Ubuntu
mysql-dfsg-5.0 package

mysql-dfsg-5.0 5.0.51a-3ubuntu5.4 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.51a-3ubuntu5.4) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via an empty bit-string literal (b'')
    - debian/patches/95_SECURITY_CVE-2008-3963.dpatch: fix Item_bin_string::
      Item_bin_string() in sql/item.cc to parse an empty bit-string literal
      as an empty string.
    - CVE-2008-3963
  * SECURITY UPDATE: privilege circumvention via the creation of MyISAM
    tables using the DATA DIRECTORY and INDEX DIRECTORY options to overwrite
    existing table files in the data directory. This update is a complete
    fix for the three CVE numbers listed below. This fix alters table creation
    behaviour by disallowing the use of the MySQL data directory in DATA
    DIRECTORY and INDEX DIRECTORY options. (LP: #254129)
    - debian/patches/96_SECURITY_CVE-2008-4098.dpatch: Disallow use of MySQL
      data directory in DATA DIRECTORY and INDEX DIRECTORY options.
    - CVE-2008-2079
    - CVE-2008-4097
    - CVE-2008-4098
  * debian/rules: do not update po tree for security updates.

 -- Marc Deslauriers <email address hidden>   Thu, 13 Nov 2008 14:56:05 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
mysql-dfsg-5.0_5.0.51a.orig.tar.gz 17.1 MiB 9cfa50ae9bf3c798f218abe80032ce2363b085d64154f9e91f1f2c45619740d0
mysql-dfsg-5.0_5.0.51a-3ubuntu5.4.diff.gz 307.0 KiB 19d1903f1325ee9fc72ec3fdad36995c40265d47b41b506979af40ce6a8fe8b1
mysql-dfsg-5.0_5.0.51a-3ubuntu5.4.dsc 1.4 KiB 0b3ec47a7f0ad7d37be1bd4d5ea9de91279117cadbd68225239d493d9c63947c

View changes file

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu hardy.

No description available for libmysqlclient15-dev in ubuntu hardy.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu hardy.

No description available for libmysqlclient15off in ubuntu hardy.

mysql-client: No summary available for mysql-client in ubuntu hardy.

No description available for mysql-client in ubuntu hardy.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu hardy.

No description available for mysql-client-5.0 in ubuntu hardy.

mysql-common: No summary available for mysql-common in ubuntu hardy.

No description available for mysql-common in ubuntu hardy.

mysql-server: No summary available for mysql-server in ubuntu hardy.

No description available for mysql-server in ubuntu hardy.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu hardy.

No description available for mysql-server-5.0 in ubuntu hardy.