[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1LwfTR-00067y-1M@titan.mandriva.com>
Date: Wed, 22 Apr 2009 18:39:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:094 ] mysql
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:094
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mysql
Date : April 22, 2009
Affected: 2008.1, 2009.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in mysql:
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6
does not properly handle a b'' (b single-quote single-quote) token,
aka an empty bit-string literal, which allows remote attackers to
cause a denial of service (daemon crash) by using this token in a
SQL statement (CVE-2008-3963).
MySQL 5.0.51a allows local users to bypass certain privilege checks by
calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY
or (2) INDEX DIRECTORY arguments that are associated with symlinks
within pathnames for subdirectories of the MySQL home data directory,
which are followed when tables are created in the future. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2008-2079
(CVE-2008-4097).
MySQL before 5.0.67 allows local users to bypass certain privilege
checks by calling CREATE TABLE on a MyISAM table with modified (1)
DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally
associated with pathnames without symlinks, and that can point to
tables created at a future time at which a pathname is modified
to contain a symlink to a subdirectory of the MySQL home data
directory. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2008-4097 (CVE-2008-4098).
Cross-site scripting (XSS) vulnerability in the command-line client
in MySQL 5.0.26 through 5.0.45, when the --html option is enabled,
allows attackers to inject arbitrary web script or HTML by placing
it in a database cell, which might be accessed by this client when
composing an HTML document (CVE-2008-4456).
bugs in the Mandriva Linux 2008.1 packages that has been fixed:
o upstream fix for mysql bug35754 (#38398, #44691)
o fix #46116 (initialization file mysqld-max don't show correct
application status)
o fix upstream bug 42366
bugs in the Mandriva Linux 2009.0 packages that has been fixed:
o upgraded 5.0.67 to 5.0.77 (fixes CVE-2008-3963, CVE-2008-4097,
CVE-2008-4098)
o no need to workaround #38398, #44691 anymore (since 5.0.75)
o fix upstream bug 42366
o fix #46116 (initialization file mysqld-max don't show correct
application status)
o sphinx-0.9.8.1
bugs in the Mandriva Linux Corporate Server 4 packages that has
been fixed:
o fix upstream bug 42366
o fix #46116 (initialization file mysqld-max don't show correct
application status)
