mysql-dfsg-5.0 5.0.45-1ubuntu3.4 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.45-1ubuntu3.4) gutsy-security; urgency=low

  * SECURITY UPDATE: denial of service via an empty bit-string literal (b'')
    - debian/patches/98_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string::
      Item_bin_string() in sql/item.cc to parse an empty bit-string literal
      as an empty string.
    - CVE-2008-3963
  * SECURITY UPDATE: privilege circumvention via the creation of MyISAM
    tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
    existing table files in the data directory. This update is a complete
    fix for the three CVE numbers listed below. This fix alters table creation
    behaviour by disallowing the use of the MySQL data directory in DATA
    DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
    - debian/patches/99_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL
      data directory in DATA DIRECTORY and INDEX DIRECTORY options.
    - CVE-2008-2079
    - CVE-2008-4097
    - CVE-2008-4098
  * debian/rules: do not update po tree for security updates.

 -- Marc Deslauriers <email address hidden>   Thu, 13 Nov 2008 10:34:12 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2008-11-14
Uploaded to:
Gutsy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
mysql-dfsg-5.0_5.0.45.orig.tar.gz 17.0 MiB 8a24707b2c6cd28f0ae9b7ea80e44903c5dc6271f60e0afaf8cbac53efba9c3a
mysql-dfsg-5.0_5.0.45-1ubuntu3.4.diff.gz 237.7 KiB cbb9c1e4e61acfe3b4ad314e05f8c169cd00f780bb46c79348176e8224fa751f
mysql-dfsg-5.0_5.0.45-1ubuntu3.4.dsc 1.3 KiB fafadb6bf293c5178b89f2e36056cbfc3078a6508bbaf2a83c953e9f86b0d410

View changes file

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu gutsy.

No description available for libmysqlclient15-dev in ubuntu gutsy.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu gutsy.

No description available for libmysqlclient15off in ubuntu gutsy.

mysql-client: No summary available for mysql-client in ubuntu gutsy.

No description available for mysql-client in ubuntu gutsy.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu gutsy.

No description available for mysql-client-5.0 in ubuntu gutsy.

mysql-common: No summary available for mysql-common in ubuntu gutsy.

No description available for mysql-common in ubuntu gutsy.

mysql-server: No summary available for mysql-server in ubuntu gutsy.

No description available for mysql-server in ubuntu gutsy.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu gutsy.

No description available for mysql-server-5.0 in ubuntu gutsy.