[Bug 186978] Re: [mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL

Launchpad Bug Tracker 186978 at bugs.launchpad.net
Thu Mar 20 11:03:35 GMT 2008


This bug was fixed in the package mysql-dfsg-5.0 - 5.0.45-1ubuntu3.3

---------------
mysql-dfsg-5.0 (5.0.45-1ubuntu3.3) gutsy-security; urgency=low

  * no change build for -security upload

mysql-dfsg-5.0 (5.0.45-1ubuntu3.2) gutsy-proposed; urgency=low

  * SECURITY UPDATE: buffer overflow via ProcessOldClientHello() in
    handshake.cpp and input_buffer& operator>> in yassl_imp.cpp
  * SECURITY UPDATE: buffer overread in HASHwithTransform::Update in hash.cpp
  * debian/patches/95_SECURITY_CVE-2008-0226_0227.dpatch: properly verify
    length of input (LP: #186978)
  * SECURITY UPDATE: privilege escalation via crafted CREATE SQL SECURITY
    DEFINER VIEW and ALTER VIEW statements
  * debian/patches/96_SECURITY_CVE-2007-6303.dpatch: make sure lex->definer
    is non-NULL in sql_view.cc (LP: #185039)
  * debian/patches/97_view_fix-now.dpatch: update view.test and view.result to
    use a static year instead of now(). These tests are not part of the build
    but helps with qa-regression-testing
  * References
    CVE-2008-0226
    CVE-2008-0227
    CVE-2007-6303

 -- Jamie Strandboge <jamie at ubuntu.com>   Wed, 19 Mar 2008 15:18:09
-0400

** Changed in: mysql-dfsg-5.0 (Ubuntu Gutsy)
       Status: Fix Committed => Fix Released

** Changed in: mysql-dfsg-5.0 (Ubuntu Feisty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-2692

-- 
[mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL
https://bugs.launchpad.net/bugs/186978
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu.



More information about the Ubuntu-server-bugs mailing list