[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NWdOf-0005kh-8i@titan.mandriva.com>
Date: Sun, 17 Jan 2010 23:15:01 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:011 ] mysql
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:011
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mysql
Date : January 17, 2010
Affected: 2008.0, 2009.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in mysql:
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does
not (1) properly handle errors during execution of certain SELECT
statements with subqueries, and does not (2) preserve certain
null_value flags during execution of statements that use the
GeomFromWKB function, which allows remote authenticated users to
cause a denial of service (daemon crash) via a crafted statement
(CVE-2009-4019).
The vio_verify_callback function in viosslfactories.c in MySQL
5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,
accepts a value of zero for the depth of X.509 certificates, which
allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL
servers via a crafted certificate, as demonstrated by a certificate
presented by a server linked against the yaSSL library (CVE-2009-4028).
MySQL 5.1.x before 5.1.41 allows local users to bypass certain
privilege checks by calling CREATE TABLE on a MyISAM table with
modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments
that are originally associated with pathnames without symlinks,
and that can point to tables created at a future time at which a
pathname is modified to contain a symlink to a subdirectory of the
MySQL data home directory, related to incorrect calculation of the
mysql_unpacked_real_data_home value. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079
(CVE-2009-4030).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct these
issues. Additionally for 2009.0 and MES5 mysql has also been upgraded
to the last stable 5.0 release (5.0.89).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4030
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-87.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-89.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
52156c6c7dba02ea832510d73ef02deb 2008.0/i586/libmysql15-5.0.45-8.4mdv2008.0.i586.rpm
53eebd8dccb55dd2e8f0a8f87caaf3b0 2008.0/i586/libmysql-devel-5.0.45-8.4mdv2008.0.i586.rpm
c0632b9df5c962e1ca8ed838b088da8b 2008.0/i586/libmysql-static-devel-5.0.45-8.4mdv2008.0.i586.rpm
f02c5fc0513cfc39c01ad21e7b5e7edd 2008.0/i586/mysql-5.0.45-8.4mdv2008.0.i586.rpm
ce135fcc22986e9fe75d046d8214b8ae 2008.0/i586/mysql-bench-5.0.45-8.4mdv2008.0.i586.rpm
619cfa0e7d78d404bc61b8a5f4eb17e9 2008.0/i586/mysql-client-5.0.45-8.4mdv2008.0.i586.rpm
64009281c17a9a6dd7c6384134524453 2008.0/i586/mysql-common-5.0.45-8.4mdv2008.0.i586.rpm
1ac7689f55069fd235952b818624c2e2 2008.0/i586/mysql-max-5.0.45-8.4mdv2008.0.i586.rpm
fef4fef755eb747ad9e00f60f97b6b2b 2008.0/i586/mysql-ndb-extra-5.0.45-8.4mdv2008.0.i586.rpm
494aa4646fbc967b22186dbc9e418001 2008.0/i586/mysql-ndb-management-5.0.45-8.4mdv2008.0.i586.rpm
58d95a6fdf0b9b1edcfcef7ec69d36fe 2008.0/i586/mysql-ndb-storage-5.0.45-8.4mdv2008.0.i586.rpm
