Please unblock mysql-dfsg-5.0 (CVE-2007-1420)

To: debian-release@lists.debian.org
Cc: Sean Finney <seanius@debian.org>, team@security.debian.org
Subject: Please unblock mysql-dfsg-5.0 (CVE-2007-1420)
From: Christian Hammers <ch@debian.org>
Date: Tue, 20 Mar 2007 02:19:24 +0100
Message-id: <[🔎] 20070320021924.7fafc917@app109.intern>

Hello

@Security-Team:
The only affected package is mysql-server-5.0 from testing and unstable as
prior MySQL versions did not support the "information schema" meta database.

@RM:
Please unblock the following upload:

 mysql-dfsg-5.0 (5.0.32-7etch1) testing-proposed-updates; urgency=high
 .
   * SECURITY:
     CVE-2007-1420: Single Row Subselect DoS. Specially crafted subselect
     queries could crash the mysql server. Patch backported from upstream
     changeset 19685 (46_CVE-2007-1420_subselect_dos.dpatch). Closes: #414790.

 interdiff says:
  debian/patches/46_CVE-2007-1420_subselect_dos.dpatch|148+++++++++++++++++++ 
  mysql-dfsg-5.0-5.0.32/debian/changelog              |  9 +
  mysql-dfsg-5.0-5.0.32/debian/patches/00list         |  1 
  3 files changed, 158 insertions(+)

thanks,

-christian-

Reply to:

Follow-Ups:
- Re: Please unblock mysql-dfsg-5.0 (CVE-2007-1420)
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Removing mediawiki dependencies on pgsql for etch
Next by Date: please unblock gradm2 2.1.9-3
Previous by thread: Re: Bug#415466: asterisk: SIP INVITE DoS
Next by thread: Re: Please unblock mysql-dfsg-5.0 (CVE-2007-1420)
Index(es):
- Date
- Thread