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.1:
9b4727c105c6bb91fe0109c48c6a62c7 2008.1/i586/libmysql15-5.0.51a-8.2mdv2008.1.i586.rpm
36f5d40e048209da259ffe577b26b197 2008.1/i586/libmysql-devel-5.0.51a-8.2mdv2008.1.i586.rpm
3bebe8b1b61d3740e363ebc6b5277984 2008.1/i586/libmysql-static-devel-5.0.51a-8.2mdv2008.1.i586.rpm
4381320bb57dd72b179f12854d4a19c0 2008.1/i586/mysql-5.0.51a-8.2mdv2008.1.i586.rpm
a354c4f603650556a45f45508085ee04 2008.1/i586/mysql-bench-5.0.51a-8.2mdv2008.1.i586.rpm
4ef771023a2ca2d3b4e0ab09f05196a4 2008.1/i586/mysql-client-5.0.51a-8.2mdv2008.1.i586.rpm
ed81d02b8375e951630ff140aee787f4 2008.1/i586/mysql-common-5.0.51a-8.2mdv2008.1.i586.rpm
cf37d0ee972f6b76608cc489fe741259 2008.1/i586/mysql-doc-5.0.51a-8.2mdv2008.1.i586.rpm
7dbe697e63e649d90fc10bd463c617c3 2008.1/i586/mysql-max-5.0.51a-8.2mdv2008.1.i586.rpm
bae41a72b59a29f2c8551a2797e952b6 2008.1/i586/mysql-ndb-extra-5.0.51a-8.2mdv2008.1.i586.rpm
2bfb6c5489c1385d9e0002042e18363f 2008.1/i586/mysql-ndb-management-5.0.51a-8.2mdv2008.1.i586.rpm
60acd7ec6ce976d0cc4acfe0c863b949 2008.1/i586/mysql-ndb-storage-5.0.51a-8.2mdv2008.1.i586.rpm
8176402e8f031009d503571c202d5d23 2008.1/i586/mysql-ndb-tools-5.0.51a-8.2mdv2008.1.i586.rpm
19db21438d94249221d0891420ccd5a4 2008.1/SRPMS/mysql-5.0.51a-8.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
e2416c3607efbc575cc39829b949abbd 2008.1/x86_64/lib64mysql15-5.0.51a-8.2mdv2008.1.x86_64.rpm
9b895531d53e5ba9dfc021b44f823533 2008.1/x86_64/lib64mysql-devel-5.0.51a-8.2mdv2008.1.x86_64.rpm
dbc865fb0174b6c224a4ac4aa407d9df 2008.1/x86_64/lib64mysql-static-devel-5.0.51a-8.2mdv2008.1.x86_64.rpm
9a51080fb59c70798278305989b66dce 2008.1/x86_64/mysql-5.0.51a-8.2mdv2008.1.x86_64.rpm
2599471a229267a60c85900816e06a6d 2008.1/x86_64/mysql-bench-5.0.51a-8.2mdv2008.1.x86_64.rpm
a4174b9642f7f38a20881e6ef2e26a09 2008.1/x86_64/mysql-client-5.0.51a-8.2mdv2008.1.x86_64.rpm
1e95a340c0b06efad67cf380a25f47d8 2008.1/x86_64/mysql-common-5.0.51a-8.2mdv2008.1.x86_64.rpm
3aede79c806ee16a3b372ac16423319e 2008.1/x86_64/mysql-doc-5.0.51a-8.2mdv2008.1.x86_64.rpm
593d76e5d1d80e01ea664b8abcad7886 2008.1/x86_64/mysql-max-5.0.51a-8.2mdv2008.1.x86_64.rpm
d229e1e2c6e9b3c22858f87a94a02c2d 2008.1/x86_64/mysql-ndb-extra-5.0.51a-8.2mdv2008.1.x86_64.rpm
9600603733943299e131deca88afd28f 2008.1/x86_64/mysql-ndb-management-5.0.51a-8.2mdv2008.1.x86_64.rpm
2cd0850a913ed9330111fc8c4677eed0 2008.1/x86_64/mysql-ndb-storage-5.0.51a-8.2mdv2008.1.x86_64.rpm
d8ba1a56b9d1af528182e97eeb789aa5 2008.1/x86_64/mysql-ndb-tools-5.0.51a-8.2mdv2008.1.x86_64.rpm
19db21438d94249221d0891420ccd5a4 2008.1/SRPMS/mysql-5.0.51a-8.2mdv2008.1.src.rpm
Mandriva Linux 2009.0:
