Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
From: Noah Meyerhans <noahm () debian org>
Date: Mon, 26 Nov 2007 18:20:12 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1413-1                  security () debian org
http://www.debian.org/security/                           Noah Meyerhans
November 26, 2007                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1
Vulnerability  : multiple
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-2583, CVE-2007-2691, CVE-2007-2692 
                 CVE-2007-3780, CVE-2007-3782, CVE-2007-5925
Debian Bug     : 426353, 424778, 424778, 451235

Several vulnerabilities have been found in the MySQL database packages
with implications ranging from unauthorized database modifications to
remotely triggered server crashes.

CVE-2007-2583

        The in_decimal::set function in item_cmpfunc.cc in MySQL
        before 5.0.40 allows context-dependent attackers to cause a
        denial of service (crash) via a crafted IF clause that results
        in a divide-by-zero error and a NULL pointer dereference.
        (Affects source version 5.0.32)

CVE-2007-2691

        MySQL does not require the DROP privilege for RENAME TABLE
        statements, which allows remote authenticated users to rename
        arbitrary tables. (All supported versions affected.)

CVE-2007-2692

        The mysql_change_db function does not restore THD::db_access
        privileges when returning from SQL SECURITY INVOKER stored
        routines, which allows remote authenticated users to gain
        privileges.  (Affects source version 5.0.32)

CVE-2007-3780

        MySQL could be made to overflow a signed char during
        authentication. Remote attackers could use specially crafted
        authentication requests to cause a denial of
        service. (Upstream source versions 4.1.11a and 5.0.32
        affected.)

CVE-2007-3782

        Phil Anderton discovered that MySQL did not properly verify
        access privileges when accessing external tables. As a result,
        authenticated users could exploit this to obtain UPDATE
        privileges to external tables.  (Affects source version
        5.0.32)

CVE-2007-5925

        The convert_search_mode_to_innobase function in ha_innodb.cc
        in the InnoDB engine in MySQL 5.1.23-BK and earlier allows
        remote authenticated users to cause a denial of service
        (database crash) via a certain CONTAINS operation on an
        indexed column, which triggers an assertion error.  (Affects
        source version 5.0.32)



For the stable distribution (etch), these problems have been fixed in
version 5.0.32-7etch3 of the mysql-dfsg-5.0 packages

For the old stable distribution (sarge), these problems have been
fixed in version 4.0.24-10sarge3 of mysql-dfsg and version
4.1.11a-4sarge8 of mysql-dfsg-4.1

We recommend that you upgrade your mysql packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
    Size/MD5 checksum:   158239 ceb5a1f5875bd86c34f1c8711fff1512
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32.orig.tar.gz
    Size/MD5 checksum: 16439441 f99df050b0b847adf7702b44e79ac877
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc
    Size/MD5 checksum:     1117 1f37ff72f1d5276c52b1adcebe796704

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb
    Size/MD5 checksum:    53548 5eab71c3e41f585dfb86f360cf9413a8
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb
    Size/MD5 checksum:    47306 e3e2cf556bcf98b077090b9aa1551973
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb
    Size/MD5 checksum:    45228 8ae0496a27a9919f0ef79100a294cb5c

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_alpha.deb
    Size/MD5 checksum: 27367610 5b031c91101fc26da9fce90649f6af4f
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_alpha.deb
    Size/MD5 checksum:  8406582 2a6b482ac43acc702aba070ac16410f1
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_alpha.deb
    Size/MD5 checksum:  1949566 65956545169d0494303614308dd5fc71
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_alpha.deb
    Size/MD5 checksum:    47356 eacd0a3b3588c14b26806e739e81c003
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_alpha.deb
    Size/MD5 checksum:  8912162 ef51f26850391ea2b46df1e479de7298

