User: Password:
|
|
Subscribe / Log in / New account

Ubuntu alert USN-274-1 (mysql-dfsg)

From:  Martin Pitt <martin.pitt@canonical.com>
To:  ubuntu-security-announce@lists.ubuntu.com
Subject:  [USN-274-1] MySQL vulnerability
Date:  Thu, 27 Apr 2006 16:45:59 +0200
Cc:  full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com

=========================================================== Ubuntu Security Notice USN-274-1 April 27, 2006 mysql-dfsg vulnerability CVE-2006-0903 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: mysql-server The problem can be corrected by upgrading the affected package to version 4.0.20-2ubuntu1.7 (for Ubuntu 4.10), 4.0.23-3ubuntu2.2 (for Ubuntu 5.04), or 4.0.24-10ubuntu2.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely. This only affects you if you enabled the 'log' parameter in the MySQL configuration. Updated packages for Ubuntu 4.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 176824 f214253e4c2a6ffcfd949bc19410ee6b http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 894 19ef051a7994a4faea9b248c12dc44b5 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 9760117 f092867f6df2f50b34b8065312b9fb2b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 25144 b28d3fdc01b8d8194d0388d8d48a257d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 2811182 c4111aec963f9a495b261b299e449c2e http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 305220 8f6653a1152af3624e68a759a2893827 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 423266 f5702114938059a53d531535caaad7f5 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3578122 92a1b9e4c8d874dffc09ebf5fb13e72b i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 2774718 6b2c35f99be213bfc34133995e611f46 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 288162 61879cbc26a9b7dbb27c6c842546458d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 397264 612dc9f1b1149a2af49b0a2aa157e009 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3487310 47ecf2e29f3dbe465dfd990ba80c36eb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3110894 81feb50003ee69b7e93b809b8c0bfc39 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 308852 a8fe34e726d5302deb751838ef8ccb06 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 452684 52bfacf4b50418cc8d30fdde7679eab4 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3770820 3c992663d03b4b9f548207e7dddb2749 Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 343725 a2b298ae7189d19d610096bd509ce596 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 891 b92cb6c84451811ccf7bd7c2a56c50b4 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 9814467 5eec8f66ed48c6ff92e73161651a492b Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 31990 2d6d3941ca77a34d4fe04919aac8cbc7 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 2866184 3b5f0aa334fc9e1fa7056cf210f94fd2 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 306820 e2917d28d803a34a4c72da0fbba151d3 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 431414 cc314f27a6afe67c821a7a51da383545 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3628640 b296921ef40461d59e9bbba7b2e52357 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 2825934 44b9304d6fa1fd3e3c2e3e9686024c10 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 289510 da17fd8185519af7a3df1a861ce33d07 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 404598 158bbb7ad75e303bf5c13adb383b599a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3537624 9482f91850da2bd3fdde233aa9e64052 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3179624 7466544fb8fc5a7209340039b65c63da http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 312406 8fb8562ffa55040773a02eeb64ba8272 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 462192 265ff5c43fc9afefe1af28c3a4386e5e http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3839282 617a98d3bc28182b3ff37e0e3f130795 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 97810 0dbdcd235f3f6a2f424de7113b74655d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 964 f84c5803fc7d13589346e910387f30c6 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 9923794 aed8f335795a359f32492159e3edfaa3 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 34664 544a522c6d3206981da17184e978e617 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3231158 c1d669e10ac67d1e9b0f121833683779 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 307700 4bc18b69d4e43b694497b4076d79cd75 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 439484 a29c262a4aa8cdd57f8dfe8009cb8b7d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3922016 e92ecc0bd9a6fea65f42c7bead40b6db i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 2868302 9dabada4f3d7a4a85df44299b94eae88 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 291550 efbfa0fc65a09ead055a27414e1be54a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 413452 596701868b19ae58687798f73327db4d http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3555444 32eed9d4f3f58a083c505555e249a0ac powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3089942 a58bb68ffed82acc2161d2bf49542da8 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 305526 f033567ad51627ff2137a3118deb668a http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 453378 ab9be3cf1197c77c7992942c4c1cc9c0 http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/... Size/MD5: 3664012 e9a402c36b385dcb83d2248ff4487a2c -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds