[Pkg-mysql-commits] r1217 - in trunk/debian: . patches

Norbert Tretkowski nobse at alioth.debian.org
Fri May 9 05:08:10 UTC 2008 

Author: nobse
Date: 2008-05-09 05:08:05 +0000 (Fri, 09 May 2008)
New Revision: 1217

Added:
   trunk/debian/patches/92_SECURITY_CVE-2008-2079.dpatch
Modified:
   trunk/debian/changelog
   trunk/debian/patches/00list
Log:
Fix for CVE-2008-2079.

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2008-05-08 18:22:06 UTC (rev 1216)
+++ trunk/debian/changelog	2008-05-09 05:08:05 UTC (rev 1217)
@@ -1,3 +1,14 @@
+mysql-dfsg-5.0 (5.0.51a-7) unstable; urgency=high
+
+  * SECURITY:
+    Fix for CVE-2008-2079: It was possible to circumvent privileges through
+    the creation of MyISAM tables employing the DATA DIRECTORY and INDEX
+    DIRECTORY options to overwrite existing table files in the MySQL data
+    directory. Use of the MySQL data directory in DATA DIRECTORY and INDEX
+    DIRECTORY is now disallowed.
+
+ -- Norbert Tretkowski <nobse at debian.org>  Fri, 09 May 2008 07:06:36 +0200
+
 mysql-dfsg-5.0 (5.0.51a-6) unstable; urgency=low
 
   * Fix debian-start.inc.sh to not print the row counts of the tables

Modified: trunk/debian/patches/00list
===================================================================
--- trunk/debian/patches/00list	2008-05-08 18:22:06 UTC (rev 1216)
+++ trunk/debian/patches/00list	2008-05-09 05:08:05 UTC (rev 1217)
@@ -19,3 +19,4 @@
 89_ndb__staticlib.dpatch
 90_upstreamdebiandir.dpatch
 91_SECURITY_CVE-2007-5925.dpatch
+92_SECURITY_CVE-2008-2079.dpatch

Added: trunk/debian/patches/92_SECURITY_CVE-2008-2079.dpatch
===================================================================
--- trunk/debian/patches/92_SECURITY_CVE-2008-2079.dpatch	                        (rev 0)
+++ trunk/debian/patches/92_SECURITY_CVE-2008-2079.dpatch	2008-05-09 05:08:05 UTC (rev 1217)
@@ -0,0 +1,88 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 92_SECURITY_CVE-2008-2079.dpatchby Norbert Tretkowski <nobse at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix for CVE-2008-2079: It was possible to circumvent privileges through
+## DP: the creation of MyISAM tables employing the DATA DIRECTORY and INDEX
+## DP: DIRECTORYoptions to overwrite existing table files in the MySQL data
+## DP: directory. Use of the MySQL data directory in DATA DIRECTORY and INDEX
+## DP: DIRECTORY is now disallowed.
+
+ at DPATCH@
+diff -Nrup a/mysql-test/r/symlink.result b/mysql-test/r/symlink.result
+--- a/mysql-test/r/symlink.result	2007-11-30 17:42:05 +04:00
++++ b/mysql-test/r/symlink.result	2007-11-30 18:10:35 +04:00
+@@ -133,26 +133,3 @@ a
+ 42
+ drop table t1;
+ End of 4.1 tests
+-CREATE DATABASE db1;
+-CREATE DATABASE db2;
+-USE db2;
+-INSERT INTO db2.t1 VALUES (1);
+-SELECT * FROM db2.t1;
+-b
+-1
+-RESET QUERY CACHE;
+-USE db1;
+-SET SESSION keep_files_on_create = TRUE;
+-CREATE TABLE t1 (a INT) ENGINE MYISAM;
+-ERROR HY000: Can't create/write to file './db1/t1.MYD' (Errcode: 17)
+-CREATE TABLE t3 (a INT) Engine=MyISAM;
+-INSERT INTO t3 VALUES (1),(2),(3);
+-TRUNCATE TABLE t3;
+-SELECT * from t3;
+-a
+-SET SESSION keep_files_on_create = DEFAULT;
+-DROP TABLE db2.t1, db1.t3;
+-DROP DATABASE db1;
+-DROP DATABASE db2;
+-USE test;
+-End of 5.0 tests
+diff -Nrup a/mysql-test/t/symlink.test b/mysql-test/t/symlink.test
+--- a/mysql-test/t/symlink.test	2007-11-30 17:43:57 +04:00
++++ b/mysql-test/t/symlink.test	2007-11-30 18:10:35 +04:00
+@@ -182,43 +182,3 @@ select * from t1;
+ drop table t1;
+ 
+ --echo End of 4.1 tests
+-
+-#
+-# Bug #29325: create table overwrites .MYD file of other table (datadir)
+-#
+-
+-CREATE DATABASE db1; 
+-CREATE DATABASE db2;
+-
+-USE db2;
+---disable_query_log
+-eval CREATE TABLE t1 (b INT) ENGINE MYISAM
+-DATA DIRECTORY = '$MYSQLTEST_VARDIR/master-data/db1/';
+---enable_query_log
+-
+-INSERT INTO db2.t1 VALUES (1);
+-SELECT * FROM db2.t1;
+-RESET QUERY CACHE;
+-
+-USE db1;
+-
+-#no warning from create table
+-SET SESSION keep_files_on_create = TRUE;
+---disable_abort_on_error
+-CREATE TABLE t1 (a INT) ENGINE MYISAM;
+---enable_abort_on_error
+-
+-CREATE TABLE t3 (a INT) Engine=MyISAM;
+-INSERT INTO t3 VALUES (1),(2),(3);
+-TRUNCATE TABLE t3;
+-SELECT * from t3;
+-
+-SET SESSION keep_files_on_create = DEFAULT;
+-
+-DROP TABLE db2.t1, db1.t3;
+-DROP DATABASE db1;
+-DROP DATABASE db2;
+-USE test;
+-
+-
+---echo End of 5.0 tests

More information about the Pkg-mysql-commits mailing list