[Bug 172260] Re: [mysql] multiple vulnerabilities
jamie at ubuntu.com
Wed Mar 5 16:48:38 GMT 2008
CVE-2007-2692 is not fixed in Debian Etch (and therefore the patch can't
be used in Ubuntu releases). DSA-1413 omits part of the patch to
sql/sql_db.cc and the test cases. If use the test cases from
http://lists.mysql.com/commits/23650 against Etch, then it shows that
Etch is still vulnerable. MDKSA-2007:243 does not address
CVE-2007-2692. Investigating proper fix.
[mysql] multiple vulnerabilities
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu.
More information about the Ubuntu-server-bugs