Format: 1.7
Date: Sun, 06 Jun 2010 23:45:00 -0400
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: amd64
Version: 5.0.22-0ubuntu6.06.14
Distribution: dapper
Urgency: low
Maintainer: Ubuntu/amd64 Build Daemon <buildd@yellow.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libmysqlclient15-dev - mysql database development files
 libmysqlclient15off - mysql database client library
 mysql-client-5.0 - mysql database client binaries
 mysql-server-5.0 - mysql database server binaries
Changes: 
 mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.14) dapper-security; urgency=low
 .
   * SECURITY UPDATE: privilege check bypass via crafted table name argument
     to COM_FIELD_LIST
     - debian/patches/111_CVE-2010-1848.dpatch: check table name in
       sql/sql_parse.cc, Add tests to tests/mysql_client_test.c.
     - CVE-2010-1848
   * SECURITY UPDATE: denial of service via large packets
     - debian/patches/110_CVE-2010-1849.dpatch: handle big packets in
       sql/sql_parse.cc, include/mysql_com.h, sql/net_serv.cc.
     - CVE-2010-1849
   * SECURITY UPDATE: arbitrary code execution via crafted table name
     argument to COM_FIELD_LIST
     - debian/patches/109_CVE-2010-1850.dpatch: check table name length in
       sql/sql_parse.cc.
     - CVE-2010-1850
   * SECURITY UPDATE: DROP TABLE privilege bypass via symlink attack
     - debian/patches/112_CVE-2010-1626.dpatch: check for symlinks in
       myisam/mi_delete_table.c.
     - CVE-2010-1626
Files: 
 67b5f92c75db1a1cad9d95fd95b451e6 1424462 libs optional libmysqlclient15off_5.0.22-0ubuntu6.06.14_amd64.deb
 df016a8f22d8e5659c6dcf214a699ec9 6731062 libdevel optional libmysqlclient15-dev_5.0.22-0ubuntu6.06.14_amd64.deb
 bba9c4c95ebcfd38c833dcd975e8f5c7 6899554 misc optional mysql-client-5.0_5.0.22-0ubuntu6.06.14_amd64.deb
 ac3e2ae32217e490050586b9150f5bf4 22494620 misc optional mysql-server-5.0_5.0.22-0ubuntu6.06.14_amd64.deb