-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:094 http://www.mandriva.com/security/ _______________________________________________________________________ Package : mysql Date : April 22, 2009 Affected: 2008.1, 2009.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement (CVE-2008-3963). MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079 (CVE-2008-4097). MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097 (CVE-2008-4098). Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document (CVE-2008-4456). bugs in the Mandriva Linux 2008.1 packages that has been fixed: o upstream fix for mysql bug35754 (#38398, #44691) o fix #46116 (initialization file mysqld-max don't show correct application status) o fix upstream bug 42366 bugs in the Mandriva Linux 2009.0 packages that has been fixed: o upgraded 5.0.67 to 5.0.77 (fixes CVE-2008-3963, CVE-2008-4097, CVE-2008-4098) o no need to workaround #38398, #44691 anymore (since 5.0.75) o fix upstream bug 42366 o fix #46116 (initialization file mysqld-max don't show correct application status) o sphinx-0.9.8.1 bugs in the Mandriva Linux Corporate Server 4 packages that has been fixed: o fix upstream bug 42366 o fix #46116 (initialization file mysqld-max don't show correct application status) The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 9b4727c105c6bb91fe0109c48c6a62c7 2008.1/i586/libmysql15-5.0.51a-8.2mdv2008.1.i586.rpm 36f5d40e048209da259ffe577b26b197 2008.1/i586/libmysql-devel-5.0.51a-8.2mdv2008.1.i586.rpm 3bebe8b1b61d3740e363ebc6b5277984 2008.1/i586/libmysql-static-devel-5.0.51a-8.2mdv2008.1.i586.rpm 4381320bb57dd72b179f12854d4a19c0 2008.1/i586/mysql-5.0.51a-8.2mdv2008.1.i586.rpm a354c4f603650556a45f45508085ee04 2008.1/i586/mysql-bench-5.0.51a-8.2mdv2008.1.i586.rpm 4ef771023a2ca2d3b4e0ab09f05196a4 2008.1/i586/mysql-client-5.0.51a-8.2mdv2008.1.i586.rpm ed81d02b8375e951630ff140aee787f4 2008.1/i586/mysql-common-5.0.51a-8.2mdv2008.1.i586.rpm cf37d0ee972f6b76608cc489fe741259 2008.1/i586/mysql-doc-5.0.51a-8.2mdv2008.1.i586.rpm 7dbe697e63e649d90fc10bd463c617c3 2008.1/i586/mysql-max-5.0.51a-8.2mdv2008.1.i586.rpm bae41a72b59a29f2c8551a2797e952b6 2008.1/i586/mysql-ndb-extra-5.0.51a-8.2mdv2008.1.i586.rpm 2bfb6c5489c1385d9e0002042e18363f 2008.1/i586/mysql-ndb-management-5.0.51a-8.2mdv2008.1.i586.rpm 60acd7ec6ce976d0cc4acfe0c863b949 2008.1/i586/mysql-ndb-storage-5.0.51a-8.2mdv2008.1.i586.rpm 8176402e8f031009d503571c202d5d23 2008.1/i586/mysql-ndb-tools-5.0.51a-8.2mdv2008.1.i586.rpm 19db21438d94249221d0891420ccd5a4 2008.1/SRPMS/mysql-5.0.51a-8.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: e2416c3607efbc575cc39829b949abbd 2008.1/x86_64/lib64mysql15-5.0.51a-8.2mdv2008.1.x86_64.rpm 9b895531d53e5ba9dfc021b44f823533 2008.1/x86_64/lib64mysql-devel-5.0.51a-8.2mdv2008.1.x86_64.rpm dbc865fb0174b6c224a4ac4aa407d9df 2008.1/x86_64/lib64mysql-static-devel-5.0.51a-8.2mdv2008.1.x86_64.rpm 9a51080fb59c70798278305989b66dce 2008.1/x86_64/mysql-5.0.51a-8.2mdv2008.1.x86_64.rpm 2599471a229267a60c85900816e06a6d 2008.1/x86_64/mysql-bench-5.0.51a-8.2mdv2008.1.x86_64.rpm a4174b9642f7f38a20881e6ef2e26a09 2008.1/x86_64/mysql-client-5.0.51a-8.2mdv2008.1.x86_64.rpm 1e95a340c0b06efad67cf380a25f47d8 2008.1/x86_64/mysql-common-5.0.51a-8.2mdv2008.1.x86_64.rpm 3aede79c806ee16a3b372ac16423319e 2008.1/x86_64/mysql-doc-5.0.51a-8.2mdv2008.1.x86_64.rpm 593d76e5d1d80e01ea664b8abcad7886 2008.1/x86_64/mysql-max-5.0.51a-8.2mdv2008.1.x86_64.rpm d229e1e2c6e9b3c22858f87a94a02c2d 2008.1/x86_64/mysql-ndb-extra-5.0.51a-8.2mdv2008.1.x86_64.rpm 9600603733943299e131deca88afd28f 2008.1/x86_64/mysql-ndb-management-5.0.51a-8.2mdv2008.1.x86_64.rpm 2cd0850a913ed9330111fc8c4677eed0 2008.1/x86_64/mysql-ndb-storage-5.0.51a-8.2mdv2008.1.x86_64.rpm d8ba1a56b9d1af528182e97eeb789aa5 2008.1/x86_64/mysql-ndb-tools-5.0.51a-8.2mdv2008.1.x86_64.rpm 19db21438d94249221d0891420ccd5a4 2008.1/SRPMS/mysql-5.0.51a-8.2mdv2008.1.src.rpm Mandriva Linux 2009.0: 1191b4a2117e57d3f05f7e0caa16f411 2009.0/i586/libmysql15-5.0.77-0.2mdv2009.0.i586.rpm 3d7d538d91e79060f28840895a19ae0e 2009.0/i586/libmysql-devel-5.0.77-0.2mdv2009.0.i586.rpm ecba0d2d283106737b132b468c1452ea 2009.0/i586/libmysql-static-devel-5.0.77-0.2mdv2009.0.i586.rpm a33ae4ff855bcad95944a3e370f5bbcb 2009.0/i586/mysql-5.0.77-0.2mdv2009.0.i586.rpm 05bbda41d412ae5718f59c1cb374347d 2009.0/i586/mysql-bench-5.0.77-0.2mdv2009.0.i586.rpm 02bf37b39c69440f132f63c47310bf71 2009.0/i586/mysql-client-5.0.77-0.2mdv2009.0.i586.rpm e031d16609e22505c1d6227d89fd47ad 2009.0/i586/mysql-common-5.0.77-0.2mdv2009.0.i586.rpm 145910d58bffce4df2357ccd3c724148 2009.0/i586/mysql-doc-5.0.77-0.2mdv2009.0.i586.rpm 1e0d73afb856fe088070a287ca697350 2009.0/i586/mysql-max-5.0.77-0.2mdv2009.0.i586.rpm 64cfa38b7667d0d0de6b2e31ccf9bc5a 2009.0/i586/mysql-ndb-extra-5.0.77-0.2mdv2009.0.i586.rpm 246f05a349d63952e0e165e4c791f108 2009.0/i586/mysql-ndb-management-5.0.77-0.2mdv2009.0.i586.rpm b868d15abbf241de5efcd36709da8528 2009.0/i586/mysql-ndb-storage-5.0.77-0.2mdv2009.0.i586.rpm 2c2ffe4bf5bb40cc58310b3715833a40 2009.0/i586/mysql-ndb-tools-5.0.77-0.2mdv2009.0.i586.rpm d635c890e7c2fbca462bb64b7df3aa5b 2009.0/SRPMS/mysql-5.0.77-0.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: d58cbe41094a42e932be80d93edf150d 2009.0/x86_64/lib64mysql15-5.0.77-0.2mdv2009.0.x86_64.rpm a22ef0c87675a2c0364ac16767e6344a 2009.0/x86_64/lib64mysql-devel-5.0.77-0.2mdv2009.0.x86_64.rpm 922ebba7d7d045b3f54ff1b938076cd7 2009.0/x86_64/lib64mysql-static-devel-5.0.77-0.2mdv2009.0.x86_64.rpm ef2e3123fb0c76bbf00f5dfe07c23b7c 2009.0/x86_64/mysql-5.0.77-0.2mdv2009.0.x86_64.rpm 6ee14f2f4276c6ec68b2f08010d2e313 2009.0/x86_64/mysql-bench-5.0.77-0.2mdv2009.0.x86_64.rpm 245bf40c8682e7f383818a6372bb5878 2009.0/x86_64/mysql-client-5.0.77-0.2mdv2009.0.x86_64.rpm 3158cf10cba8acef4e4df1eee4f173a1 2009.0/x86_64/mysql-common-5.0.77-0.2mdv2009.0.x86_64.rpm 85e46c80b0388393aa0ba4664d6a0501 2009.0/x86_64/mysql-doc-5.0.77-0.2mdv2009.0.x86_64.rpm 788f14a27ab2b97003c97d38ccd30b3c 2009.0/x86_64/mysql-max-5.0.77-0.2mdv2009.0.x86_64.rpm 25e2dc9d6bce3b3ee4c79015f1a063d9 2009.0/x86_64/mysql-ndb-extra-5.0.77-0.2mdv2009.0.x86_64.rpm bd887b6c4d2069e5123e8f4a16e49638 