Linux Security
Linux Security
Linux Security

Debian: New MySQL 4.1 packages fix several vulnerabilities

Date 04 Sep 2006
Posted By LinuxSecurity Advisories
Several local vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4226 CVE-2006-4380
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1169-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
September 5th, 2006           
- --------------------------------------------------------------------------

Package        : mysql-dfsg-4.1
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2006-4226 CVE-2006-4380
BugTraq ID     : 19559

Several local vulnerabilities have been discovered in the MySQL
database server.  The Common Vulnerabilities and Exposures project
identifies the following problems:


    Michal Prokopiuk discovered that remote authenticated users are
    permitted to create and access a database if the lowercase
    spelling is the same as one they have been granted access to.


    Beat Vontobel discovered that certain queries replicated to a
    slave could crash the client and thus terminate the replication.

For the stable distribution (sarge) these problems have been fixed in
version 4.1.11a-4sarge7.  Version 4.0 is not affected by these

For the unstable distribution (sid) these problems have been fixed in
version 5.0.24-3.  The replication problem only exists in version 4.1.

We recommend that you upgrade your mysql-server-4.1 package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:     1029 f78ce0ba986d5447bb8f97615a256d34
      Size/MD5 checksum:   171446 886a2834418b0dbf73f0a24601d6614b
      Size/MD5 checksum: 15771855 3c0582606a8903e758c2014c2481c7c3

  Architecture independent components:
      Size/MD5 checksum:    36734 693a8ef06aa29be6cad675de2a6a7f58

  Alpha architecture:
      Size/MD5 checksum:  1591008 095cb0959a26aa12ba1098ec1527f2f6
      Size/MD5 checksum:  7965692 2b360e6ce8675de52bf8ac0388b67e88
      Size/MD5 checksum:  1001216 935a4004111792c92283169faaf27a2b
      Size/MD5 checksum: 17487402 37fd9a23880da7f6c9d01f582de30b2a

  AMD64 architecture:
      Size/MD5 checksum:  1452264 613001b313f49f98b3642fdbb1cefd47
      Size/MD5 checksum:  5552006 e07c66d2d0775fabe1873b63326f91ce
      Size/MD5 checksum:   849788 d2ac22320d4990db02c7ef669801f8a9
      Size/MD5 checksum: 14711714 ff7e791223a16ea3db62bebb61199991

  ARM architecture:
      Size/MD5 checksum:  1389010 e78ef65cabee94c4bb980ddba4858101
      Size/MD5 checksum:  5559036 05d9e88ab7b202066bde6412faa5610e
      Size/MD5 checksum:   837066 2ce1305c8ec4cc9f13180b9643060b5e
      Size/MD5 checksum: 14558032 394408c010fecbd7dd56c189a707c9dc

  HP Precision architecture:
      Size/MD5 checksum:  1551436 2140033cb49600177d143589a4d5f5e5
      Size/MD5 checksum:  6250450 2ac95caa193ffe8da3ee5a1f3666a6e9
      Size/MD5 checksum:   910286 4ea3496ccfcaf43267ac696d82a5b241
      Size/MD5 checksum: 15791676 0100c389eed339cc92adf996903d325e

  Intel IA-32 architecture:
      Size/MD5 checksum:  1418264 58cb49aa03d8635c6d89fc7a7a4bfeed
      Size/MD5 checksum:  5644334 4d28d754a1b1806a9c884d50507e9bbe
      Size/MD5 checksum:   830950 7591a44d9a2a5113d81724af061553c7
      Size/MD5 checksum: 14558420 5118b4d564821315737f5c36cd76da2a

  Intel IA-64 architecture:
      Size/MD5 checksum:  1713606 6947d7391e6eda458e11af75136facec
      Size/MD5 checksum:  7782698 617e920c805eb801485d9407abea748c
      Size/MD5 checksum:  1050822 036df024dd1fc33786cc39665e874ca8
      Size/MD5 checksum: 18476104 1ad4add7db75445e9ba57b5675df117a

  Motorola 680x0 architecture:
      Size/MD5 checksum:  1398210 dc9e4c11345095e4fb8d09633e2d3cc1
      Size/MD5 checksum:  5284390 58ceec50857da346c543371d1a7c2cb1
      Size/MD5 checksum:   804080 e8901755fad09fbacff320e695640998
      Size/MD5 checksum: 14072066 3f2688ab0826890c0ce7c96010059d9d

  Big endian MIPS architecture:
      Size/MD5 checksum:  1479186 0ee29d53649f758a92cd30d34c76ee44
      Size/MD5 checksum:  6053370 325e30177b30512ddfc21b3a29c9ef35
      Size/MD5 checksum:   904744 822028a9dc30c8184fb39e7d3702b584
      Size/MD5 checksum: 15410530 2350cc94b072a7370335920f2b71c00c

  Little endian MIPS architecture:
      Size/MD5 checksum:  1446606 bddf2675d1c6d4612124add24decfb04
      Size/MD5 checksum:  5971626 0a9612cf1b841d18528494266e456466
      Size/MD5 checksum:   890406 ce87ddbff8e3ccf21ee50b1f1b5ea6af
      Size/MD5 checksum: 15105788 e55f9025ab01276e6b56674d3788fc21

  PowerPC architecture:
      Size/MD5 checksum:  1477098 e6e5c35fd56e9c8fb300dbc2c27ce367
      Size/MD5 checksum:  6027864 c60d3023d5a353b6f65bd1e0b9eb3acc
      Size/MD5 checksum:   907698 197e9976c06dcf131d5ce4a84782ff18
      Size/MD5 checksum: 15403250 7294d99a4b1184c27943064d7ea8a2a3

  IBM S/390 architecture:
      Size/MD5 checksum:  1538810 7c0ef4dd57c055eb2776e479ccccc30d
      Size/MD5 checksum:  5461924 44b8f22c760e7897986d1ad51a1f43fd
      Size/MD5 checksum:   884554 7a677766c77b2853e5b9732a1c13abc4
      Size/MD5 checksum: 15055448 8577cf00fc82d39b576a6d5f03c9ed10

  Sun Sparc architecture:
      Size/MD5 checksum:  1460740 6b26255d617fef7d78f32ace3d2820ef
      Size/MD5 checksum:  6208326 e609ca26560489ded95cc1099b76a04c
      Size/MD5 checksum:   868486 a44ad9b7c9ded79533b610bd0ac36672
      Size/MD5 checksum: 15392204 2d2de1308dc7ef64dfbf8f47ffe1d2e9

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"64","type":"x","order":"1","pct":76.19,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"13","type":"x","order":"2","pct":15.48,"resources":[]},{"id":"181","title":"Hardly ever","votes":"7","type":"x","order":"3","pct":8.33,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.