Ubuntu
mysql-dfsg-5.0 package

mysql-dfsg-5.0 5.0.22-0ubuntu6.06.11 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.11) dapper-security; urgency=low

  * SECURITY UPDATE: denial of service via an empty bit-string literal (b'')
    - debian/patches/106_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string::
      Item_bin_string() in sql/item.cc to parse an empty bit-string literal
      as an empty string.
    - CVE-2008-3963
  * SECURITY UPDATE: privilege circumvention via the creation of MyISAM
    tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
    existing table files in the data directory. This update is a complete
    fix for the three CVE numbers listed below. This fix alters table creation
    behaviour by disallowing the use of the MySQL data directory in DATA
    DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
    - debian/patches/107_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL
      data directory in DATA DIRECTORY and INDEX DIRECTORY options.
    - CVE-2008-2079
    - CVE-2008-4097
    - CVE-2008-4098

 -- Marc Deslauriers <email address hidden>   Mon, 10 Nov 2008 13:42:30 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Dapper
Original maintainer:
Christian Hammers
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
mysql-dfsg-5.0_5.0.22.orig.tar.gz 17.6 MiB b1aa489bb44621a6b6209884a5afb3b4a92431219ca7282636f93c3e53ba2785
mysql-dfsg-5.0_5.0.22-0ubuntu6.06.11.diff.gz 162.1 KiB 7e5c6a096ed696027038afa903105187f5d10d1f5f124aab37216e3ff37533da
mysql-dfsg-5.0_5.0.22-0ubuntu6.06.11.dsc 1.1 KiB 5c1331997a05a5476624ba532dc86e16410fdf5c1edc6632a5e0cbdf64cc2dfc

View changes file

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu dapper.

No description available for libmysqlclient15-dev in ubuntu dapper.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu dapper.

No description available for libmysqlclient15off in ubuntu dapper.

mysql-client: No summary available for mysql-client in ubuntu dapper.

No description available for mysql-client in ubuntu dapper.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu dapper.

No description available for mysql-client-5.0 in ubuntu dapper.

mysql-common: No summary available for mysql-common in ubuntu dapper.

No description available for mysql-common in ubuntu dapper.

mysql-server: No summary available for mysql-server in ubuntu dapper.

No description available for mysql-server in ubuntu dapper.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu dapper.

No description available for mysql-server-5.0 in ubuntu dapper.