From 00a60a66381449362bbcfcac9dd080dca576c304 Mon Sep 17 00:00:00 2001 From: Aldas Nabazas Date: Sat, 16 Feb 2008 18:52:42 +0100 Subject: [PATCH] Updated mysql (5.0.45 -> 5.0.51a) : SECURITY - HIGH CVE-2007-5969 (Medium) : MySQL Community Server before 5.0.51, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. CVE-2007-6303 (Low) : MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. CVE-2007-6304 (Medium) : The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns. --- database/mysql/mysql.desc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/database/mysql/mysql.desc b/database/mysql/mysql.desc index 553c1ded0..555fa9c94 100644 --- a/database/mysql/mysql.desc +++ b/database/mysql/mysql.desc @@ -3,7 +3,7 @@ [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. [COPY] [COPY] Filename: package/.../mysql/mysql.desc -[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project +[COPY] Copyright (C) 2006 - 2008 The OpenSDE Project [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project [COPY] Copyright (C) 1998 - 2003 Clifford Wolf [COPY] @@ -37,8 +37,8 @@ [L] LGPL [S] Stable -[V] 5.0.45 +[V] 5.0.51a [P] X -----5---9 123.500 -[D] 4033160609 mysql-5.0.45.tar.gz http://www.mysql.org/Downloads/MySQL-5.0/ +[D] 2459571222 mysql-5.0.51a.tar.gz http://www.mysql.org/Downloads/MySQL-5.0/