1191b4a2117e57d3f05f7e0caa16f411 2009.0/i586/libmysql15-5.0.77-0.2mdv2009.0.i586.rpm
3d7d538d91e79060f28840895a19ae0e 2009.0/i586/libmysql-devel-5.0.77-0.2mdv2009.0.i586.rpm
ecba0d2d283106737b132b468c1452ea 2009.0/i586/libmysql-static-devel-5.0.77-0.2mdv2009.0.i586.rpm
a33ae4ff855bcad95944a3e370f5bbcb 2009.0/i586/mysql-5.0.77-0.2mdv2009.0.i586.rpm
05bbda41d412ae5718f59c1cb374347d 2009.0/i586/mysql-bench-5.0.77-0.2mdv2009.0.i586.rpm
02bf37b39c69440f132f63c47310bf71 2009.0/i586/mysql-client-5.0.77-0.2mdv2009.0.i586.rpm
e031d16609e22505c1d6227d89fd47ad 2009.0/i586/mysql-common-5.0.77-0.2mdv2009.0.i586.rpm
145910d58bffce4df2357ccd3c724148 2009.0/i586/mysql-doc-5.0.77-0.2mdv2009.0.i586.rpm
1e0d73afb856fe088070a287ca697350 2009.0/i586/mysql-max-5.0.77-0.2mdv2009.0.i586.rpm
64cfa38b7667d0d0de6b2e31ccf9bc5a 2009.0/i586/mysql-ndb-extra-5.0.77-0.2mdv2009.0.i586.rpm
246f05a349d63952e0e165e4c791f108 2009.0/i586/mysql-ndb-management-5.0.77-0.2mdv2009.0.i586.rpm
b868d15abbf241de5efcd36709da8528 2009.0/i586/mysql-ndb-storage-5.0.77-0.2mdv2009.0.i586.rpm
2c2ffe4bf5bb40cc58310b3715833a40 2009.0/i586/mysql-ndb-tools-5.0.77-0.2mdv2009.0.i586.rpm
d635c890e7c2fbca462bb64b7df3aa5b 2009.0/SRPMS/mysql-5.0.77-0.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
d58cbe41094a42e932be80d93edf150d 2009.0/x86_64/lib64mysql15-5.0.77-0.2mdv2009.0.x86_64.rpm
a22ef0c87675a2c0364ac16767e6344a 2009.0/x86_64/lib64mysql-devel-5.0.77-0.2mdv2009.0.x86_64.rpm
922ebba7d7d045b3f54ff1b938076cd7 2009.0/x86_64/lib64mysql-static-devel-5.0.77-0.2mdv2009.0.x86_64.rpm
ef2e3123fb0c76bbf00f5dfe07c23b7c 2009.0/x86_64/mysql-5.0.77-0.2mdv2009.0.x86_64.rpm
6ee14f2f4276c6ec68b2f08010d2e313 2009.0/x86_64/mysql-bench-5.0.77-0.2mdv2009.0.x86_64.rpm
245bf40c8682e7f383818a6372bb5878 2009.0/x86_64/mysql-client-5.0.77-0.2mdv2009.0.x86_64.rpm
3158cf10cba8acef4e4df1eee4f173a1 2009.0/x86_64/mysql-common-5.0.77-0.2mdv2009.0.x86_64.rpm
85e46c80b0388393aa0ba4664d6a0501 2009.0/x86_64/mysql-doc-5.0.77-0.2mdv2009.0.x86_64.rpm
788f14a27ab2b97003c97d38ccd30b3c 2009.0/x86_64/mysql-max-5.0.77-0.2mdv2009.0.x86_64.rpm
25e2dc9d6bce3b3ee4c79015f1a063d9 2009.0/x86_64/mysql-ndb-extra-5.0.77-0.2mdv2009.0.x86_64.rpm
bd887b6c4d2069e5123e8f4a16e49638 2009.0/x86_64/mysql-ndb-management-5.0.77-0.2mdv2009.0.x86_64.rpm
99ce6bafe9b4a7ceaf1b73d11f295f45 2009.0/x86_64/mysql-ndb-storage-5.0.77-0.2mdv2009.0.x86_64.rpm
dbfa0beec9664e3a318fd34c9a3b5fa6 2009.0/x86_64/mysql-ndb-tools-5.0.77-0.2mdv2009.0.x86_64.rpm
d635c890e7c2fbca462bb64b7df3aa5b 2009.0/SRPMS/mysql-5.0.77-0.2mdv2009.0.src.rpm
Corporate 4.0:
3557c7bb228099472a0c89e6d694d6e5 corporate/4.0/i586/libmysql15-5.0.45-7.3.20060mlcs4.i586.rpm
