Ubuntu
mysql-5.1 package

Security vulnerability in 64bit builds of MySQL server

Bug #1011783 reported by Brantley Hobbs
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mysql-5.1 (Ubuntu)
New
Undecided
Unassigned

Bug Description

64 bit installations of Ubuntu server have a mysql-server package that is vulnerable to CVE-2012-2122

Additional information:
http://seclists.org/oss-sec/2012/q2/493
https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql

This bug has been verified to exist in fully-patched 11.10 server installations.

Revision history for this message
Brantley Hobbs (brantley-hobbs) wrote :

Marked public so that others see it and you don't get deluged with bug reports.

visibility: private → public
Revision history for this message
Brantley Hobbs (brantley-hobbs) wrote :

Changing package to 5.1, since that's what's available in 11.10 by default.

affects: mysql-5.5 (Ubuntu) → mysql-5.1 (Ubuntu)
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.