Multiple SQL injections
Bug #1049871 reported by
Vadim Tkachenko
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MySQL Server |
Unknown
|
Unknown
|
|||
Percona Server moved to https://jira.percona.com/projects/PS |
Fix Released
|
Critical
|
Vlad Lesin | ||
5.1 |
Fix Released
|
Critical
|
Vlad Lesin | ||
5.5 |
Fix Released
|
Critical
|
Vlad Lesin |
Bug Description
This bug is to follow http://
References:
1. MariaDB bug entry:
https:/
2. MariaDB patches:
http://
http://
http://
http://
3. MySQL bug entry:
4. The CVE id for this vulnerability is CVE-2012-4414
Related branches
lp:~vlad-lesin/percona-server/5.1-bug1049871-injections-gca
- Stewart Smith (community): Approve
- Laurynas Biveinis (community): Approve
-
Diff: 3096 lines (+1134/-485)37 files modifiedPercona-Server/client/sql_string.cc (+44/-0)
Percona-Server/client/sql_string.h (+10/-0)
Percona-Server/mysql-test/r/func_compress.result (+2/-2)
Percona-Server/mysql-test/r/mysqlbinlog.result (+12/-12)
Percona-Server/mysql-test/r/mysqlbinlog2.result (+35/-35)
Percona-Server/mysql-test/r/mysqlbinlog_row.result (+1/-1)
Percona-Server/mysql-test/r/mysqlbinlog_row_innodb.result (+4/-4)
Percona-Server/mysql-test/r/mysqlbinlog_row_myisam.result (+4/-4)
Percona-Server/mysql-test/r/mysqlbinlog_row_trans.result (+1/-1)
Percona-Server/mysql-test/r/user_var-binlog.result (+1/-1)
Percona-Server/mysql-test/r/variables.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_base64_flag.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_stm_ctype_ucs.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_stm_mix_innodb_myisam.result (+2/-2)
Percona-Server/mysql-test/suite/rpl/r/rpl_mdev382.result (+275/-0)
Percona-Server/mysql-test/suite/rpl/r/rpl_row_mysqlbinlog.result (+4/-4)
Percona-Server/mysql-test/suite/rpl/r/rpl_sp.result (+6/-6)
Percona-Server/mysql-test/suite/rpl/t/rpl_mdev382.test (+249/-0)
Percona-Server/sql/ha_ndbcluster_binlog.cc (+17/-8)
Percona-Server/sql/item.cc (+2/-1)
Percona-Server/sql/item_func.cc (+3/-3)
Percona-Server/sql/item_func.h (+1/-1)
Percona-Server/sql/log.cc (+5/-6)
Percona-Server/sql/log_event.cc (+251/-203)
Percona-Server/sql/log_event.h (+25/-22)
Percona-Server/sql/log_event_old.cc (+1/-1)
Percona-Server/sql/log_event_old.h (+1/-1)
Percona-Server/sql/mysql_priv.h (+1/-1)
Percona-Server/sql/sql_base.cc (+23/-12)
Percona-Server/sql/sql_db.cc (+19/-30)
Percona-Server/sql/sql_insert.cc (+7/-7)
Percona-Server/sql/sql_load.cc (+35/-56)
Percona-Server/sql/sql_repl.cc (+1/-1)
Percona-Server/sql/sql_show.cc (+6/-37)
Percona-Server/sql/sql_string.cc (+61/-10)
Percona-Server/sql/sql_string.h (+11/-0)
Percona-Server/sql/sql_table.cc (+11/-10)
lp:~vlad-lesin/percona-server/5.5-bug1049871-injections
- Stewart Smith (community): Approve
- Laurynas Biveinis (community): Approve
-
Diff: 3353 lines (+1256/-507)42 files modifiedPercona-Server/client/CMakeLists.txt (+1/-1)
Percona-Server/client/sql_string.cc (+44/-0)
Percona-Server/client/sql_string.h (+10/-0)
Percona-Server/mysql-test/r/func_compress.result (+2/-2)
Percona-Server/mysql-test/r/func_math.result (+4/-4)
Percona-Server/mysql-test/r/mysqlbinlog.result (+16/-16)
Percona-Server/mysql-test/r/mysqlbinlog2.result (+35/-35)
Percona-Server/mysql-test/r/mysqlbinlog_row.result (+1/-1)
Percona-Server/mysql-test/r/mysqlbinlog_row_innodb.result (+4/-4)
Percona-Server/mysql-test/r/mysqlbinlog_row_myisam.result (+4/-4)
Percona-Server/mysql-test/r/mysqlbinlog_row_trans.result (+1/-1)
Percona-Server/mysql-test/r/user_var-binlog.result (+1/-1)
Percona-Server/mysql-test/r/variables.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_base64_flag.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_stm_ctype_ucs.result (+1/-1)
Percona-Server/mysql-test/suite/binlog/r/binlog_stm_mix_innodb_myisam.result (+2/-2)
Percona-Server/mysql-test/suite/rpl/r/rpl_mdev382.result (+326/-0)
Percona-Server/mysql-test/suite/rpl/r/rpl_row_mysqlbinlog.result (+4/-4)
Percona-Server/mysql-test/suite/rpl/r/rpl_sp.result (+6/-6)
Percona-Server/mysql-test/suite/rpl/t/rpl_mdev382.test (+256/-0)
Percona-Server/sql/ha_ndbcluster_binlog.cc (+17/-8)
Percona-Server/sql/item.cc (+17/-1)
Percona-Server/sql/item.h (+1/-0)
Percona-Server/sql/item_func.cc (+3/-3)
Percona-Server/sql/item_func.h (+1/-1)
Percona-Server/sql/log.cc (+6/-6)
Percona-Server/sql/log_event.cc (+258/-204)
Percona-Server/sql/log_event.h (+25/-22)
Percona-Server/sql/log_event_old.cc (+1/-1)
Percona-Server/sql/log_event_old.h (+1/-1)
Percona-Server/sql/sql_base.cc (+24/-13)
Percona-Server/sql/sql_db.cc (+19/-29)
Percona-Server/sql/sql_load.cc (+37/-54)
Percona-Server/sql/sql_repl.cc (+1/-1)
Percona-Server/sql/sql_select.cc (+11/-2)
Percona-Server/sql/sql_show.cc (+6/-37)
Percona-Server/sql/sql_show.h (+1/-1)
Percona-Server/sql/sql_string.cc (+61/-10)
Percona-Server/sql/sql_string.h (+11/-0)
Percona-Server/sql/sql_table.cc (+11/-10)
Percona-Server/sql/sql_truncate.cc (+23/-18)
Percona-Server/sql/sql_yacc.yy (+1/-1)
CVE References
summary: |
- Multiple SQL injections in MySQL/MariaDB + Multiple SQL injections |
To post a comment you must log in.
Percona now uses JIRA for bug reports so this bug report is migrated to: https:/ /jira.percona. com/browse/ PS-348