Jump to content

Advisories MDVSA-2010:155-1: mysql

paul

By paul
in Mandriva Security Advisories

 Share

Recommended Posts

paul Platinum

paul

Posted
Posted

Multiple vulnerabilities has been found and corrected in mysql:

 

MySQL before 5.1.48 allows remote authenticated users with alter

database privileges to cause a denial of service (server crash

and database loss) via an ALTER DATABASE command with a #mysql50#

string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or

similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which

causes MySQL to move certain directories to the server data directory

(CVE-2010-2008).

 

Additionally many security issues noted in the 5.1.49 release notes

has been addressed with this advisory as well, such as:

 

* LOAD DATA INFILE did not check for SQL errors and sent an OK packet

even when errors were already reported. Also, an assert related to

client-server protocol checking in debug servers sometimes was raised

when it should not have been. (Bug#52512) (CVE-2010-3683)

 

* Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER

BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711)

(CVE-2010-3682)

 

* The server could crash if there were alternate reads from two indexes

on a table using the HANDLER interface. (Bug#54007) (CVE-2010-3681)

 

* A malformed argument to the BINLOG statement could result in Valgrind

warnings or a server crash. (Bug#54393) (CVE-2010-3679)

 

* Incorrect handling of NULL arguments could lead to a crash for IN()

or CASE operations when NULL arguments were either passed explicitly

as arguments (for IN()) or implicitly generated by the WITH ROLLUP

modifier (for IN() and CASE). (Bug#54477) (CVE-2010-3678)

 

* Joins involving a table with with a unique SET column could cause

a server crash. (Bug#54575) (CVE-2010-3677)

 

* Use of TEMPORARY InnoDB tables with nullable columns could cause

a server crash. (Bug#54044) (CVE-2010-3680)

 

The updated packages have been patched to correct these issues.

 

Update:

 

Packages for 2009.1 was not provided with the MDVSA-2010:155

advisory. This advisory provides the missing packages.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...