User: Password:
|
|
Subscribe / Log in / New account

Red Hat alert RHSA-2007:0152-01 (mysql)

From:  bugzilla@redhat.com
To:  enterprise-watch-list@redhat.com
Subject:  [RHSA-2007:0152-01] Moderate: mysql security update
Date:  Tue, 3 Apr 2007 15:18:09 -0400

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: mysql security update Advisory ID: RHSA-2007:0152-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0152.html Issue date: 2007-04-03 Updated on: 2007-04-03 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-4226 - --------------------------------------------------------------------- 1. Summary: Updated mysql packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was found in the way MySQL handled case sensitive database names. A user with the ability to create databases could gain unauthorized access to other databases hosted by the MySQL server. (CVE-2006-4226) This flaw does not affect the version of MySQL distributed with Red Hat Enterprise Linux 2.1, 3, or 5. All users of the MySQL server are advised to upgrade to these updated packages, which contain a backported patch which fixes this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 203426 - CVE-2006-4226 mysql-server create database privilege escalation 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mysql... 6c7f8075f117be3e16833db1169c084a mysql-4.1.20-2.RHEL4.1.src.rpm i386: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm 826c5a83fc373d25d3cf5fd59b66a4a0 mysql-bench-4.1.20-2.RHEL4.1.i386.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm 87a1443bb37a3db76bd81ef225ad43c0 mysql-devel-4.1.20-2.RHEL4.1.i386.rpm 8b01c92ea2bddffe3eae6b3da54d41dc mysql-server-4.1.20-2.RHEL4.1.i386.rpm ia64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm e8b5e4be135fcfe41ec0c17b9b7454c9 mysql-4.1.20-2.RHEL4.1.ia64.rpm 729494527ddbc0baba8d3bfdcb7c9fb1 mysql-bench-4.1.20-2.RHEL4.1.ia64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm e92361c5b92c1d05922dada1120cd70e mysql-debuginfo-4.1.20-2.RHEL4.1.ia64.rpm be0d10aec73081c39fea2936a7e6247c mysql-devel-4.1.20-2.RHEL4.1.ia64.rpm cbd5e40ade56eee5725a78089dadbfcd mysql-server-4.1.20-2.RHEL4.1.ia64.rpm ppc: 06050350191dcfa02bf1992a172c89ff mysql-4.1.20-2.RHEL4.1.ppc.rpm 67828e4ea169bca5117cd259e23f3d0b mysql-4.1.20-2.RHEL4.1.ppc64.rpm e09f97506031cd8c3c0f1cec6ff86afb mysql-bench-4.1.20-2.RHEL4.1.ppc.rpm 8d437be16b17ae77cbf6dc9fdf7ce172 mysql-debuginfo-4.1.20-2.RHEL4.1.ppc.rpm b8ba95488bd27738f3ecc7a5233208e7 mysql-debuginfo-4.1.20-2.RHEL4.1.ppc64.rpm ada8633133ee7733144a70ce606f1608 mysql-devel-4.1.20-2.RHEL4.1.ppc.rpm ddd7c96555967d2e620420e7ca5c4bde mysql-server-4.1.20-2.RHEL4.1.ppc.rpm s390: 7437a06a1fe40799113d55cb2528be69 mysql-4.1.20-2.RHEL4.1.s390.rpm 77a0e7b3538c9a0b4bd036031a5beff0 mysql-bench-4.1.20-2.RHEL4.1.s390.rpm e9595c7729c31128b2158e3dfc287db4 mysql-debuginfo-4.1.20-2.RHEL4.1.s390.rpm 063e45c5005e7495d5412cff0ce10479 mysql-devel-4.1.20-2.RHEL4.1.s390.rpm 15a47f88b75f3a1106c001364e9089db mysql-server-4.1.20-2.RHEL4.1.s390.rpm s390x: 7437a06a1fe40799113d55cb2528be69 mysql-4.1.20-2.RHEL4.1.s390.rpm 84a23520166f1724152a7011ac5acc6d mysql-4.1.20-2.RHEL4.1.s390x.rpm 92ed2bd7d10af251091ce1328d61d882 mysql-bench-4.1.20-2.RHEL4.1.s390x.rpm e9595c7729c31128b2158e3dfc287db4 mysql-debuginfo-4.1.20-2.RHEL4.1.s390.rpm a5f6f194b648479fdfe55ba29e82aec4 mysql-debuginfo-4.1.20-2.RHEL4.1.s390x.rpm 002e3124325cb7e56cf95aa23a12200e mysql-devel-4.1.20-2.RHEL4.1.s390x.rpm 142afd7330c2963edb92eaf40511ddb6 mysql-server-4.1.20-2.RHEL4.1.s390x.rpm x86_64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm a1634953cd1be078a0af0e0b8c42b50e mysql-4.1.20-2.RHEL4.1.x86_64.rpm 29275638e0c420d8d859b087155db196 mysql-bench-4.1.20-2.RHEL4.1.x86_64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm fc1c8fd9dda6c6b07a1d7a7b05b0a8b1 mysql-debuginfo-4.1.20-2.RHEL4.1.x86_64.rpm fe4593105f2cb95aeaad60bd11b5bbad mysql-devel-4.1.20-2.RHEL4.1.x86_64.rpm da55ebb822229a8c15660c763737dff8 mysql-server-4.1.20-2.