cfd1b37b291bd2a1181a1bd194b3e322 corporate/4.0/i586/libmysql-devel-5.0.45-7.3.20060mlcs4.i586.rpm
f61efb3779d0a12e46d46d2bb8f9d215 corporate/4.0/i586/libmysql-static-devel-5.0.45-7.3.20060mlcs4.i586.rpm
7def1d43eab3c3c4054f0b6bac55e80e corporate/4.0/i586/mysql-5.0.45-7.3.20060mlcs4.i586.rpm
ed6e809beed005cac1b724ea5a751507 corporate/4.0/i586/mysql-bench-5.0.45-7.3.20060mlcs4.i586.rpm
2a6f16ce0444beea1f8a80bb07eac559 corporate/4.0/i586/mysql-client-5.0.45-7.3.20060mlcs4.i586.rpm
238d2b9b3c0eadaf766894aa02cdf43b corporate/4.0/i586/mysql-common-5.0.45-7.3.20060mlcs4.i586.rpm
1cd9946cb632883591376a1270bb1ef4 corporate/4.0/i586/mysql-max-5.0.45-7.3.20060mlcs4.i586.rpm
087825bca7a1bb16166b62c4a31a28ee corporate/4.0/i586/mysql-ndb-extra-5.0.45-7.3.20060mlcs4.i586.rpm
34bc6d6fa439d4b0b3559334e8521f71 corporate/4.0/i586/mysql-ndb-management-5.0.45-7.3.20060mlcs4.i586.rpm
75fa145c3a2f02b86fc679043ff92026 corporate/4.0/i586/mysql-ndb-storage-5.0.45-7.3.20060mlcs4.i586.rpm
1752c1ca9522c93e2f28949ac62d646b corporate/4.0/i586/mysql-ndb-tools-5.0.45-7.3.20060mlcs4.i586.rpm
28e52dceda0279ef95de899fa87c139d corporate/4.0/SRPMS/mysql-5.0.45-7.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
13b1d4a7d09cff6303bd5e5844d78426 corporate/4.0/x86_64/lib64mysql15-5.0.45-7.3.20060mlcs4.x86_64.rpm
82872e45155c36baa749d54af29b21a8 corporate/4.0/x86_64/lib64mysql-devel-5.0.45-7.3.20060mlcs4.x86_64.rpm
8bd62bfdffa69779984483f407250f91 corporate/4.0/x86_64/lib64mysql-static-devel-5.0.45-7.3.20060mlcs4.x86_64.rpm
495cdc16d378e136a2a5ea36c2b796d2 corporate/4.0/x86_64/mysql-5.0.45-7.3.20060mlcs4.x86_64.rpm
d3f0becb3e9c397d4e823d2bad84e5b7 corporate/4.0/x86_64/mysql-bench-5.0.45-7.3.20060mlcs4.x86_64.rpm
acb36ea1030b70b3ccba79c0c6ea7990 corporate/4.0/x86_64/mysql-client-5.0.45-7.3.20060mlcs4.x86_64.rpm
5dad314f8cfaf582c627778931777a26 corporate/4.0/x86_64/mysql-common-5.0.45-7.3.20060mlcs4.x86_64.rpm
b250f0d6f9065b5b13d2a90d26450df5 corporate/4.0/x86_64/mysql-max-5.0.45-7.3.20060mlcs4.x86_64.rpm
6e2c57a6c2c98eadba5b9dfd0ad749c5 corporate/4.0/x86_64/mysql-ndb-extra-5.0.45-7.3.20060mlcs4.x86_64.rpm
103b683521e544330b00ff12f590b603 corporate/4.0/x86_64/mysql-ndb-management-5.0.45-7.3.20060mlcs4.x86_64.rpm
13fd214bae5164df51d71c5b77cf9038 corporate/4.0/x86_64/mysql-ndb-storage-5.0.45-7.3.20060mlcs4.x86_64.rpm
afa36b210745a77019a09891c9b6e61e corporate/4.0/x86_64/mysql-ndb-tools-5.0.45-7.3.20060mlcs4.x86_64.rpm
28e52dceda0279ef95de899fa87c139d corporate/4.0/SRPMS/mysql-5.0.45-7.3.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJ7xuFmqjQ0CJFipgRArMDAKDERKZ0Z2qU0C9YOnLvh9sUQCIgxACeKSpC
eJZtPU8pHegqERNdHbgZoM8=
=Q7aJ
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists