Comment 5 for bug 293258

This bug was fixed in the package mysql-dfsg-5.1 - 5.1.43-1ubuntu2

---------------
mysql-dfsg-5.1 (5.1.43-1ubuntu2) maverick; urgency=low

  [Marc Deslauriers]
  * debian/mysql-server-5.0.preinst: Set mysql user's home directory
    to /nonexistent to protect against having the /var/lib/mysql
    user-writeable. If an attacker can trick mysqld into creating
    dot files in the home directory, he could do .rhost-like attacks
    on the system. (LP: #293258)

  [Chuck Short]
  * debian/mysql-server-5.1.mysql.upstart: Dont wait forever for a ping from
    the mysql server. It might not be configured properly. (LP: #551097)
 -- Chuck Short <email address hidden> Thu, 20 May 2010 15:35:48 -0400