Ubuntu

“mysql-dfsg-5.0” 5.0.45-1ubuntu3.4 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.45-1ubuntu3.4) gutsy-security; urgency=low

  * SECURITY UPDATE: denial of service via an empty bit-string literal (b'')
    - debian/patches/98_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string::
      Item_bin_string() in sql/item.cc to parse an empty bit-string literal
      as an empty string.
    - CVE-2008-3963
  * SECURITY UPDATE: privilege circumvention via the creation of MyISAM
    tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
    existing table files in the data directory. This update is a complete
    fix for the three CVE numbers listed below. This fix alters table creation
    behaviour by disallowing the use of the MySQL data directory in DATA
    DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
    - debian/patches/99_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL
      data directory in DATA DIRECTORY and INDEX DIRECTORY options.
    - CVE-2008-2079
    - CVE-2008-4097
    - CVE-2008-4098
  * debian/rules: do not update po tree for security updates.

 -- Marc Deslauriers <email address hidden>   Thu, 13 Nov 2008 10:34:12 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2008-11-14
Uploaded to:
Gutsy
Original maintainer:
Ubuntu Development Team
Component:
main
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
mysql-dfsg-5.0_5.0.45.orig.tar.gz 17.0 MiB ab450aa2e9b89f3b4e01fd12375b1bee
mysql-dfsg-5.0_5.0.45-1ubuntu3.4.diff.gz 237.7 KiB 6b79d30861b757447d41706e3731e395
mysql-dfsg-5.0_5.0.45-1ubuntu3.4.dsc 1.3 KiB 9a87569e45aded8c98c43d53c12d30de

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu gutsy.

No description available for libmysqlclient15-dev in ubuntu gutsy.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu gutsy.

No description available for libmysqlclient15off in ubuntu gutsy.

mysql-client: No summary available for mysql-client in ubuntu gutsy.

No description available for mysql-client in ubuntu gutsy.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu gutsy.

No description available for mysql-client-5.0 in ubuntu gutsy.

mysql-common: No summary available for mysql-common in ubuntu gutsy.

No description available for mysql-common in ubuntu gutsy.

mysql-server: No summary available for mysql-server in ubuntu gutsy.

No description available for mysql-server in ubuntu gutsy.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu gutsy.

No description available for mysql-server-5.0 in ubuntu gutsy.