Re: CVE request, security issues fixed in MySQL 5.1.51

[Josh Bressers <bressers () redhat com>]

Steve,

Can MITRE handle this one?

Thanks.

-- 
    JB


----- "Vincent Danen" <vdanen () redhat com> wrote:

> MySQL 5.1.51 corrects a few security flaws.  Could we get some CVEs
> assigned?
>
> http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html
>
> Security Fix: During evaluation of arguments to extreme-value
> functions
> (such as LEAST() and GREATEST()), type errors did not propagate
> properly, causing the server to crash. (Bug#55826)
>
>
> Security Fix: The server could crash after materializing a derived
> table
> that required a temporary table for grouping. (Bug#55568)
>
>
> Security Fix: A user-variable assignment expression that is evaluated
> in
> a logical expression context can be precalculated in a temporary
> table
> for GROUP BY. However, when the expression value is used after
> creation
> of the temporary table, it was re-evaluated, not read from the table
> and
> a server crash resulted. (Bug#55564)
>
>
> Security Fix: Pre-evaluation of LIKE predicates during view
> preparation
> could cause a server crash. (Bug#54568)
>
>
> Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
> server crash. (Bug#54476)
>
>
> Security Fix: Queries could cause a server crash if the GREATEST() or
> LEAST() function had a mixed list of numeric and LONGBLOB arguments,
> and
> the result of such a function was processed using an intermediate
> temporary table. (Bug#54461)
>
>
> Security Fix: Queries with nested joins could cause an infinite loop
> in
> the server when used from stored procedures and prepared statements.
> (Bug#53544)
>
>
> Thanks!
>
> -- 
> Vincent Danen / Red Hat Security Response Team