Ubuntu Security Notice 1397-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
dda21a42a15ae22869f978d3746bb4b1626d8469bab9ce1b18636fb138cf0739Gentoo Linux Security Advisory 201201-2 - Multiple vulnerabilities were found in MySQL, some of which may allow execution of arbitrary code. Versions less than 5.1.56 are affected.
117eb25ee6c51f621745264b1ef7083b0a2c6153fdaa4646571449649e0c610dDebian Linux Security Advisory 2143-1 - Several vulnerabilities have been discovered in the MySQL database server.
2158a59bdea1b08c78875d4e873f56c5c1d87943faee4872b3536d775cff91c6Ubuntu Security Notice 1017-1 - It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. It was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. Various other issues were addressed as well.
12f74318d601ad71c04de02b7f2984a919b4f5c8e5d6f180e143084260daa6f4Mandriva Linux Security Advisory 2010-223 - Multiple vulnerabilities were discovered and corrected in mysql. During evaluation of arguments to extreme-value functions (such as LEAST() and GREATEST()), type errors did not propagate properly, causing the server to crash. The server could crash after materializing a derived table that required a temporary table for grouping. A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted. Pre-evaluation of LIKE predicates during view preparation could cause a server crash. Various other issues were addressed as well.
d609120ee86a09bd8da88ad1f562f2e0e823196ca6f9d056344881e111dacff0Mandriva Linux Security Advisory 2010-222 - Multiple vulnerabilities were discovered and corrected in mysql. Joins involving a table with with a unique SET column could cause a server crash. Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash. The server could crash if there were alternate reads from two indexes on a table using the HANDLER interface. Using EXPLAIN with queries of the form SELECT. UNION. ORDER BY could cause a server crash. Various other issues were also addressed.
74d0792dedac23aec2f739bcb4269d0a3049b419f30d9981405256e2fc0a6056
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed