Home page logo
/

bugtraq logo Bugtraq mailing list archives

[ MDVSA-2010:155 ] mysql
From: security () mandriva com
Date: Fri, 20 Aug 2010 16:22:07 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:155
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : mysql
 Date    : August 20, 2010
 Affected: 2010.0, 2010.1
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in mysql:
 
 MySQL before 5.1.48 allows remote authenticated users with alter
 database privileges to cause a denial of service (server crash
 and database loss) via an ALTER DATABASE command with a #mysql50#
 string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or
 similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which
 causes MySQL to move certain directories to the server data directory
 (CVE-2010-2008).
 
 Additionally many security issues noted in the 5.1.49 release notes
 has been addressed with this advisory as well, such as:
 
 * LOAD DATA INFILE did not check for SQL errors and sent an OK packet
 even when errors were already reported. Also, an assert related to
 client-server protocol checking in debug servers sometimes was raised
 when it should not have been. (Bug#52512)
 
 * Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY
 (SELECT ... WHERE ...) could cause a server crash. (Bug#52711)
 
 * The server could crash if there were alternate reads from two
 indexes on a table using the HANDLER interface. (Bug#54007)
 
 * A malformed argument to the BINLOG statement could result in Valgrind
 warnings or a server crash. (Bug#54393)
 
 * Incorrect handling of NULL arguments could lead to a crash for IN()
 or CASE operations when NULL arguments were either passed explicitly
 as arguments (for IN()) or implicitly generated by the WITH ROLLUP
 modifier (for IN() and CASE). (Bug#54477)
 
 * Joins involving a table with with a unique SET column could cause
 a server crash. (Bug#54575)
 