2009.0/x86_64/mysql-ndb-management-5.0.77-0.2mdv2009.0.x86_64.rpm 99ce6bafe9b4a7ceaf1b73d11f295f45 2009.0/x86_64/mysql-ndb-storage-5.0.77-0.2mdv2009.0.x86_64.rpm dbfa0beec9664e3a318fd34c9a3b5fa6 2009.0/x86_64/mysql-ndb-tools-5.0.77-0.2mdv2009.0.x86_64.rpm d635c890e7c2fbca462bb64b7df3aa5b 2009.0/SRPMS/mysql-5.0.77-0.2mdv2009.0.src.rpm Corporate 4.0: 3557c7bb228099472a0c89e6d694d6e5 corporate/4.0/i586/libmysql15-5.0.45-7.3.20060mlcs4.i586.rpm cfd1b37b291bd2a1181a1bd194b3e322 corporate/4.0/i586/libmysql-devel-5.0.45-7.3.20060mlcs4.i586.rpm f61efb3779d0a12e46d46d2bb8f9d215 corporate/4.0/i586/libmysql-static-devel-5.0.45-7.3.20060mlcs4.i586.rpm 7def1d43eab3c3c4054f0b6bac55e80e corporate/4.0/i586/mysql-5.0.45-7.3.20060mlcs4.i586.rpm ed6e809beed005cac1b724ea5a751507 corporate/4.0/i586/mysql-bench-5.0.45-7.3.20060mlcs4.i586.rpm 2a6f16ce0444beea1f8a80bb07eac559 corporate/4.0/i586/mysql-client-5.0.45-7.3.20060mlcs4.i586.rpm 238d2b9b3c0eadaf766894aa02cdf43b corporate/4.0/i586/mysql-common-5.0.45-7.3.20060mlcs4.i586.rpm 1cd9946cb632883591376a1270bb1ef4 corporate/4.0/i586/mysql-max-5.0.45-7.3.20060mlcs4.i586.rpm 087825bca7a1bb16166b62c4a31a28ee corporate/4.0/i586/mysql-ndb-extra-5.0.45-7.3.20060mlcs4.i586.rpm 34bc6d6fa439d4b0b3559334e8521f71 corporate/4.0/i586/mysql-ndb-management-5.0.45-7.3.20060mlcs4.i586.rpm 75fa145c3a2f02b86fc679043ff92026 corporate/4.0/i586/mysql-ndb-storage-5.0.45-7.3.20060mlcs4.i586.rpm 1752c1ca9522c93e2f28949ac62d646b corporate/4.0/i586/mysql-ndb-tools-5.0.45-7.3.20060mlcs4.i586.rpm 28e52dceda0279ef95de899fa87c139d corporate/4.0/SRPMS/mysql-5.0.45-7.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: 13b1d4a7d09cff6303bd5e5844d78426 corporate/4.0/x86_64/lib64mysql15-5.0.45-7.3.20060mlcs4.x86_64.rpm 82872e45155c36baa749d54af29b21a8 corporate/4.0/x86_64/lib64mysql-devel-5.0.45-7.3.20060mlcs4.x86_64.rpm 8bd62bfdffa69779984483f407250f91 corporate/4.0/x86_64/lib64mysql-static-devel-5.0.45-7.3.20060mlcs4.x86_64.rpm 495cdc16d378e136a2a5ea36c2b796d2 corporate/4.0/x86_64/mysql-5.0.45-7.3.20060mlcs4.x86_64.rpm d3f0becb3e9c397d4e823d2bad84e5b7 corporate/4.0/x86_64/mysql-bench-5.0.45-7.3.20060mlcs4.x86_64.rpm acb36ea1030b70b3ccba79c0c6ea7990 corporate/4.0/x86_64/mysql-client-5.0.45-7.3.20060mlcs4.x86_64.rpm 5dad314f8cfaf582c627778931777a26 corporate/4.0/x86_64/mysql-common-5.0.45-7.3.20060mlcs4.x86_64.rpm b250f0d6f9065b5b13d2a90d26450df5 corporate/4.0/x86_64/mysql-max-5.0.45-7.3.20060mlcs4.x86_64.rpm 6e2c57a6c2c98eadba5b9dfd0ad749c5 corporate/4.0/x86_64/mysql-ndb-extra-5.0.45-7.3.20060mlcs4.x86_64.rpm 103b683521e544330b00ff12f590b603 corporate/4.0/x86_64/mysql-ndb-management-5.0.45-7.3.20060mlcs4.x86_64.rpm 13fd214bae5164df51d71c5b77cf9038 corporate/4.0/x86_64/mysql-ndb-storage-5.0.45-7.3.20060mlcs4.x86_64.rpm afa36b210745a77019a09891c9b6e61e corporate/4.0/x86_64/mysql-ndb-tools-5.0.45-7.3.20060mlcs4.x86_64.rpm 28e52dceda0279ef95de899fa87c139d corporate/4.0/SRPMS/mysql-5.0.45-7.3.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJ7xuFmqjQ0CJFipgRArMDAKDERKZ0Z2qU0C9YOnLvh9sUQCIgxACeKSpC eJZtPU8pHegqERNdHbgZoM8= =Q7aJ -----END PGP SIGNATURE-----