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/... 6c7f8075f117be3e16833db1169c084a mysql-4.1.20-2.RHEL4.1.src.rpm i386: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm 826c5a83fc373d25d3cf5fd59b66a4a0 mysql-bench-4.1.20-2.RHEL4.1.i386.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm 87a1443bb37a3db76bd81ef225ad43c0 mysql-devel-4.1.20-2.RHEL4.1.i386.rpm 8b01c92ea2bddffe3eae6b3da54d41dc mysql-server-4.1.20-2.RHEL4.1.i386.rpm x86_64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm a1634953cd1be078a0af0e0b8c42b50e mysql-4.1.20-2.RHEL4.1.x86_64.rpm 29275638e0c420d8d859b087155db196 mysql-bench-4.1.20-2.RHEL4.1.x86_64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm fc1c8fd9dda6c6b07a1d7a7b05b0a8b1 mysql-debuginfo-4.1.20-2.RHEL4.1.x86_64.rpm fe4593105f2cb95aeaad60bd11b5bbad mysql-devel-4.1.20-2.RHEL4.1.x86_64.rpm da55ebb822229a8c15660c763737dff8 mysql-server-4.1.20-2.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mysql... 6c7f8075f117be3e16833db1169c084a mysql-4.1.20-2.RHEL4.1.src.rpm i386: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm 826c5a83fc373d25d3cf5fd59b66a4a0 mysql-bench-4.1.20-2.RHEL4.1.i386.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm 87a1443bb37a3db76bd81ef225ad43c0 mysql-devel-4.1.20-2.RHEL4.1.i386.rpm 8b01c92ea2bddffe3eae6b3da54d41dc mysql-server-4.1.20-2.RHEL4.1.i386.rpm ia64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm e8b5e4be135fcfe41ec0c17b9b7454c9 mysql-4.1.20-2.RHEL4.1.ia64.rpm 729494527ddbc0baba8d3bfdcb7c9fb1 mysql-bench-4.1.20-2.RHEL4.1.ia64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm e92361c5b92c1d05922dada1120cd70e mysql-debuginfo-4.1.20-2.RHEL4.1.ia64.rpm be0d10aec73081c39fea2936a7e6247c mysql-devel-4.1.20-2.RHEL4.1.ia64.rpm cbd5e40ade56eee5725a78089dadbfcd mysql-server-4.1.20-2.RHEL4.1.ia64.rpm x86_64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm a1634953cd1be078a0af0e0b8c42b50e mysql-4.1.20-2.RHEL4.1.x86_64.rpm 29275638e0c420d8d859b087155db196 mysql-bench-4.1.20-2.RHEL4.1.x86_64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm fc1c8fd9dda6c6b07a1d7a7b05b0a8b1 mysql-debuginfo-4.1.20-2.RHEL4.1.x86_64.rpm fe4593105f2cb95aeaad60bd11b5bbad mysql-devel-4.1.20-2.RHEL4.1.x86_64.rpm da55ebb822229a8c15660c763737dff8 mysql-server-4.1.20-2.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mysql... 6c7f8075f117be3e16833db1169c084a mysql-4.1.20-2.RHEL4.1.src.rpm i386: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm 826c5a83fc373d25d3cf5fd59b66a4a0 mysql-bench-4.1.20-2.RHEL4.1.i386.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm 87a1443bb37a3db76bd81ef225ad43c0 mysql-devel-4.1.20-2.RHEL4.1.i386.rpm 8b01c92ea2bddffe3eae6b3da54d41dc mysql-server-4.1.20-2.RHEL4.1.i386.rpm ia64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm e8b5e4be135fcfe41ec0c17b9b7454c9 mysql-4.1.20-2.RHEL4.1.ia64.rpm 729494527ddbc0baba8d3bfdcb7c9fb1 mysql-bench-4.1.20-2.RHEL4.1.ia64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm e92361c5b92c1d05922dada1120cd70e mysql-debuginfo-4.1.20-2.RHEL4.1.ia64.rpm be0d10aec73081c39fea2936a7e6247c mysql-devel-4.1.20-2.RHEL4.1.ia64.rpm cbd5e40ade56eee5725a78089dadbfcd mysql-server-4.1.20-2.RHEL4.1.ia64.rpm x86_64: e8da68fdd73da636b0d13d0704a187bf mysql-4.1.20-2.RHEL4.1.i386.rpm a1634953cd1be078a0af0e0b8c42b50e mysql-4.1.20-2.RHEL4.1.x86_64.rpm 29275638e0c420d8d859b087155db196 mysql-bench-4.1.20-2.RHEL4.1.x86_64.rpm c73b4413942dfdab4a263e58fddbbebb mysql-debuginfo-4.1.20-2.RHEL4.1.i386.rpm fc1c8fd9dda6c6b07a1d7a7b05b0a8b1 mysql-debuginfo-4.1.20-2.RHEL4.1.x86_64.rpm fe4593105f2cb95aeaad60bd11b5bbad mysql-devel-4.1.20-2.RHEL4.1.x86_64.rpm da55ebb822229a8c15660c763737dff8 mysql-server-4.1.20-2.RHEL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 http://www.redhat.com/security/updates/classification/#mo... 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGEqhvXlSAg2UNWIIRAsu/AJkBvWWY6ZkPsYJzWHb/z4QXAiik5QCgqXAY 7U/kz8zFWpEB2qVjCAG5ZOs= =uwHp -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds