--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2005-167803 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167803 2005-11-29 --------------------------------------------------------------------- Name : mysql Versions : rh7.3: mysql-3.23.58-1.73.8.legacy Versions : rh9: mysql-3.23.58-1.90.9.legacy Versions : fc1: mysql-3.23.58-4.6.legacy Versions : fc2: mysql-3.23.58-16.FC2.3.legacy Summary : The MySQL server and related files. Description : MySQL is a true multi-user, multi-threaded SQL database server. MySQL is a client/server implementation that consists of a server daemon (mysqld) and many different client programs and libraries. This package contains the MySQL server and some accompanying files and directories. --------------------------------------------------------------------- Update Information: Updated mysql packages that fix a security issue are now available. MySQL is a multi-user, multi-threaded SQL database server. Reid Borsuk discovered a buffer overflow in the MySQL init_syms() function. A user with the ability to create and execute a user defined function could potentially execute arbitrary code on the MySQL server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2558 to this issue. This release fixes two additional problems. A regression was introduced in a patch included in the previous MySQL packages that resulted in queries performing a DELETE without a WHERE failing on ISAM tables. Also, the MySQL init script was improved to allow the MySQL service to restart properly during upgrades. All users of the MySQL server are advised to upgrade to these updated packages, which contain fixes for these issues. --------------------------------------------------------------------- Changelogs rh73: * Mon Nov 28 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.73.8.legacy - Fixed typo in init script * Sat Nov 26 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.73.7.legacy - Updated init script (#172426) (#152531) - Updated security2 patch to fix DELETE without WHERE issue (#168542) - Added patch to fix CVE-2005-2558 rh9: * Mon Nov 28 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.90.9.legacy - Fixed typo in init script * Sat Nov 26 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.90.8.legacy - Updated init script (#172426) (#152531) * Sun Nov 20 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-1.90.7.legacy - Updated security2 patch to fix DELETE without WHERE issue (#168542) - Added patch to fix CVE-2005-2558 fc1: * Tue Nov 29 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-4.6.legacy - Fixed typo in init script * Sat Nov 26 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-4.5.legacy - Updated init script (#172426) (#152531) - Updated security2 patch to fix DELETE without WHERE issue (#168542) - Added patch to fix CVE-2005-2558 fc2: * Tue Nov 29 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-16.FC2.3.legacy - Fixed typo in init script * Sat Nov 26 2005 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 3.23.58-16.FC2.2.legacy - Updated init script (#172426) (#152531) - Updated security2 patch to fix DELETE without WHERE issue (#168542) - Added patch to fix CVE-2005-2558 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: 95a3829a3dff72c4d411e0aef92904382bc5bdf0 redhat/7.3/updates-testing/i386/mysql-3.23.58-1.73.8.legacy.i386.rpm 77d968e0038c539dbcba7c3022a2a6f85a51c884 redhat/7.3/updates-testing/i386/mysql-devel-3.23.58-1.73.8.legacy.i386.rpm 906a3990e57c3b95fa75150a2905f09234a4c9ac redhat/7.3/updates-testing/i386/mysql-server-3.23.58-1.73.8.legacy.i386.rpm 4ab25f651faff3f7f7f57c14c427b3380dc8701f redhat/7.3/updates-testing/SRPMS/mysql-3.23.58-1.73.8.legacy.src.rpm rh9: 70f2943ec073a23cb596bfcc7fe1262410bf5b18 redhat/9/updates-testing/i386/mysql-3.23.58-1.90.9.legacy.i386.rpm 4b640a5f12088f1d4de93f19a5f1bf817df32599 redhat/9/updates-testing/i386/mysql-devel-3.23.58-1.90.9.legacy.i386.rpm 90f923a4d29a3aab8884b327ebe1d82e11b0e1f9 redhat/9/updates-testing/i386/mysql-server-3.23.58-1.90.9.legacy.i386.rpm 603a0a915b2415a2b32da73be9f155aaa5e2c8ba redhat/9/updates-testing/SRPMS/mysql-3.23.58-1.90.9.legacy.src.rpm fc1: 264c90e5f71b15bd1c416587a36a209a020a4cff fedora/1/updates-testing/i386/mysql-3.23.58-4.6.legacy.i386.rpm 0b39c15da8705ea47fed4dbfcac4eaac22b0b909 fedora/1/updates-testing/i386/mysql-bench-3.23.58-4.6.legacy.i386.rpm c3d5d996da0ce7e1472ba7a108cc8d710ee46192 fedora/1/updates-testing/i386/mysql-devel-3.23.58-4.6.legacy.i386.rpm 8a1acfa5a416a22a285cc219eed0ef0b904eb784 fedora/1/updates-testing/i386/mysql-server-3.23.58-4.6.legacy.i386.rpm bb9a8da7fe794c6d919416c1746bd2c143defeb7 fedora/1/updates-testing/SRPMS/mysql-3.23.58-4.6.legacy.src.rpm fc2: 242577abc7a4705586e1ac9c892997d12c51e1bd fedora/2/updates-testing/i386/mysql-3.23.58-16.FC2.3.legacy.i386.rpm 5279aa559e950ab8d9e64fc8b2fe002d376cc0c3 fedora/2/updates-testing/i386/mysql-bench-3.23.58-16.FC2.3.legacy.i386.rpm 9d30ecae7a1f73862b25d06f3e87e3677144c045 fedora/2/updates-testing/i386/mysql-devel-3.23.58-16.FC2.3.legacy.i386.rpm 9346371f4b58845bae1d166e8b393d18b85b4479 fedora/2/updates-testing/i386/mysql-server-3.23.58-16.FC2.3.legacy.i386.rpm 842aa0b00a7e9b96e60742785ff2e574b39a94e0 fedora/2/updates-testing/SRPMS/mysql-3.23.58-16.FC2.3.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
