Accepted mysql-dfsg-5.0 5.0.32-7etch3~bpo31+1 (source all i386)

To: backports-changes@lists.backports.org
Subject: Accepted mysql-dfsg-5.0 5.0.32-7etch3~bpo31+1 (source all i386)
From: Norbert Tretkowski <nobse@debian.org>
Date: Sat, 1 Dec 2007 14:32:10 +0000 (UTC)
Message-id: <[🔎] 20071201143210.10D788E44B4A@www.backports.org>
Reply-to: backports-users@lists.backports.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 01 Dec 2007 13:20:10 +0100
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source all i386
Version: 5.0.32-7etch3~bpo31+1
Distribution: sarge-backports
Urgency: high
Maintainer: Christian Hammers <ch@debian.org>
Changed-By: Norbert Tretkowski <nobse@debian.org>
Description: 
 libmysqlclient15-dev - mysql database development files
 libmysqlclient15off - mysql database client library
 mysql-client - mysql database client (meta package depending on the latest versi
 mysql-client-5.0 - mysql database client binaries
 mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
 mysql-server - mysql database server (meta package depending on the latest versi
 mysql-server-4.1 - mysql database server (transitional package)
 mysql-server-5.0 - mysql database server binaries
Closes: 424778 424778 426353 451235
Changes: 
 mysql-dfsg-5.0 (5.0.32-7etch3~bpo31+1) sarge-backports; urgency=low
 .
   * Rebuilt for sarge.
 .
 mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high
 .
   * SECURITY:
     Fix for CVE-2007-5925: The convert_search_mode_to_innobase function in
     ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows
     remote authenticated users to cause a denial of service (database crash)
     via a certain CONTAINS operation on an indexed column, which triggers an
     assertion error. (closes: #451235)
 .
 mysql-dfsg-5.0 (5.0.32-7etch2) stable-security; urgency=high
 .
   * Security release prepared for the security team by the Debian MySQL
     maintainers. The patches were mostly taken from the Ubuntu project.
   * CVE-2007-2583: The in_decimal::set function in item_cmpfunc.cc in MySQL
     allowed context-dependent attackers to cause a denial of service (crash)
     via a crafted IF clause that results in a divide-by-zero error and a NULL
     pointer dereference. Closes: #426353
   * CVE-2007-2691: MySQL did not require the DROP privilege for RENAME
     TABLE statements, which allows remote authenticated users to rename
     arbitrary tables. Closes: #424778
   * CVE-2007-2692: The mysql_change_db function in MySQL did not restore
     THD::db_access privileges when returning from SQL SECURITY INVOKER
     stored routines, which allowed remote authenticated users to gain
     privileges. Closes: #424778
   * CVE-2007-3780: It was discovered that MySQL could be made to overflow
     a signed char during authentication. Remote attackers could use crafted
     authentication requests to cause a denial of service.
   * CVE-2007-3782: Phil Anderton discovered that MySQL did not properly
     verify access privileges when accessing external tables. As a result,
     authenticated users could exploit this to obtain UPDATE privileges to
     external tables.
Files: 
 f2abdceb386aa07fe1c425f0644c9278 1173 misc optional mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.dsc
 1e4d4ac7e85e49b64c1eb75164cd5cae 158186 misc optional mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.diff.gz
 e513ca324afb4a3df9b0b1bb10aeb437 53650 misc optional mysql-common_5.0.32-7etch3~bpo31+1_all.deb
 993b62445e85e37ffa86485184727d94 47366 misc optional mysql-server_5.0.32-7etch3~bpo31+1_all.deb
 2c65ac0f274d4d4fe635d2ecb604dcb0 45296 misc optional mysql-client_5.0.32-7etch3~bpo31+1_all.deb
 4f13bfff6ac36e75cb194adc9218d024 1776048 libs optional libmysqlclient15off_5.0.32-7etch3~bpo31+1_i386.deb
 24e58deec4f485b5a3450098ccb70ed5 6751138 libdevel optional libmysqlclient15-dev_5.0.32-7etch3~bpo31+1_i386.deb
 ddab4e4ed78bab24ae167288370327e7 7089448 misc optional mysql-client-5.0_5.0.32-7etch3~bpo31+1_i386.deb
 ab7e1cf35f1510622bbf41ee0e9a5d65 25127016 misc optional mysql-server-5.0_5.0.32-7etch3~bpo31+1_i386.deb
 c584d19325bfd7c9c97cc62a261b50c2 47400 oldlibs extra mysql-server-4.1_5.0.32-7etch3~bpo31+1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHUWeur/RnCw96jQERAsvkAJwOFBhNDk2oYk4p0RiAL/StHxzZHQCfd4g+
5d6tZ2osniJKx4csSg02jLY=
=hRgB
-----END PGP SIGNATURE-----


Accepted:
libmysqlclient15-dev_5.0.32-7etch3~bpo31+1_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3~bpo31+1_i386.deb
libmysqlclient15off_5.0.32-7etch3~bpo31+1_i386.deb
  to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3~bpo31+1_i386.deb
mysql-client-5.0_5.0.32-7etch3~bpo31+1_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3~bpo31+1_i386.deb
mysql-client_5.0.32-7etch3~bpo31+1_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3~bpo31+1_all.deb
mysql-common_5.0.32-7etch3~bpo31+1_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3~bpo31+1_all.deb
mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.diff.gz
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.diff.gz
mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.dsc
  to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3~bpo31+1.dsc
mysql-server-4.1_5.0.32-7etch3~bpo31+1_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3~bpo31+1_i386.deb
mysql-server-5.0_5.0.32-7etch3~bpo31+1_i386.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3~bpo31+1_i386.deb
mysql-server_5.0.32-7etch3~bpo31+1_all.deb
  to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3~bpo31+1_all.deb

Reply to:

Prev by Date: Accepted pommed 1.12~dfsg-1~bpo40+1 (source i386)
Next by Date: Accepted aiccu 20070115-7~bpo40+1 (source amd64)
Previous by thread: Accepted pommed 1.12~dfsg-1~bpo40+1 (source i386)
Next by thread: Accepted aiccu 20070115-7~bpo40+1 (source amd64)
Index(es):
- Date
- Thread