Re: mysql-client-5.0 package severly broken, critical security implications

To: Norbert Tretkowski <norbert@tretkowski.de>
Cc: backports-users@lists.backports.org
Subject: Re: mysql-client-5.0 package severly broken, critical security implications
From: Christian Hammers <ch@debian.org>
Date: Tue, 8 Aug 2006 00:47:51 +0200
Message-id: <[🔎] 20060808004751.2188196b@app109.intern>
In-reply-to: <20060730191534.GC8334@rollcage.inittab.de>
References: <20060730163301.GB8724@gmx.de> <20060730191534.GC8334@rollcage.inittab.de>


On 2006-07-30 Norbert Tretkowski wrote:
> * Alexander W. Janssen wrote:
...
> > However, in any case: /dev/null gets DELETED and replaced by A FILE
> > with the content of .mysql_history!  Deleting /dev/null on your
> > system really brakes your system. This is a critical bug.
> > 
> > The bug is reported at http://bugs.mysql.com/bug.php?id=16803 and
> > was closed in Mysql-version 5.0.19-BK according to their site.
... 
> Christian? Any idea why this bug is still present in the Debian
> package?

Most changes that were scheduled for 5.0.22 were actually released not prior
to 5.0.24 as 5.0.22 was an unplanned security update and 5.0.23 so buggy that
it had never been announced :)

I can confirm that the bug is reproducible in 5.0.22 but no longer in the
5.0.24 packages that will be uploaded tomorrow.

bye,

-christian-

Reply to:

Follow-Ups:
- Re: mysql-client-5.0 package severly broken, critical security implications
  - From: "Alexander W. Janssen" <yalla@ynfonatic.de>

Prev by Date: Re: gnucash
Next by Date: gaim 1.5 for powerpc missing ?
Previous by thread: Re: gnucash
Next by thread: Re: mysql-client-5.0 package severly broken, critical security implications
Index(es):
- Date
- Thread