80bc40abba82c332f5ca0394c160dd2a 2008.0/i586/mysql-ndb-tools-5.0.45-8.4mdv2008.0.i586.rpm
a0fbad6a7f94fd5382601ca8d32cb7c8 2008.0/SRPMS/mysql-5.0.45-8.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
02fd0b09ae47bc94aa3eb110099973aa 2008.0/x86_64/lib64mysql15-5.0.45-8.4mdv2008.0.x86_64.rpm
b7b976c0148f2b6c4c8044d4f0774339 2008.0/x86_64/lib64mysql-devel-5.0.45-8.4mdv2008.0.x86_64.rpm
b501227c5cc8f50616534437cd53bfbb 2008.0/x86_64/lib64mysql-static-devel-5.0.45-8.4mdv2008.0.x86_64.rpm
caef775cdfb0ab79d17f8059008fc121 2008.0/x86_64/mysql-5.0.45-8.4mdv2008.0.x86_64.rpm
f1888d061138183ebad250aea222bbeb 2008.0/x86_64/mysql-bench-5.0.45-8.4mdv2008.0.x86_64.rpm
0bee0bac8aceed2382baeed0939ced56 2008.0/x86_64/mysql-client-5.0.45-8.4mdv2008.0.x86_64.rpm
63942af1015667ae55aadd25b6510d58 2008.0/x86_64/mysql-common-5.0.45-8.4mdv2008.0.x86_64.rpm
7733ea0f4521e7478c1cf0a0355500cc 2008.0/x86_64/mysql-max-5.0.45-8.4mdv2008.0.x86_64.rpm
b1ca0a84f090d8ad80396dd7e7c83951 2008.0/x86_64/mysql-ndb-extra-5.0.45-8.4mdv2008.0.x86_64.rpm
0e533b8ba30d09fe72791b0a478dc980 2008.0/x86_64/mysql-ndb-management-5.0.45-8.4mdv2008.0.x86_64.rpm
d0957597d5d9f5c86eaeac2221f39e78 2008.0/x86_64/mysql-ndb-storage-5.0.45-8.4mdv2008.0.x86_64.rpm
cf8f68b9ffe6c59bfa794d376aaf751c 2008.0/x86_64/mysql-ndb-tools-5.0.45-8.4mdv2008.0.x86_64.rpm
a0fbad6a7f94fd5382601ca8d32cb7c8 2008.0/SRPMS/mysql-5.0.45-8.4mdv2008.0.src.rpm
Mandriva Linux 2009.0:
2e28952a24e2f6901bf85d979b8b1c46 2009.0/i586/libmysql15-5.0.89-0.1mdv2009.0.i586.rpm
6672ffa72e237709ed9a99ce144598d2 2009.0/i586/libmysql-devel-5.0.89-0.1mdv2009.0.i586.rpm
c60cf534fd87eaa01b1a020de9f03e5e 2009.0/i586/libmysql-static-devel-5.0.89-0.1mdv2009.0.i586.rpm
c03211be98622a33fdc4ee9dbbc8d716 2009.0/i586/mysql-5.0.89-0.1mdv2009.0.i586.rpm
48fd7a7e77defa470c7ac5f3dd49980b 2009.0/i586/mysql-bench-5.0.89-0.1mdv2009.0.i586.rpm
f5ffba54fb2b9e9a259e074b50c70ea7 2009.0/i586/mysql-client-5.0.89-0.1mdv2009.0.i586.rpm
6edc821439726b682d966fd9996ea54b 2009.0/i586/mysql-common-5.0.89-0.1mdv2009.0.i586.rpm
d900686ed87347b2f0a5e7a32f007be9 2009.0/i586/mysql-doc-5.0.89-0.1mdv2009.0.i586.rpm
e9c960732a0a656344a7ff6e94eac3ab 2009.0/i586/mysql-max-5.0.89-0.1mdv2009.0.i586.rpm
a386fab18c84eaaa1217b6055821f769 2009.0/i586/mysql-ndb-extra-5.0.89-0.1mdv2009.0.i586.rpm
6944b96baa536d4d18df6fc339b2301f 2009.0/i586/mysql-ndb-management-5.0.89-0.1mdv2009.0.i586.rpm
c4bbe041699b7feff34664258e20732f 2009.0/i586/mysql-ndb-storage-5.0.89-0.1mdv2009.0.i586.rpm
f5e48810839696fe3a5cb5cba7d71951 2009.0/i586/mysql-ndb-tools-5.0.89-0.1mdv2009.0.i586.rpm
15a56088b4622bebf915a6971c6ba081 2009.0/SRPMS/mysql-5.0.89-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
15ccf636dee25985ac7d75d12e64ac38 2009.0/x86_64/lib64mysql15-5.0.89-0.1mdv2009.0.x86_64.rpm
3abe6b605dbdbd25cb9cdcda86464de7 2009.0/x86_64/lib64mysql-devel-5.0.89-0.1mdv2009.0.x86_64.rpm
490c28551b5994f9bbf69d0995550afc 2009.0/x86_64/lib64mysql-static-devel-5.0.89-0.1mdv2009.0.x86_64.rpm
f10fbc859e53b88935eb8323f7c7e80f 2009.0/x86_64/mysql-5.0.89-0.1mdv2009.0.x86_64.rpm
