850
* SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
- debian/patches/103_CVE-2010-1626.dpatch: check for symlinks in
myisam/mi_delete_table.c.
- CVE-2010-1626
Files:
8be295965f02ffd99a2020190979dcdb 1431 misc optional mysql-dfsg-5.0_5.0.51a-3ubuntu5.7.dsc
72c8a87102208b177d007f1aa6c4b87b 342380 misc optional mysql-dfsg-5.0_5.0.51a-3ubuntu5.7.diff.gz
Original-Maintainer: Debian MySQL Maintainers <pkg-mysql-maint at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list