| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Feb 2006 18:49:00 -0700 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDKSA-2006:045 ] - Updated MySQL packages fix temporary file vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:045 http://www.mandriva.com/security/ _______________________________________________________________________ Package : MySQL Date : February 21, 2006 Affected: 10.2 _______________________________________________________________________ Problem Description: Eric Romang discovered a temporary file vulnerability in the mysql_install_db script provided with MySQL. This vulnerability only affects versions of MySQL 4.1.x prior to 4.1.12. The updated packages have been patched to address this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1636 _______________________________________________________________________ Updated Packages: Mandriva Linux 10.2: 68b34c38c82c27ca31d2baed83a7353c 10.2/RPMS/libmysql14-4.1.11-1.2.102mdk.i586.rpm ff2aa669f4ac39b918d83203269e5bab 10.2/RPMS/libmysql14-devel-4.1.11-1.2.102mdk.i586.rpm 87c04e7a4c16c9cdbe11a4d51ba41b84 10.2/RPMS/MySQL-4.1.11-1.2.102mdk.i586.rpm 26df457cfe6a2297f638e160bbb083d4 10.2/RPMS/MySQL-bench-4.1.11-1.2.102mdk.i586.rpm a1cd9ffd2a5e9a34c0c2165d63487b8c 10.2/RPMS/MySQL-client-4.1.11-1.2.102mdk.i586.rpm cd993f9f7f10d0d8386aae1e518501c9 10.2/RPMS/MySQL-common-4.1.11-1.2.102mdk.i586.rpm e4fe37ca45a8709e87756406887fdc70 10.2/RPMS/MySQL-Max-4.1.11-1.2.102mdk.i586.rpm 0c59d5a6a5e30db8c598efb61a7a3fb9 10.2/RPMS/MySQL-NDB-4.1.11-1.2.102mdk.i586.rpm b947fbe93342addf36358ca650974636 10.2/SRPMS/MySQL-4.1.11-1.2.102mdk.src.rpm Mandriva Linux 10.2/X86_64: 774f3aa1d7038fcc14a6a679773f7dba x86_64/10.2/RPMS/lib64mysql14-4.1.11-1.2.102mdk.x86_64.rpm 1df660a23ca509283468f7b8db1ad86f x86_64/10.2/RPMS/lib64mysql14-devel-4.1.11-1.2.102mdk.x86_64.rpm df70950e1bc6c33ea49968b0f965c01e x86_64/10.2/RPMS/MySQL-4.1.11-1.2.102mdk.x86_64.rpm 67b8d7f07343184737f4ad96b52e01d3 x86_64/10.2/RPMS/MySQL-bench-4.1.11-1.2.102mdk.x86_64.rpm f78f0e0a7d20f0899b606946a6dbbad0 x86_64/10.2/RPMS/MySQL-client-4.1.11-1.2.102mdk.x86_64.rpm 6c6b4c3f4984bb2ad12cfeb729722e48 x86_64/10.2/RPMS/MySQL-common-4.1.11-1.2.102mdk.x86_64.rpm 06662ba4375fee0ef1e3b246fd2273a4 x86_64/10.2/RPMS/MySQL-Max-4.1.11-1.2.102mdk.x86_64.rpm 7f7ebae4d154a6f0adecc76fa03abc2b x86_64/10.2/RPMS/MySQL-NDB-4.1.11-1.2.102mdk.x86_64.rpm b947fbe93342addf36358ca650974636 x86_64/10.2/SRPMS/MySQL-4.1.11-1.2.102mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFD+5fumqjQ0CJFipgRAg87AKCs7t4DxPc2V2xM532QLBVhG6MDPgCgxXFp uAwGPKH5dbJn9AbJsmwUIic= =QTiD -----END PGP SIGNATURE-----
Powered by blists - more mailing lists