[Marc Deslauriers]
* debian/mysql-server-5.0.preinst: Set mysql user's home directory
to /nonexistent to protect against having the /var/lib/mysql
user-writeable. If an attacker can trick mysqld into creating
dot files in the home directory, he could do .rhost-like attacks
on the system. (LP: #293258)
[Chuck Short]
* debian/mysql-server-5.1.mysql.upstart: Dont wait forever for a ping from
the mysql server. It might not be configured properly. (LP: #551097)
-- Chuck Short <email address hidden> Thu, 20 May 2010 15:35:48 -0400
This bug was fixed in the package mysql-dfsg-5.1 - 5.1.43-1ubuntu2
---------------
mysql-dfsg-5.1 (5.1.43-1ubuntu2) maverick; urgency=low
[Marc Deslauriers] mysql-server- 5.0.preinst: Set mysql user's home directory
* debian/
to /nonexistent to protect against having the /var/lib/mysql
user-writeable. If an attacker can trick mysqld into creating
dot files in the home directory, he could do .rhost-like attacks
on the system. (LP: #293258)
[Chuck Short] mysql-server- 5.1.mysql. upstart: Dont wait forever for a ping from
* debian/
the mysql server. It might not be configured properly. (LP: #551097)
-- Chuck Short <email address hidden> Thu, 20 May 2010 15:35:48 -0400