Re: mysql in stable and remote vulnerabities

To: Geoff Crompton <geoff.crompton@strategicdata.com.au>
Cc: debian-security@lists.debian.org
Subject: Re: mysql in stable and remote vulnerabities
From: Christian Hammers <ch@debian.org>
Date: Thu, 17 Mar 2005 09:41:52 +0100
Message-id: <[🔎] 20050317094152.280fb2be@xeniac.intern>
In-reply-to: <[🔎] 4238DC91.8070004@strategicdata.com.au>
References: <[🔎] 4238DC91.8070004@strategicdata.com.au>

Hello Geoff

On 2005-03-17 Geoff Crompton wrote:
> There are several remote vulnerabilities listed here: 
> http://www.securityfocus.com/bid/12781
> 
> Seems that unstable and testing are either fixed, or on the way to being 
> fixed. Does anyone know if the older version that is in stable is 
> affected by these?
> CAN numbers are:
> CAN-2005-0709, CAN-2005-0710, CAN-2005-0711

Testing and unstable have been fixed on last weekend by uploading
versions 4.0.24-1 and 4.1.10a-1.

Woody is also affected (I can confirm this for all three vulnerabilities)
but is not easy to fix as MySQL did not provide a new version here and 
we have to backport the 4.0 patch which does only apply to about 50% :-(

If anybody likes to help here, please a look at:
http://mysql.bkbits.net:8080/mysql-4.0/cset@42275cb1vIySS0vWwwUFE48ltGkmNA

bye,

-christian-

Attachment: pgpeZfhVsXyhH.pgp
Description: PGP signature

Reply to:

References:
- mysql in stable and remote vulnerabities
  - From: Geoff Crompton <geoff.crompton@strategicdata.com.au>

Prev by Date: mysql in stable and remote vulnerabities
Next by Date: Re: CAN-2005-0448 and #286905, dsa?
Previous by thread: mysql in stable and remote vulnerabities
Next by thread: secure ident daemon
Index(es):
- Date
- Thread