Ubuntu Security Notice 1397-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
dda21a42a15ae22869f978d3746bb4b1626d8469bab9ce1b18636fb138cf0739Gentoo Linux Security Advisory 201201-2 - Multiple vulnerabilities were found in MySQL, some of which may allow execution of arbitrary code. Versions less than 5.1.56 are affected.
117eb25ee6c51f621745264b1ef7083b0a2c6153fdaa4646571449649e0c610dMandriva Linux Security Advisory 2011-012 - Multiple vulnerabilities has been found and corrected in mysql. storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement. MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. Various other issues have also been addressed.
5431cb0aff4efc32b29260be3f43eab188d9caed0153f7f875cab833616ce1eaDebian Linux Security Advisory 2143-1 - Several vulnerabilities have been discovered in the MySQL database server.
2158a59bdea1b08c78875d4e873f56c5c1d87943faee4872b3536d775cff91c6Ubuntu Security Notice 1017-1 - It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. It was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. Various other issues were addressed as well.
12f74318d601ad71c04de02b7f2984a919b4f5c8e5d6f180e143084260daa6f4Mandriva Linux Security Advisory 2010-222 - Multiple vulnerabilities were discovered and corrected in mysql. Joins involving a table with with a unique SET column could cause a server crash. Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash. The server could crash if there were alternate reads from two indexes on a table using the HANDLER interface. Using EXPLAIN with queries of the form SELECT. UNION. ORDER BY could cause a server crash. Various other issues were also addressed.
74d0792dedac23aec2f739bcb4269d0a3049b419f30d9981405256e2fc0a6056Mandriva Linux Security Advisory 2010-155 - MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service. Additionally many security issues noted in the 5.1.49 release notes have been addressed with this advisory as well.
a524f186d307832209245b071d7daa4a471c629263fcd6fbfbd50ae724e67063
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed