[Bug 172260] Re: [mysql] multiple vulnerabilities

Jamie Strandboge jamie at ubuntu.com
Wed Mar 5 16:48:38 GMT 2008


STATUS UPDATE

CVE-2007-2692 is not fixed in Debian Etch (and therefore the patch can't
be used in Ubuntu releases).  DSA-1413 omits part of the patch to
sql/sql_db.cc and the test cases.  If use the test cases from
http://lists.mysql.com/commits/23650 against Etch, then it shows that
Etch is still vulnerable.  MDKSA-2007:243 does not address
CVE-2007-2692. Investigating proper fix.

-- 
[mysql] multiple vulnerabilities
https://bugs.launchpad.net/bugs/172260
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu.



More information about the Ubuntu-server-bugs mailing list