Serious regression in replication caused by fix for CVE-2012-4414
Bug #1154675 reported by
Clint Byrum
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MySQL Server |
Unknown
|
Unknown
|
|||
mysql-5.5 (Debian) |
Fix Released
|
Unknown
|
|||
mysql-5.5 (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
According to this blog post by Stewart Smith:
It looks like 5.5.29 has a serious problem with replication. This basically leaves CVE-2012-4414 only half-fixed.
CVE References
Changed in mysql-5.5 (Debian): | |
status: | Unknown → Fix Committed |
Changed in mysql-5.5 (Debian): | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
There is a known working patch that has been applied in Percona Server and MariaDB, including regression tests. I have tested this patch in Debian and it seems to work.
The patch is available in the Debian packaging svn mirror. It is for 5.5.30.. but can be fixed fairly easily for 5.5.29 (just the extra comments in the mdev test's results have to be removed)
http:// anonscm. debian. org/viewvc/ pkg-mysql/ mysql-5. 5/branches/ unstable/ debian/ patches/ debian- mdev382- fixup.patch? revision= 2217&view= markup