--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2005-152925 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152925 2005-05-02 --------------------------------------------------------------------- Name : mysql Versions : rh7.3: mysql-3.23.58-1.73.6.legacy Versions : rh9: mysql-3.23.58-1.90.6.legacy Versions : fc1: mysql-3.23.58-4.4.legacy Summary : The MySQL server and related files. Description : MySQL is a true multi-user, multi-threaded SQL database server. MySQL is a client/server implementation that consists of a server daemon (mysqld) and many different client programs and libraries. This package contains the MySQL server and some accompanying files and directories. --------------------------------------------------------------------- Update Information: Updated mysql packages that fix various security issues are now available. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL server. Stefano Di Paola discovered two bugs in the way MySQL handles user- defined functions. A user with the ability to create and execute a user defined function could potentially execute arbitrary code on the MySQL server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0709 and CAN-2005-0710 to these issues. Stefano Di Paola also discovered a bug in the way MySQL creates temporary tables. A local user could create a specially crafted symlink which could result in the MySQL server overwriting a file which it has write access to. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-0711 to this issue. All users of the MySQL server are advised to upgrade to these updated packages, which contain fixes for these issues. --------------------------------------------------------------------- Changelogs rh73: * Wed Apr 13 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.73.6.legacy - Backpatch repair for CAN-2005-0709, CAN-2005-0710, CAN-2005-0711 - Fix init script to not need a valid username for startup check - Don't assume /etc/my.cnf will specify pid-file - add sleep to mysql.init restart(); rh9: * Wed Apr 13 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.90.6.legacy - Backpatch repair for CAN-2005-0709, CAN-2005-0710, CAN-2005-0711 - Fix init script to not need a valid username for startup check - Don't assume /etc/my.cnf will specify pid-file - add sleep to mysql.init restart(); fc1: * Wed Apr 13 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-4.4.legacy - Backpatch repair for CAN-2005-0709, CAN-2005-0710, CAN-2005-0711 - Fix init script to not need a valid username for startup check - Don't assume /etc/my.cnf will specify pid-file - add sleep to mysql.init restart(); --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: 6b9ad2acc6eaaebeef935feb6e32b1e59f8d1e94 redhat/7.3/updates-testing/i386/mysql-3.23.58-1.73.6.legacy.i386.rpm 090bce8a56c5cc7fedbca223925eb9d15dca5cd5 redhat/7.3/updates-testing/i386/mysql-devel-3.23.58-1.73.6.legacy.i386.rpm 8d8565f44b2de5f7d36274803d04e4b06e2abf81 redhat/7.3/updates-testing/i386/mysql-server-3.23.58-1.73.6.legacy.i386.rpm 1d8f01787f7824c2d2638c8e48e9e8c03d7c0c28 redhat/7.3/updates-testing/SRPMS/mysql-3.23.58-1.73.6.legacy.src.rpm rh9: c838b40be12cd10b40f4b2c7e4c14c368734da23 redhat/9/updates-testing/i386/mysql-3.23.58-1.90.6.legacy.i386.rpm dc86a50ecfef42f4f85aaf798f84beea0bf656fa redhat/9/updates-testing/i386/mysql-devel-3.23.58-1.90.6.legacy.i386.rpm dc24c3c52eeb2874b3547b0d2347e214b321da02 redhat/9/updates-testing/i386/mysql-server-3.23.58-1.90.6.legacy.i386.rpm 4f713ffcf56fd07d19e12f291a87a4feea6fbd23 redhat/9/updates-testing/SRPMS/mysql-3.23.58-1.90.6.legacy.src.rpm fc1: ed3ddb39dbadf121a87348c9b7cfb3d6fc3917c4 fedora/1/updates-testing/i386/mysql-3.23.58-4.4.legacy.i386.rpm 3c57f554ed37cbb29e05773c1527f389f4601b16 fedora/1/updates-testing/i386/mysql-bench-3.23.58-4.4.legacy.i386.rpm d08b91055dae251b192de109a453a4bbe03828c9 fedora/1/updates-testing/i386/mysql-devel-3.23.58-4.4.legacy.i386.rpm 950b5116ba77127478cb02d5a9b7e23711376daf fedora/1/updates-testing/i386/mysql-server-3.23.58-4.4.legacy.i386.rpm 56257305e480c2db1669de92024033f7bb9f1702 fedora/1/updates-testing/SRPMS/mysql-3.23.58-4.4.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