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_amd64.deb
    Size/MD5 checksum:  1829436 137139b9722adcad521d72048bc870a0
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_amd64.deb
    Size/MD5 checksum: 25937824 d0b8b7d295213217b780d5f78dd48753
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_amd64.deb
    Size/MD5 checksum:  7374926 c86423aa3d5024a1e9829e94686d0a80
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_amd64.deb
    Size/MD5 checksum:  7545502 c28dd59a10fe782a11ed92d4f41e02d3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_amd64.deb
    Size/MD5 checksum:    47334 00c4901d4a7e889d346788668d03b76d

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_hppa.deb
    Size/MD5 checksum:  1919950 77ed051af8da085483401586783168a6
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_hppa.deb
    Size/MD5 checksum:  8003408 df40aa6aae5261b7e19389b6aeccd517
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_hppa.deb
    Size/MD5 checksum:  8043764 9f2c5326cbe83478904b5fbb44a566d5
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_hppa.deb
    Size/MD5 checksum: 27053986 748ee990de95a70a1f12bf8d82836458
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_hppa.deb
    Size/MD5 checksum:    47338 2fbe0c22b854160efc3fbe57130d78cc

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb
    Size/MD5 checksum:  7188116 2c7a41713a396c8aecedc8b924f348a1
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb
    Size/MD5 checksum:  6968400 09df50c04d87f934b021188d28a6de56
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb
    Size/MD5 checksum:  1793210 1be98453fe240009dd910bb4f3ce6ecb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb
    Size/MD5 checksum: 25356378 112399fe4ec962c0ed807768880a7770
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb
    Size/MD5 checksum:    47336 c303c553a72e9819ea90efbd04973bbb

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_ia64.deb
    Size/MD5 checksum: 30405568 8daba01d54e639051eb5bffeada3e9cb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_ia64.deb
    Size/MD5 checksum:  9734712 d34c17a16de0cf2746fccb6abc920f84
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_ia64.deb
    Size/MD5 checksum:  2114634 eff36d5639abca158981d0d3b6855da5
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_ia64.deb
    Size/MD5 checksum:    47336 86b6a4b42b83c6e308ac4be5245a1e00
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_ia64.deb
    Size/MD5 checksum: 10338428 67eb004fa1fae7eb752fc3e328f24fc2

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mips.deb
    Size/MD5 checksum:  7655162 fb5957d30c35fcd1e94d478df13d126f
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mips.deb
    Size/MD5 checksum: 26336066 6068caefe4e50c1a0c7c1d2f016cfe89
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mips.deb
    Size/MD5 checksum:  1835184 7d23cc0b5d3d34fc1c965ae416355f07
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mips.deb
    Size/MD5 checksum:    47334 b81bf61ee49f02d6e952e86c1c7ef494
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mips.deb
    Size/MD5 checksum:  7748034 c2265fed6ee82de7a87429aaeb3f3834

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_mipsel.deb
    Size/MD5 checksum:  1788816 cda01fa6f2def40f0c947caa8f8c1da2
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_mipsel.deb
    Size/MD5 checksum:  7639546 afd466efeeddb85feaeef28987c03e35
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_mipsel.deb
    Size/MD5 checksum:    47340 d36af99d1b815f62f39149fddcbd27de
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_mipsel.deb
    Size/MD5 checksum: 25845048 20a84270663df2b65110a8b669aee37a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_mipsel.deb
    Size/MD5 checksum:  7559536 589510f9e026bde91e70c9b4ad78ea6a

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_powerpc.deb
    Size/MD5 checksum: 26161766 9ff509c8158d9f4381843daf29d90cb4
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_powerpc.deb
    Size/MD5 checksum:    47336 cbbc6088151475e9003d6ce245e7ea7a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_powerpc.deb
    Size/MD5 checksum:  7511054 c4d1aa7227f49402604aabb82ec391a2
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_powerpc.deb
    Size/MD5 checksum:  7572150 f67c846d62cf2da02e073d75f5e97831
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_powerpc.deb
    Size/MD5 checksum:  1831826 d2be47b8486e73a5056b29873fc5f379

