mysql-dfsg-5.1 5.1.37-1ubuntu5.5 source package in Ubuntu
Changelog
mysql-dfsg-5.1 (5.1.37-1ubuntu5.5) karmic-security; urgency=low * SECURITY UPDATE: denial of service via UPGRADE DATA DIRECTORY NAME command - debian/patches/60_CVE-2010-2008.dpatch: correctly filter prefixes and paths in sql/table.cc, sql/sql_table.cc, sql/mysql_priv.h. Add tests to mysql-test/*. - CVE-2010-2008 * SECURITY UPDATE: denial of service via joins involving a table with a unique SET column - debian/patches/60_CVE-2010-3677.dpatch: improve logic in sql/item_cmpfunc.cc. Add tests to mysql-test/*. - CVE-2010-3677 * SECURITY UPDATE: denial of service via incorrect handling of NULL arguments - debian/patches/60_CVE-2010-3678.dpatch: make sure items are valid in sql/item_cmpfunc.cc. Add tests to mysql-test/*. - CVE-2010-3678 * SECURITY UPDATE: denial of service via malformed argument to the BINLOG statement - debian/patches/60_CVE-2010-3679.dpatch: check lengths in sql/sql_binlog.cc. Add tests to mysql-test/*. - CVE-2010-3679 * SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with nullable columns - debian/patches/60_CVE-2010-3680.dpatch: check for null datatype in storage/{innobase,innodb_plugin}/handler/ha_innodb.cc. Add tests to mysql-test/*. - CVE-2010-3680 * SECURITY UPDATE: denial of service via alternate reads from two indexes on a table using the HANDLER interface - debian/patches/60_CVE-2010-3681.dpatch: check for the same index in sql/sql_handler.cc. Add tests to mysql-test/*. - CVE-2010-3681 * SECURITY UPDATE: denial of service via use of EXPLAIN with certain queries - debian/patches/60_CVE-2010-3682.dpatch: improve conditional in sql/sql_select.cc. Add tests to mysql-test/*. - CVE-2010-3682 * SECURITY UPDATE: denial of service and incorrect error handling in LOAD DATA INFILE. - debian/patches/60_CVE-2010-3683.dpatch: check for errors in sql/sql_load.cc. Don't print error on server in sql/net_serv.cc. Add tests to mysql-test/*. - CVE-2010-3683 * SECURITY UPDATE: denial of service via incorrect propagation of type errors. - debian/patches/60_CVE-2010-3833.dpatch: properly check for execution errors in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3833 * SECURITY UPDATE: denial of service via derived table materializing. - debian/patches/60_CVE-2010-3834.dpatch: handle temporary tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*. - CVE-2010-3834 * SECURITY UPDATE: denial of service via user-variable assignment expression. - debian/patches/60_CVE-2010-3835.dpatch: fix logic in sql/item_func.*, Add tests to mysql-test/*. - CVE-2010-3835 * SECURITY UPDATE: denial of service via pre-evaluation of LIKE predicates during view preparation. - debian/patches/60_CVE-2010-3836.dpatch: make sure we're not in view preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*. - CVE-2010-3836 * SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and WITH ROLLUP together. - debian/patches/60_CVE-2010-3837.dpatch: create a copy of the order structures in sql/item_sum.cc, sql/table.h. Add tests to mysql-test/*. - CVE-2010-3837 * SECURITY UPDATE: denial of service via longblob and union or update with subquery. - debian/patches/60_CVE-2010-3838.dpatch: handle REAL_RESULT in sql/item_func.cc. Add tests to mysql-test/*. - CVE-2010-3838 * SECURITY UPDATE: denial of service via certain queries with nested joins. - debian/patches/60_CVE-2010-3839.dpatch: fix nesting in sql/sql_select.cc. Add tests to mysql-test/*. - CVE-2010-3839 * SECURITY UPDATE: denial of service via PolyFromWKB() function and improper data. - debian/patches/60_CVE-2010-3840.dpatch: improve data handling in sql/spatial.cc. Add tests to mysql-test/*. - CVE-2010-3840 -- Marc Deslauriers <email address hidden> Tue, 09 Nov 2010 08:42:37 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Karmic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- misc
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
mysql-dfsg-5.1_5.1.37.orig.tar.gz | 17.0 MiB | 3da7b362c2259cd93ee30794343b15e4f5e765cae578f528501469e5beaa35d6 |
mysql-dfsg-5.1_5.1.37-1ubuntu5.5.diff.gz | 335.6 KiB | e06fba3b41736a28ec3d2149f4b55bf73f0212d786c179990abe15c2158a799f |
mysql-dfsg-5.1_5.1.37-1ubuntu5.5.dsc | 2.5 KiB | 694110ed02a74b4e9a95ab19a595dbca2de96b5373f8c134dd4ad5b9e9c60c72 |
Available diffs
Binary packages built by this source
- libmysqlclient-dev: No summary available for libmysqlclient-dev in ubuntu karmic.
No description available for libmysqlclient-dev in ubuntu karmic.
- libmysqlclient16: No summary available for libmysqlclient16 in ubuntu karmic.
No description available for libmysqlclient16 in ubuntu karmic.
- libmysqlclient16-dev: No summary available for libmysqlclient16-dev in ubuntu karmic.
No description available for libmysqlclient1
6-dev in ubuntu karmic.
- libmysqld-dev: No summary available for libmysqld-dev in ubuntu karmic.
No description available for libmysqld-dev in ubuntu karmic.
- libmysqld-pic: No summary available for libmysqld-pic in ubuntu karmic.
No description available for libmysqld-pic in ubuntu karmic.
- mysql-client: No summary available for mysql-client in ubuntu karmic.
No description available for mysql-client in ubuntu karmic.
- mysql-client-5.1: No summary available for mysql-client-5.1 in ubuntu karmic.
No description available for mysql-client-5.1 in ubuntu karmic.
- mysql-common: No summary available for mysql-common in ubuntu karmic.
No description available for mysql-common in ubuntu karmic.
- mysql-server: No summary available for mysql-server in ubuntu karmic.
No description available for mysql-server in ubuntu karmic.
- mysql-server-5.1: No summary available for mysql-server-5.1 in ubuntu karmic.
No description available for mysql-server-5.1 in ubuntu karmic.
- mysql-server-core-5.1: No summary available for mysql-server-core-5.1 in ubuntu karmic.
No description available for mysql-server-
core-5. 1 in ubuntu karmic.