 * Use of TEMPORARY  InnoDB tables with nullable columns could cause
 a server crash. (Bug#54044)
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2008
 http://bugs.mysql.com/bug.php?id=52512
 http://bugs.mysql.com/bug.php?id=52711
 http://bugs.mysql.com/bug.php?id=54007
 http://bugs.mysql.com/bug.php?id=54393
 http://bugs.mysql.com/bug.php?id=54477
 http://bugs.mysql.com/bug.php?id=54575
 http://bugs.mysql.com/bug.php?id=54044
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 e0181e6f02a4d75da4844afb468a2272  2010.0/i586/libmysql16-5.1.42-0.6mdv2010.0.i586.rpm
 90babf8758412eedecb7eb6c9881d1a9  2010.0/i586/libmysql-devel-5.1.42-0.6mdv2010.0.i586.rpm
 217ebcccf4b1af0701bdcf042165be12  2010.0/i586/libmysql-static-devel-5.1.42-0.6mdv2010.0.i586.rpm
 6b1a9b256eb1d1449609a9e914f7664e  2010.0/i586/mysql-5.1.42-0.6mdv2010.0.i586.rpm
 7add987091592e974e8ae64994c82313  2010.0/i586/mysql-bench-5.1.42-0.6mdv2010.0.i586.rpm
 a13c5bb98abb9aba82fb80dcb27e2752  2010.0/i586/mysql-client-5.1.42-0.6mdv2010.0.i586.rpm
 8b2847d65735c38458c77153072a281e  2010.0/i586/mysql-common-5.1.42-0.6mdv2010.0.i586.rpm
 86567fb759318246336f7077d6c13709  2010.0/i586/mysql-common-core-5.1.42-0.6mdv2010.0.i586.rpm
 e8a3c6e59eb5321d13ad1a863465f6ef  2010.0/i586/mysql-core-5.1.42-0.6mdv2010.0.i586.rpm
 b54c2338358f35dfb1292d615583ea2a  2010.0/i586/mysql-doc-5.1.42-0.6mdv2010.0.i586.rpm
 1b4987ab9f81a4c0cd8e44e2bb2433c4  2010.0/i586/mysql-max-5.1.42-0.6mdv2010.0.i586.rpm
 38c17d5f3d550d81dc14f38b7a5dc73d  2010.0/i586/mysql-ndb-extra-5.1.42-0.6mdv2010.0.i586.rpm
 75cde53e6cc55176915cdd510419052c  2010.0/i586/mysql-ndb-management-5.1.42-0.6mdv2010.0.i586.rpm
 522dd59860efcf76b2ecbd598e1fbba4  2010.0/i586/mysql-ndb-storage-5.1.42-0.6mdv2010.0.i586.rpm
 a2fbac8608bd716b13b24644fc4e28c5  2010.0/i586/mysql-ndb-tools-5.1.42-0.6mdv2010.0.i586.rpm 
 9a02ff536f50d0dec97097d94d24c7e6  2010.0/SRPMS/mysql-5.1.42-0.6mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 dfa125382cbe6a86a3e2747c40e80556  2010.0/x86_64/lib64mysql16-5.1.42-0.6mdv2010.0.x86_64.rpm
 968922e7d30ad10adc07e494df043f65  2010.0/x86_64/lib64mysql-devel-5.1.42-0.6mdv2010.0.x86_64.rpm
 6fc264fa829f9e1843bfe1fa2034b7c7  2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.6mdv2010.0.x86_64.rpm
 13b2e24a215b63f36eb530b352a67ad3  2010.0/x86_64/mysql-5.1.42-0.6mdv2010.0.x86_64.rpm
 e32753015f97d63a4bc07e88d9823250  2010.0/x86_64/mysql-bench-5.1.42-0.6mdv2010.0.x86_64.rpm
 c06b10d407d93365d728eacecf54ae2b  2010.0/x86_64/mysql-client-5.1.42-0.6mdv2010.0.x86_64.rpm
 f89dc39e6cc7a5c4e567f8c92cff9c5d  2010.0/x86_64/mysql-common-5.1.42-0.6mdv2010.0.x86_64.rpm
 8983a954ac90e6f57b3b6b93dd5a390d  2010.0/x86_64/mysql-common-core-5.1.42-0.6mdv2010.0.x86_64.rpm
 d656b12ce58632088b1156685f5e02ed  2010.0/x86_64/mysql-core-5.1.42-0.6mdv2010.0.x86_64.rpm
 233eedc8496ebcc87fd816e2a571c800  2010.0/x86_64/mysql-doc-5.1.42-0.6mdv2010.0.x86_64.rpm
 8eab7f59e2cd28e04e2fac6b27b248e3  2010.0/x86_64/mysql-max-5.1.42-0.6mdv2010.0.x86_64.rpm
 4b3c37814d862cbbce00af6fa9c84e0f  2010.0/x86_64/mysql-ndb-extra-5.1.42-0.6mdv2010.0.x86_64.rpm
 cb105cd46742d7c16f60197a7a7d5164  2010.0/x86_64/mysql-ndb-management-5.1.42-0.6mdv2010.0.x86_64.rpm
 1405a62c2ed606a611e9ea05323c17d2  2010.0/x86_64/mysql-ndb-storage-5.1.42-0.6mdv2010.0.x86_64.rpm
 9fe486a7b2aeacb8f44e1254538a4bbf  2010.0/x86_64/mysql-ndb-tools-5.1.42-0.6mdv2010.0.x86_64.rpm 
 9a02ff536f50d0dec97097d94d24c7e6  2010.0/SRPMS/mysql-5.1.42-0.6mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 9b26917d3f8a0867796ed4b0abf3b593  2010.1/i586/libmysql16-5.1.46-4.1mdv2010.1.i586.rpm
 a66497934fc6a7f6ddedb23b377f30eb  2010.1/i586/libmysql-devel-5.1.46-4.1mdv2010.1.i586.rpm
 4f576adb88c4059dc6a032b6def9d3c7  2010.1/i586/libmysql-static-devel-5.1.46-4.1mdv2010.1.i586.rpm
 fc09d0963ef6137b890cebc3f2bcfb7f  2010.1/i586/mysql-5.1.46-4.1mdv2010.1.i586.rpm
 6c380457de4d14b2fb5c2bb9d7ccef2a  2010.1/i586/mysql-bench-5.1.46-4.1mdv2010.1.i586.rpm
 abe986ae0c4f41a836aa41e1994a2bf7  2010.1/i586/mysql-client-5.1.46-4.1mdv2010.1.i586.rpm
 7b91ade7f6ca9849cbc575d2c4509351  2010.1/i586/mysql-common-5.1.46-4.1mdv2010.1.i586.rpm
 8d426b99b7a65269f64366f2deb9a955  2010.1/i586/mysql-common-core-5.1.46-4.1mdv2010.1.i586.rpm
 050e1d41c7c8923a6b66fc954962dc73  2010.1/i586/mysql-core-5.1.46-4.1mdv2010.1.i586.rpm
 9d92266b348047b2d5c2314320a81453  2010.1/i586/mysql-plugin_pbxt-1.0.10-13.1mdv2010.1.i586.rpm
 46b4f2dd48c3b4c976ec32f497e64eec  2010.1/i586/mysql-plugin_pinba-0.0.5-13.1mdv2010.1.i586.rpm
 d68b654e70ae110b4fd39f8025fa2826  2010.1/i586/mysql-plugin_revision-0.1-13.1mdv2010.1.i586.rpm
 812f10b106f16d9f38f6b69bcda22d9c  2010.1/i586/mysql-plugin_sphinx-0.9.9-13.1mdv2010.1.i586.rpm
 45a49833d1714319fa9236190dfa2390  2010.1/i586/mysql-plugin_spider-2.13-13.1mdv2010.1.i586.rpm 
 fa916f4e032d28a6e0c8036026db9a26  2010.1/SRPMS/mysql-5.1.46-4.1mdv2010.1.src.rpm