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_s390.deb
    Size/MD5 checksum:  7507308 50acb63d4680441570d0180152af6dc4
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_s390.deb
    Size/MD5 checksum: 26762652 fe88146edc3286d12fc06596b55fb56a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_s390.deb
    Size/MD5 checksum:  7412232 2d4e9fbce49e7248b91de25f2524a12a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_s390.deb
    Size/MD5 checksum:  1951276 179a3a70d258114616e2aa98b43a7896
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_s390.deb
    Size/MD5 checksum:    47336 f89bb547bf6727493dccff6188c0bacd


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.dsc
    Size/MD5 checksum:      959 79f665363e1949c6848b9ccd79774d08
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24.orig.tar.gz
    Size/MD5 checksum:  9923794 aed8f335795a359f32492159e3edfaa3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge3.diff.gz
    Size/MD5 checksum:   100288 c8a09fb8a55fb6ae086d80aecc09e5f5
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc
    Size/MD5 checksum:     1021 3e72ca407001f3a821af22528aeb4167
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz
    Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz
    Size/MD5 checksum:   166363 3a827fee8740fbedbe7c114075351847

Architecture independent packages:

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge3_all.deb
    Size/MD5 checksum:    34692 ccc11adc92b89539535dadf270d47ffe
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge8_all.deb
    Size/MD5 checksum:    36954 13af7dbf0b5e55c57b22f66611d6f39c

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_alpha.deb
    Size/MD5 checksum:   524476 83c832e4a2c8740a07ec8ecc69850de3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_alpha.deb
    Size/MD5 checksum:  4896532 b9db7c1604c82b49b960266452f179b9
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb
    Size/MD5 checksum: 17499908 f7dbe472481d4404556f8b18c621b02a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb
    Size/MD5 checksum:  4534572 1782d264a4c7702af2d6bc3ca8b08ca4
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb
    Size/MD5 checksum:  1005618 89d391d8186f37393b6f6230e9749aa1
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_alpha.deb
    Size/MD5 checksum:  1592832 7e2b8f6c948fd331bbbbde5d9c68d459
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb
    Size/MD5 checksum:  7972820 924ddc2e807ced4e65d84a044d01c101
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_alpha.deb
    Size/MD5 checksum:   356840 49415e6524100bad42d375b8e1a746b5

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_amd64.deb
    Size/MD5 checksum:  3878532 bfd14013a3cfea4ada8c0bb4f61adac5
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb
    Size/MD5 checksum:  3182788 9f16c1b574b822b83af24b083e0bf008
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb
    Size/MD5 checksum:  5552302 68e16ff3668b2a97698f41351d4c5b14
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb
    Size/MD5 checksum:   850010 5746928e2118b74835ea6f9f33a3ff90
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_amd64.deb
    Size/MD5 checksum:   309618 9628c1cb0c3988e7a8ca4c1788e7bbfb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_amd64.deb
    Size/MD5 checksum:  1452492 b5f79b0bcdc6bf3b21b5f766ae94f1d9
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_amd64.deb
    Size/MD5 checksum:   434160 1a89003c4a9d54e9b8942232ee42ce1c
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb
    Size/MD5 checksum: 14711934 2176f9ed1b9049b049d6a755f201677a

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb
    Size/MD5 checksum: 15791836 18fc8a2cf9f1ff120c50a00579285ba7
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_hppa.deb
    Size/MD5 checksum:  1551666 2060ce8666a508dab761c3f6044f9de4
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb
    Size/MD5 checksum:  3314510 c3355ecb5c2b96478dea993a48e4ade1
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_hppa.deb
    Size/MD5 checksum:   330088 f81f69b7a00213483a2ee47961b0fa8a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb
    Size/MD5 checksum:   910486 34ce1dd85f8b3102c8320608db2ac49b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb
    Size/MD5 checksum:  6250742 e741c50def86f096fc3e5f33d2546e4b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_hppa.deb
    Size/MD5 checksum:   456142 15f3655a889ab79f32a05a6ec4e6d3eb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_hppa.deb
    Size/MD5 checksum:  3947328 2580ee426cdb77ecb018ad66a2de271a

