Incompletely fixed MySQL bug
Bug #1083377 reported by
Stewart Smith
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MySQL Server |
Unknown
|
Unknown
|
|||
Percona Server moved to https://jira.percona.com/projects/PS |
Fix Released
|
Critical
|
Vlad Lesin | ||
5.1 |
Fix Released
|
Critical
|
Vlad Lesin | ||
5.5 |
Fix Released
|
Critical
|
Vlad Lesin |
Bug Description
MySQL bug 13889741 (which is CVE-2012-3163) was, apparently, not completely fixed. A very similar test case finds new, much more dangerous, buffer overflows in acl_get() and check_grant_
To exploit this one needs a valid low-privileged user account in the MariaDB (or MySQL) server.
This new vulnerability is registered as CVE-2012-5579
https:/
http://
http://
Related branches
lp:~vlad-lesin/percona-server/5.5-bug1083377
- Stewart Smith (community): Approve
- Sergei Glushchenko (community): Approve (g2)
-
Diff: 79 lines (+28/-4)3 files modifiedPercona-Server/mysql-test/r/information_schema.result (+4/-0)
Percona-Server/mysql-test/t/information_schema.test (+8/-0)
Percona-Server/sql/sql_acl.cc (+16/-4)
lp:~vlad-lesin/percona-server/5.1-bug1083377-gca
- Stewart Smith (community): Approve
- Sergei Glushchenko (community): Approve (g2)
-
Diff: 77 lines (+28/-4)3 files modifiedPercona-Server/mysql-test/r/information_schema.result (+4/-0)
Percona-Server/mysql-test/t/information_schema.test (+8/-0)
Percona-Server/sql/sql_acl.cc (+16/-4)
description: | updated |
Changed in percona-server: | |
assignee: | nobody → Vlad Lesin (vlad-lesin) |
status: | Triaged → Fix Committed |
information type: | Private Security → Public Security |
tags: | added: upstream |
To post a comment you must log in.
Stewart,
I would like we decide what do we do with this bug fix.