 Mandriva Linux 2010.1/X86_64:
 937f600c8f2ba9e76da5fc3b817106f7  2010.1/x86_64/lib64mysql16-5.1.46-4.1mdv2010.1.x86_64.rpm
 5c504645dd2944a1fc894fef5f9960c6  2010.1/x86_64/lib64mysql-devel-5.1.46-4.1mdv2010.1.x86_64.rpm
 a9e3f0fd47eb4c3064675b99d92874bd  2010.1/x86_64/lib64mysql-static-devel-5.1.46-4.1mdv2010.1.x86_64.rpm
 693048d4d8d9b5608bbf5ba781701195  2010.1/x86_64/mysql-5.1.46-4.1mdv2010.1.x86_64.rpm
 5a8b8519ab0002bf676abb0f912fab24  2010.1/x86_64/mysql-bench-5.1.46-4.1mdv2010.1.x86_64.rpm
 64b96e2ba5f040d98efe3c8057876873  2010.1/x86_64/mysql-client-5.1.46-4.1mdv2010.1.x86_64.rpm
 db25c98330349452f20edbb74b5e82b4  2010.1/x86_64/mysql-common-5.1.46-4.1mdv2010.1.x86_64.rpm
 e06e683b1ca6ed4def6e03cfc13569ae  2010.1/x86_64/mysql-common-core-5.1.46-4.1mdv2010.1.x86_64.rpm
 0a6801cf988f8a0d6cd7b24ba8a12c4a  2010.1/x86_64/mysql-core-5.1.46-4.1mdv2010.1.x86_64.rpm
 63c665a719242eab65168ec1dfcbc767  2010.1/x86_64/mysql-plugin_pbxt-1.0.10-13.1mdv2010.1.x86_64.rpm
 57498e5bfa7e9c89774321f68308beb6  2010.1/x86_64/mysql-plugin_pinba-0.0.5-13.1mdv2010.1.x86_64.rpm
 df8ec7acf48ae5e1d5263548594e7439  2010.1/x86_64/mysql-plugin_revision-0.1-13.1mdv2010.1.x86_64.rpm
 a048ac261564614081ab2f7296cf74be  2010.1/x86_64/mysql-plugin_sphinx-0.9.9-13.1mdv2010.1.x86_64.rpm
 9655f023de18252ad567604460f635fb  2010.1/x86_64/mysql-plugin_spider-2.13-13.1mdv2010.1.x86_64.rpm 
 fa916f4e032d28a6e0c8036026db9a26  2010.1/SRPMS/mysql-5.1.46-4.1mdv2010.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMbmOOmqjQ0CJFipgRAn/ZAKDCQuwf6wGQjZP6dv7gdzhPCcXRAACg08IZ
iLdlzoOV+tPqxaisYBfG0CY=
=O6Zj
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • [ MDVSA-2010:155 ] mysql security (Aug 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]