Ubuntu
mysql-dfsg-5.0 package

mysql-dfsg-5.0 5.0.22-0ubuntu6.06.1 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.1) dapper-security; urgency=low

  * SECURITY UPDATE: Privilege escalation.
  * Add debian/patches/SECURITY_CVE-2006-3041.dpatch:
    - Add --{skip-}merge options to disable the MERGE engine.
    - This closes a potential pitfall when an user creates a merge table, and
      the admin revokes privileges to the original table without revoking
      privs to the merged table, too.
    - Patch ported from upstream BK commit.
    - References:
      CVE-2006-3041
      http://bugs.mysql.com/bug.php?id=15195
  * Note: This version is not vulnerable against the case sensitive database
    name comparison bug [CVE-2006-4226].
  * Add debian/patches/SECURITY_CVE-2006-4227.dpatch:
    - Routine arguments were evaluated in the security context of the routine
      itself, not in the caller's context. This could be exploited for
      privilege escalation in setuid functions.
    - Patch ported from Debian's 5.0.24-3 upload.
    - References:
      CVE-2006-4227
      http://bugs.mysql.com/bug.php?id=18630

 -- Martin Pitt <email address hidden>   Mon,  4 Sep 2006 14:37:59 +0000

Upload details

Uploaded by:
Martin Pitt
Uploaded to:
Dapper
Original maintainer:
Christian Hammers
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
mysql-dfsg-5.0_5.0.22.orig.tar.gz 17.6 MiB b1aa489bb44621a6b6209884a5afb3b4a92431219ca7282636f93c3e53ba2785
mysql-dfsg-5.0_5.0.22-0ubuntu6.06.1.diff.gz 122.4 KiB 7c80eddc9e230295336da44e8a48d961c5dab87ec45f5d07c837208ffd0ec4f4
mysql-dfsg-5.0_5.0.22-0ubuntu6.06.1.dsc 1.1 KiB 1a98a6177a2e4840df578d70e16aa6fd505efea5af31454633980ba6c0a0b53b

View changes file

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu dapper.

No description available for libmysqlclient15-dev in ubuntu dapper.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu dapper.

No description available for libmysqlclient15off in ubuntu dapper.

mysql-client: No summary available for mysql-client in ubuntu dapper.

No description available for mysql-client in ubuntu dapper.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu dapper.

No description available for mysql-client-5.0 in ubuntu dapper.

mysql-common: No summary available for mysql-common in ubuntu dapper.

No description available for mysql-common in ubuntu dapper.

mysql-server: No summary available for mysql-server in ubuntu dapper.

No description available for mysql-server in ubuntu dapper.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu dapper.

No description available for mysql-server-5.0 in ubuntu dapper.