[Bug 217992] [NEW] mysql server crash using SELECT
Jamie Strandboge
jamie at ubuntu.com
Wed Apr 16 02:43:24 BST 2008
Public bug reported:
The following SRU request is to fix customer bug #217772.
1. This bug allows for an authenticated user to crash the mysql server
using simple '@@' select queries on 64-bit architectures. This bug only
affects Ubuntu 6.06 and 6.10. 7.04 and later are not affected.
2. The bug was fixed in upstream release 5.0.25. The bug is
http://bugs.mysql.com/bug.php?id=20908. All versions of mysql in Dapper
are affected (5.0.21-3ubuntu1 and 5.0.22-0ubuntu6.06.9).
3. Attached is the debdiff for the patch. It is based on
http://lists.mysql.com/commits/10782 which had to be lightly adapted for
the test cases only. The patch fixes the source code and also adds test
cases to the mysql-test build test suite.
4. TEST CASE:
To reproduce the bug, do on a Dapper 64 bit machine (eg amd64):
$ sudo apt-get install mysql-server-5.0
$ mysql -u root -p
mysql> select @@@VERSION;
5. The regression potential is believed to be negligible. The changes
were minimal, i368 and amd64 runs the test suite without errors and the
updated packages pass QA Regression Testing.
I will upload the packages soon.
** Affects: mysql-dfsg-5.0 (Ubuntu)
Importance: Undecided
Status: Fix Released
--
mysql server crash using SELECT
https://bugs.launchpad.net/bugs/217992
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list