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_i386.deb
    Size/MD5 checksum:   297144 9d9a3af124735f4f2ddc2bf2d8080441
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_i386.deb
    Size/MD5 checksum:  3652532 dc9c0f6c46d5cf4980626b8bf1478c2b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb
    Size/MD5 checksum:  5645942 e4cf4980b8dcd3ade7f97744ff7cd627
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_i386.deb
    Size/MD5 checksum:   417172 6d0d21ab328bb10704a453018a9fbe0f
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_i386.deb
    Size/MD5 checksum:  1418578 c3c5800beb238eadcb44bc5cae668a09
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_i386.deb
    Size/MD5 checksum:   831594 1e9acc111598dbeae29405174e98f8eb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_i386.deb
    Size/MD5 checksum: 14573956 cf379b4463dc21d6afe6bbc4d66e2e46
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb
    Size/MD5 checksum:  2921244 524bcb7f1d70efd731623e0f9a1d60e2

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb
    Size/MD5 checksum:  4472620 c8fc82cd6fde1292e8c8ecaa52010208
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb
    Size/MD5 checksum: 18476390 00d4a9e3dbb4d4aaf6413956f11fda92
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_ia64.deb
    Size/MD5 checksum:  1713832 6a39a0d7365c737be61622837bac5dca
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb
    Size/MD5 checksum:  7783060 37a93f7334445189a7da139eb49823bb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_ia64.deb
    Size/MD5 checksum:   395506 132724ad264cc04490ea24e748ce1851
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_ia64.deb
    Size/MD5 checksum:  5328724 b1b99174117f19d4c4b9c623ed01df56
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb
    Size/MD5 checksum:  1051002 41347335283f500399239a1f1a4775d8
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_ia64.deb
    Size/MD5 checksum:   563102 6b985dc902aae54259452d31df50cd24

m68k architecture (Motorola Mc680x0)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb
    Size/MD5 checksum: 14072444 45218793b9ec9add8c60d7d5b9d5ecff
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_m68k.deb
    Size/MD5 checksum:  1398428 ce0c0458d7823cf25b16597478b4c642
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb
    Size/MD5 checksum:  5284906 3e5fa51be89bd067204ae48559861520
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb
    Size/MD5 checksum:  2665842 ab25785d95a7f3fdadb378be8b06cd0e
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb
    Size/MD5 checksum:   804284 6004dfa406aea7d976c66ad16e719ed7
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_m68k.deb
    Size/MD5 checksum:   279626 a4b26bba2ac95ad3143151284bfeba94
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_m68k.deb
    Size/MD5 checksum:   390416 eca95af258b0c05d028da111b56a4861
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_m68k.deb
    Size/MD5 checksum:  3293164 f8a2690deb9bfa8aaee3e687da053b8f

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb
    Size/MD5 checksum:  3182420 da3365e2f5591091b8dac2b0971ecc06
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb
    Size/MD5 checksum:  6053548 8279dfc879a2b2a59f63600a96fdca39
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mips.deb
    Size/MD5 checksum:  3813468 bdcb203b023634e31be39fd620fdbc2b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mips.deb
    Size/MD5 checksum:  1479412 86378b3184949727fb41c09b4d4ca7c6
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mips.deb
    Size/MD5 checksum: 15410656 11b75dc0f14e6f9269c05687619588f6
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mips.deb
    Size/MD5 checksum:   904966 5eda6f9a63f4de3822fbdab24b2032a3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mips.deb
    Size/MD5 checksum:   457402 757c58c311483de54a36d08769f9c1a7
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mips.deb
    Size/MD5 checksum:   314286 4c4ada1ce8947b6966fcddb5f22f95d5

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb
    Size/MD5 checksum:   890636 ce0dd4c2e900f46d4dc05ad8133e3a88
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_mipsel.deb
    Size/MD5 checksum:  3800518 c00e254b7f48ae49290cd7dd31753d7a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb
    Size/MD5 checksum:  5971808 9629c320f1af7853259439fdeae30780
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb
    Size/MD5 checksum:  1446828 6d41d040546857e1f9761f24bab9eda3
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_mipsel.deb
    Size/MD5 checksum:   457406 652de57a0f442df039cd6d3b1f16d2de
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb
    Size/MD5 checksum:  3170108 e6aebf4bf3d5104ccc17344b45c57d6d
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb
    Size/MD5 checksum: 15105928 b9763453f6182b1d455318a3c33d1530
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_mipsel.deb
    Size/MD5 checksum:   313988 491f203b6400811b9e1e36564bc6ddde

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_powerpc.deb
    Size/MD5 checksum:  3842466 2917a7734614ffda7b05b7c405601aee
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_powerpc.deb
    Size/MD5 checksum:   464746 c27ca4aef0faba749ed9884a29426264
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb
    Size/MD5 checksum:  3184324 cfad0b1cbf4755e0207f499d8b7d8888
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb
    Size/MD5 checksum:   907956 524cb85860e1095c7f51cf9f99e41fe7
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb
    Size/MD5 checksum: 15403470 ab134b91f282ef187b9a1b8111b232ee
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_powerpc.deb
    Size/MD5 checksum:   315226 16e34511be65bced2891ad6c802758ee
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb
    Size/MD5 checksum:  6028094 a40f646aabe6fac0fed85d68e0f2e8af
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb
    Size/MD5 checksum:  1477348 4912345b9fa0387a45145c4a57943e90

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_s390.deb
    Size/MD5 checksum: 15055668 d9676ace09d308e85753c9948bf71260
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_s390.deb
    Size/MD5 checksum:   442530 5a5979fc69d824957df213a5359817af
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb
    Size/MD5 checksum:  2830430 1c10f46c702ac43421dab5fd31c99222
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_s390.deb
    Size/MD5 checksum:  3665930 9e8d73a35f26940bf5ad761a7fbc2cc9
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb
    Size/MD5 checksum:  5461984 d678870cdf69e36fa48f9e7805c8d226
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_s390.deb
    Size/MD5 checksum:  1539020 499b59166b4fb0645baa3cdb2640f9bb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_s390.deb
    Size/MD5 checksum:   884768 e1a53219771e9cda40724ef31d5aeb5a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_s390.deb
    Size/MD5 checksum:   324802 3c008c24e23b9388800c735085a2bffd

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge8_sparc.deb
    Size/MD5 checksum:  1460892 671fb72c4664b823d92a967fe62a6def
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge3_sparc.deb
    Size/MD5 checksum:   430132 53e0deb3e36c605c6e23e1f997ff1cfe
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge3_sparc.deb
    Size/MD5 checksum:   304778 5b7dcd84615b8d05da23e7a0aaf7d24b
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb
    Size/MD5 checksum: 15392390 3316fb8ca5d77ab41217556778e27a6c
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb
    Size/MD5 checksum:  3270084 c5639359a39f097fabbd579ddf9dcf9f
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb
    Size/MD5 checksum:   868724 1fdb7040fdae0efdbc0efe4a69a12ffb
  http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb
    Size/MD5 checksum:  6208522 7ca5e1f738d1071826f860343273d97a
  http://security.debian.org/pool/updates/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge3_sparc.deb
    Size/MD5 checksum:  3821768 3910007d21f7e4227b5bef66f8a4b54c


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce () lists debian org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHSv+/YrVLjBFATsMRAlCHAJ9AB25T6bY14dgWbrmSCk/oGPb88QCcDnfa
cNv7z3XtNIdgzOWP7e0r7wQ=
=4cUx
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities Noah Meyerhans (Nov 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault