Several unfixed security issues

Bug #65040 reported by Martin Pitt on 2006-10-10
256
Affects Status Importance Assigned to Milestone
mysql-dfsg-5.0 (Ubuntu)
High
Adam Conrad

Bug Description

The current edgy package has three open security vulnerabilities:

CVE-2006-4031: allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. (fixed upstream in 5.0.24)

CVE-2006-4226: allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions (fixed upstream in 5.0.25, fixed in Debian in 5.0.24-3)

CVE-2006-4227: evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. (fixed upstream in 5.0.25, fixed in Debian in 5.0.24-3)

Preferably we should just merge from Debian since our current version is quite old and Debian has a lot of bug fixes.

CVE References

Martin Pitt (pitti) on 2006-10-10
Changed in mysql-dfsg-5.0:
importance: Undecided → High
status: Unconfirmed → Confirmed
Adam Conrad (adconrad) wrote :

For the record, my changes to make sure that the backgrounded processes started from the init script don't spew on stdout (thus breaking debconf in weird ways) have been merged into Debian by now, and a straight sync should serve us quite well.

Adam Conrad (adconrad) wrote :

Synced.

Changed in mysql-dfsg-5.0:
assignee: nobody → adconrad
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers