Re: mysql-client-5.0 package severly broken, critical security implications
On 2006-07-30 Norbert Tretkowski wrote:
> * Alexander W. Janssen wrote:
...
> > However, in any case: /dev/null gets DELETED and replaced by A FILE
> > with the content of .mysql_history! Deleting /dev/null on your
> > system really brakes your system. This is a critical bug.
> >
> > The bug is reported at http://bugs.mysql.com/bug.php?id=16803 and
> > was closed in Mysql-version 5.0.19-BK according to their site.
...
> Christian? Any idea why this bug is still present in the Debian
> package?
Most changes that were scheduled for 5.0.22 were actually released not prior
to 5.0.24 as 5.0.22 was an unplanned security update and 5.0.23 so buggy that
it had never been announced :)
I can confirm that the bug is reproducible in 5.0.22 but no longer in the
5.0.24 packages that will be uploaded tomorrow.
bye,
-christian-
Reply to: