Debian DSA 562-1 Critical: MySQL Remote Issues Resolved
debian
October 11, 2004
Severl problems have been discovered in MySQL, a commonly used SQL database on Unix servers.
Topics Covered
Summary
Severl problems have been discovered in MySQL, a commonly used SQL
database on Unix servers. The following problems have been identified
by the Common Vulnerabilities and Exposures Project:
CAN-2004-0835
Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks
CREATE/INSERT rights of the old table instead of the new one.
CAN-2004-0836
Lukasz Wojtow noticed a buffer overrun in the mysql_real_connect
function.
CAN-2004-0837
Dean Ellis noticed that multiple threads ALTERing the same (or
different) MERGE tables to change the UNION can cause the server
to crash or stall.
For the stable distribution (woody) these problems have been fixed in
version 3.23.49-8.8.
For the unstable distribution (sid) these problems have been fixed in
version 4.0.21-1.
We recommend that you upgrade your mysql and related packages and
restart services linking against them (e.g. Apache/PHP).
Upgrade Instructions
--------------------
wget url
will fetch the file for you
dpkg -i file.deb
w...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: mysql
CVE ID: CAN-2004-0835 CAN-2004-0836 CAN-2004-0837
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!