| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Sep 2003 18:59:39 -0300 From: Conectiva Updates <secure@...ectiva.com.br> To: conectiva-updates@...aleguas.conectiva.com.br, lwn@....net, bugtraq@...urityfocus.com, security-alerts@...uxsecurity.com, linsec@...ts.seifried.org Subject: [CLA-2003:743] Conectiva Security Announcement - MySQL -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : MySQL SUMMARY : Several Vulnerabilities DATE : 2003-09-18 18:59:00 ID : CLA-2003:743 RELEVANT RELEASES : 7.0, 8, 9 - ------------------------------------------------------------------------- DESCRIPTION MySQL is a very popular SQL database, distributed under the GNU-GPL license. This update fixes three vulnerabilities in the versions of MySQL distributed with Conectiva Linux: 1. Double free vulnerability[1] in the mysql_change_user() function. An attacker with access to the MySQL server can exploit this vulnerability to at least cause a denial of service condition (crash the MySQL server process) by sending specially crafted data from a client application. 2. World writeable configuration files vulnerability[2]. An attacker with access to the MySQL server can create/overwrite a MySQL configuration file using a "SELECT * INFO OUTFILE" command. This can be exploited to, for example, cause MySQL to run as root upon restart. 3. Password handler buffer overflow vulnerability. Frank Denis reported[3] a buffer overflow vulnerability in the password handling functions of MySQL. An attacker with global administrative privileges on the MySQL server can exploit this vulnerability to execute arbitrary code with the privileges of the user the MySQL server process is running as. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2003-0073[4], CAN-2003-0150[5] and CAN-2003-0780[6] to these issues, respectively. This update brings the latest stable MySQL version available from the 3.23 serie (3.23.58). Besides the fix or the aforementioned vulnerabilities, this new version includes several other bugfixes and minor enhancements, which can be seen in the project changelogs[7]. SOLUTION We recommend that all MySQL users upgrade their packages as soon as possible. IMPORTANT: after the upgrade the mysql service must be restarted manually. In order to do that, run the following command as root: # /sbin/service mysql restart REFERENCES: 1.http://www.mysql.com/doc/en/News-3.23.55.html 2.http://www.securityfocus.com/archive/1/314391 3.http://www.securityfocus.com/archive/1/337012 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0073 5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0150 6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0780 7.http://www.mysql.com/doc/en/News-3.23.x.html UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-bench-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-client-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-devel-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-devel-static-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/MySQL-doc-3.23.58-1U70_4cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/MySQL-3.23.58-1U70_4cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-bench-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-client-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-devel-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-devel-static-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/MySQL-doc-3.23.58-1U80_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/MySQL-3.23.58-1U80_3cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-bench-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-client-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-devel-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-devel-static-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/MySQL-doc-3.23.58-20507U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/MySQL-3.23.58-20507U90_1cl.src.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@...aleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@...aleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/airK42jd0JmAcZARAl0jAJ98hVMBeh+AbvuOv7VmWUPCDApXGQCeJX8k gFBGtnLL+tdhLQW/o89/g9c= =fuDl -----END PGP SIGNATURE-----
Powered by blists - more mailing lists