Comment 5 for bug 1011371

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mysql-dfsg-5.0 - 5.0.96-0ubuntu3

---------------
mysql-dfsg-5.0 (5.0.96-0ubuntu3) hardy-security; urgency=low

  * SECURITY UPDATE: authentication bypass (LP: #1011371)
    - debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
      in sql/password.c.
    - CVE-2012-2122
  * debian/mysql-server.preinst: Removed to prevent service from remaining
    stopped after getting updated. The upgrade logic is still present in
    mysql-common.preinst. (LP: #988325)
 -- Marc Deslauriers <email address hidden> Mon, 11 Jun 2012 09:04:56 -0400