db7c697849e5eaacf4a5eac0770de778 2009.0/x86_64/mysql-bench-5.0.89-0.1mdv2009.0.x86_64.rpm
ffeb4bc0d6ee6f822bdca0765c19aefc 2009.0/x86_64/mysql-client-5.0.89-0.1mdv2009.0.x86_64.rpm
561d93e27e2804333ffbec1ede7380c8 2009.0/x86_64/mysql-common-5.0.89-0.1mdv2009.0.x86_64.rpm
8d80f87abdb8cd4cb9370a875fea6c55 2009.0/x86_64/mysql-doc-5.0.89-0.1mdv2009.0.x86_64.rpm
971b1382e1b2a483c779bb43a1bfd632 2009.0/x86_64/mysql-max-5.0.89-0.1mdv2009.0.x86_64.rpm
009d4f98061226eee877747bf8107791 2009.0/x86_64/mysql-ndb-extra-5.0.89-0.1mdv2009.0.x86_64.rpm
a422f3b9c65617e4663d7ca62a599752 2009.0/x86_64/mysql-ndb-management-5.0.89-0.1mdv2009.0.x86_64.rpm
045c2e9004ca9b32743f80c11ccaabc5 2009.0/x86_64/mysql-ndb-storage-5.0.89-0.1mdv2009.0.x86_64.rpm
0659a3929f24e8dcc03f73bc32339251 2009.0/x86_64/mysql-ndb-tools-5.0.89-0.1mdv2009.0.x86_64.rpm
15a56088b4622bebf915a6971c6ba081 2009.0/SRPMS/mysql-5.0.89-0.1mdv2009.0.src.rpm
Corporate 4.0:
bf3171e73b3065a88389f79053905588 corporate/4.0/i586/libmysql15-5.0.45-7.5.20060mlcs4.i586.rpm
2e50b66392ec5ac2b9f11fca8ed5930c corporate/4.0/i586/libmysql-devel-5.0.45-7.5.20060mlcs4.i586.rpm
0a605644b49120cf7d66724c995529a6 corporate/4.0/i586/libmysql-static-devel-5.0.45-7.5.20060mlcs4.i586.rpm
0cf43ed6190b6b6556f225696cdd555d corporate/4.0/i586/mysql-5.0.45-7.5.20060mlcs4.i586.rpm
528abc387bc6a4924cc9c73b2c121a99 corporate/4.0/i586/mysql-bench-5.0.45-7.5.20060mlcs4.i586.rpm
60043fdfaac8bdb5b25b52f1db650696 corporate/4.0/i586/mysql-client-5.0.45-7.5.20060mlcs4.i586.rpm
5113d4169e3291c1badeafe25dc382c3 corporate/4.0/i586/mysql-common-5.0.45-7.5.20060mlcs4.i586.rpm
e0dd09cec8a064c71e9a98216782efb5 corporate/4.0/i586/mysql-max-5.0.45-7.5.20060mlcs4.i586.rpm
4e1000a31bd21f8aa9fb793ec892ee4c corporate/4.0/i586/mysql-ndb-extra-5.0.45-7.5.20060mlcs4.i586.rpm
035853a97dfb989ac014bb2e3344fd25 corporate/4.0/i586/mysql-ndb-management-5.0.45-7.5.20060mlcs4.i586.rpm
e1fcdc94a8e7310bed82b066c7c59409 corporate/4.0/i586/mysql-ndb-storage-5.0.45-7.5.20060mlcs4.i586.rpm
956c538f81013446d7d51d3a05edebcc corporate/4.0/i586/mysql-ndb-tools-5.0.45-7.5.20060mlcs4.i586.rpm
45375c56eae6358757ff43a387ba409f corporate/4.0/SRPMS/mysql-5.0.45-7.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
99851815b12a0f2c18ec6e4ca21a96ad corporate/4.0/x86_64/lib64mysql15-5.0.45-7.5.20060mlcs4.x86_64.rpm
17eb6293dbe8be53eedbe855ce7a0923 corporate/4.0/x86_64/lib64mysql-devel-5.0.45-7.5.20060mlcs4.x86_64.rpm
f9fede8da85173b3057d6246e57fe6c8 corporate/4.0/x86_64/lib64mysql-static-devel-5.0.45-7.5.20060mlcs4.x86_64.rpm
aecec26bcdeee422d459a2954f04b672 corporate/4.0/x86_64/mysql-5.0.45-7.5.20060mlcs4.x86_64.rpm
7a5bf0a23e30f5a90d9d4854336deffe corporate/4.0/x86_64/mysql-bench-5.0.45-7.5.20060mlcs4.x86_64.rpm
4d94c1edf901b2684bfa8dc068bb3104 corporate/4.0/x86_64/mysql-client-5.0.45-7.5.20060mlcs4.x86_64.rpm
9d64073c0b6dcd8105287ff63f0a0c4a corporate/4.0/x86_64/mysql-common-5.0.45-7.5.20060mlcs4.x86_64.rpm
a45f67cbcbd94f7a2bdd52c7c8e0b63c corporate/4.0/x86_64/mysql-max-5.0.45-7.5.20060mlcs4.x86_64.rpm
16992665a228aaeabf1173091f42851d corporate/4.0/x86_64/mysql-ndb-extra-5.0.45-7.5.20060mlcs4.x86_64.rpm
