[debian-mysql] MySQL security updates in stable-security
Christian Hammers
ch at debian.org
Mon Jun 18 21:11:06 UTC 2007
Hello Security-Team
Are you aware of this one?
mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high
* Upload prepared for the security team by the debian mysql maintainers
* Fix for CVE-2007-2691: DROP/RENAME TABLE statements (ref: #424778).
* Fix for CVE-2007-2692: THD::db_access privileges (ref: #424830).
* Fix for CVE-2007-2583: null dereference in item_cmpfunc.cc
-- sean finney <seanius at debian.org> Mon, 28 May 2007 19:34:34 +0200
Vulnerability matrix:
sarge: mysql 4.0.x: not affected (subselects unsupported)
sarge: mysql 4.1.x: not affected
etch: mysql 5.0.x: affected
sid: mysql 5.0.x: not affected, fixed in upstream since 5.0.40
exp: mysql 5.1.x: not tested
bye,
-christian-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20070618/c080457c/attachment.pgp
More information about the pkg-mysql-maint
mailing list