mysql-dfsg-5.0 5.0.22-0ubuntu6.06.5 source package in Ubuntu
Changelog
mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.5) dapper-security; urgency=low
* SECURITY UPDATE: denial of service via crafted IF clause
* debian/patches/SECURITY_CVE-2007-2583.dpatch: fix sql/item_cmpfunc.cc
to verify res is not NULL
* SECURITY UPDATE: privilege escalation
* debian/patches/SECURITY_CVE-2007-2691.dpatch: fix sql/sql_parse.cc to
make sure DROP privileges are required when using RENAME TABLE
statements
* SECURITY UPDATE: denial of service via crafted authentication
request
* debian/patches/SECURITY_CVE-2007-3780.dpatch: fix sql/sql_parse.cc to
not overflow a signed char
* SECURITY UPDATE: privilege escalation via views
* debian/patches/SECURITY_CVE-2007-3782.dpatch: fix sql/sql_prepare.cc
and sql/sql_update.cc to properly verify access privileges to
external tables
* SECURITY UPDATE: warn on startup if root mysql account has a blank
password. debian/mysql-server-5.0.mysql.init: supply 'reset-password' and
check for blank password. Based on work by Soren Hansen.
* References
CVE-2007-2583
CVE-2007-2691
CVE-2007-3780
CVE-2007-3782
Launchpad #119075
-- Jamie Strandboge <email address hidden> Tue, 2 Oct 2007 14:46:02 -0400
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Dapper
- Original maintainer:
- Christian Hammers
- Architectures:
- any
- Section:
- misc
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mysql-dfsg-5.0_5.0.22.orig.tar.gz | 17.6 MiB | b1aa489bb44621a6b6209884a5afb3b4a92431219ca7282636f93c3e53ba2785 |
| mysql-dfsg-5.0_5.0.22-0ubuntu6.06.5.diff.gz | 133.6 KiB | 5eee096b5a2bad569122cf3860e771c3e116d54fdc6087ef0cb2df9c7eb1cb7e |
| mysql-dfsg-5.0_5.0.22-0ubuntu6.06.5.dsc | 1.1 KiB | d9b0f034fa80f0af665e19b3734b8a1f9ae75896849725ea881f860b192ab000 |
Binary packages built by this source
- libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu dapper.
No description available for libmysqlclient1
5-dev in ubuntu dapper.
- libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu dapper.
No description available for libmysqlclient15off in ubuntu dapper.
- mysql-client: No summary available for mysql-client in ubuntu dapper.
No description available for mysql-client in ubuntu dapper.
- mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu dapper.
No description available for mysql-client-5.0 in ubuntu dapper.
- mysql-common: No summary available for mysql-common in ubuntu dapper.
No description available for mysql-common in ubuntu dapper.
- mysql-server: No summary available for mysql-server in ubuntu dapper.
No description available for mysql-server in ubuntu dapper.
- mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu dapper.
No description available for mysql-server-5.0 in ubuntu dapper.