d671fbc049723408cd54887e515254a5 corporate/4.0/x86_64/mysql-ndb-management-5.0.45-7.5.20060mlcs4.x86_64.rpm
aa940e6938a3df48a633f330e9b052e4 corporate/4.0/x86_64/mysql-ndb-storage-5.0.45-7.5.20060mlcs4.x86_64.rpm
59bbb6d07f0cae5ed7c15ab64a4d87a6 corporate/4.0/x86_64/mysql-ndb-tools-5.0.45-7.5.20060mlcs4.x86_64.rpm
45375c56eae6358757ff43a387ba409f corporate/4.0/SRPMS/mysql-5.0.45-7.5.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
718de612bced10178e020ae27fe1a1b5 mes5/i586/libmysql15-5.0.89-0.1mdvmes5.i586.rpm
dc2a9a11dfcb48ac2f8d0956c261f96d mes5/i586/libmysql-devel-5.0.89-0.1mdvmes5.i586.rpm
924a335d5f67b15a292936bf3c5443c1 mes5/i586/libmysql-static-devel-5.0.89-0.1mdvmes5.i586.rpm
21f0efd48beee9399f25fcb5582a9512 mes5/i586/mysql-5.0.89-0.1mdvmes5.i586.rpm
37cbbc23f76140121f48192591113052 mes5/i586/mysql-bench-5.0.89-0.1mdvmes5.i586.rpm
e1c6f2262400d34f83d2d42ed139a888 mes5/i586/mysql-client-5.0.89-0.1mdvmes5.i586.rpm
46b17b10f926516b26258ede8f4ea65f mes5/i586/mysql-common-5.0.89-0.1mdvmes5.i586.rpm
d3a605169330d36b7c947870091c34d4 mes5/i586/mysql-doc-5.0.89-0.1mdvmes5.i586.rpm
56d9aa1a50948d7dbfa85879ae518de2 mes5/i586/mysql-max-5.0.89-0.1mdvmes5.i586.rpm
9c960d3059181c42c92db59ffb01884d mes5/i586/mysql-ndb-extra-5.0.89-0.1mdvmes5.i586.rpm
1a62e09b43038c8ce7bbf347bfa34c1e mes5/i586/mysql-ndb-management-5.0.89-0.1mdvmes5.i586.rpm
1b4218e50795d67c4f3798d1e180c642 mes5/i586/mysql-ndb-storage-5.0.89-0.1mdvmes5.i586.rpm
6eedeb5e0a43780370b4841d30d9e724 mes5/i586/mysql-ndb-tools-5.0.89-0.1mdvmes5.i586.rpm
646fbf2aa6a8f66a7fccac739c67c32d mes5/SRPMS/mysql-5.0.89-0.1mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64:
bf30cbec79c8448170f88cc413041a35 mes5/x86_64/lib64mysql15-5.0.89-0.1mdvmes5.x86_64.rpm
dac1cd73b8dd75a5b853f58c420dabe5 mes5/x86_64/lib64mysql-devel-5.0.89-0.1mdvmes5.x86_64.rpm
5a431485ef2ec397388a5cf2968d4560 mes5/x86_64/lib64mysql-static-devel-5.0.89-0.1mdvmes5.x86_64.rpm
dfaea673e8d9028a706c5354a5b9bc5d mes5/x86_64/mysql-5.0.89-0.1mdvmes5.x86_64.rpm
03dce9f103187746e6fa682b98ae9812 mes5/x86_64/mysql-bench-5.0.89-0.1mdvmes5.x86_64.rpm
d39c93b7132cd9b1c22d78ce7bef1ff7 mes5/x86_64/mysql-client-5.0.89-0.1mdvmes5.x86_64.rpm
489bf11ad3b952902708e4be2b083795 mes5/x86_64/mysql-common-5.0.89-0.1mdvmes5.x86_64.rpm
4312a570eaecd156947e614c33f651e5 mes5/x86_64/mysql-doc-5.0.89-0.1mdvmes5.x86_64.rpm
2dbf910909ccab61e849083d57a7dde2 mes5/x86_64/mysql-max-5.0.89-0.1mdvmes5.x86_64.rpm
2223c5ee628aa4624e77d6647a153891 mes5/x86_64/mysql-ndb-extra-5.0.89-0.1mdvmes5.x86_64.rpm
3605cf8261c979d52dec00945f1fe0da mes5/x86_64/mysql-ndb-management-5.0.89-0.1mdvmes5.x86_64.rpm
0e6d563485135c130b461432b7c6d008 mes5/x86_64/mysql-ndb-storage-5.0.89-0.1mdvmes5.x86_64.rpm
114419378d29f2cff2e5a74769a3bb4d mes5/x86_64/mysql-ndb-tools-5.0.89-0.1mdvmes5.x86_64.rpm
646fbf2aa6a8f66a7fccac739c67c32d mes5/SRPMS/mysql-5.0.89-0.1mdvmes5.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLU11dmqjQ0CJFipgRAjVaAKDgmPHANhOzKsHvLZERep6pdIPDrACfVLsZ
28YOITV3hdzuqB+otcFiTbk=
=cmQg
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists