Stay Connected:

ELSA-2009-1289

ELSA-2009-1289 - mysql security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2009-09-08

Description


[5.0.77-3]
- Add fix for CVE-2009-2446 (format string vulnerability in COM_CREATE_DB and
COM_DROP_DB processing)
Resolves: #512200

[5.0.77-2]
- Back-port upstream fix for CVE-2008-4456 (mysql command line client XSS flaw)
Resolves: #502169

[5.0.77-1]
- Update to MySQL 5.0.77, for numerous fixes described at
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-77.html
including low-priority security issues CVE-2008-2079, CVE-2008-3963
Resolves: #448487, #448534, #452824, #453156, #455619, #456875
Resolves: #457218, #462534, #470036, #476896, #479615
- Improve mysql.init to pass configured datadir to mysql_install_db,
and to force user=mysql for both mysql_install_db and mysqld_safe.
Resolves: #450178
- Fix mysql.init to wait correctly when socket is not in default place
Resolves: #435494


Related CVEs


CVE-2008-3963
CVE-2009-2446
CVE-2008-4456
CVE-2008-2079

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) mysql-5.0.77-3.el5.src.rpm29f061f4446781bb06c11289139131862ec30452e87724e1615ebd859a4fcc42ELSA-2013-0180el5_u4_i386_base
mysql-5.0.77-3.el5.i386.rpm6bf3c8e4601b9a7bb6c3f5c38dcef4a87536d7650fcdb7a61e2b8c8eb9f96250ELSA-2013-0180el5_u4_i386_base
mysql-bench-5.0.77-3.el5.i386.rpm444ec8bf0b14942a9318cb858b9ae51d2ab66770967125bb82eeac1889246488ELSA-2013-0180el5_u4_i386_base
mysql-devel-5.0.77-3.el5.i386.rpm2fe5060a46b0250577c40322d724e0c353b59cbfe0c837eeae14da85b334ccecELSA-2013-0180el5_u4_i386_base
mysql-server-5.0.77-3.el5.i386.rpm13b275add29bd0e6e99fb23a678c4a2780897ecda74b0d24513bd6bacb71ed10ELSA-2013-0180el5_u4_i386_base
mysql-test-5.0.77-3.el5.i386.rpmf7d3e1f6f00c7dce5531fa9cdcd7596ecfd26385f3b4b4386be2bed276575876ELSA-2013-0180el5_u4_i386_base
Oracle Linux 5 (ia64) mysql-5.0.77-3.el5.src.rpm29f061f4446781bb06c11289139131862ec30452e87724e1615ebd859a4fcc42ELSA-2013-0180el5_u4_ia64_base
mysql-5.0.77-3.el5.i386.rpm6bf3c8e4601b9a7bb6c3f5c38dcef4a87536d7650fcdb7a61e2b8c8eb9f96250ELSA-2013-0180el5_u4_ia64_base
mysql-5.0.77-3.el5.ia64.rpm9a5971a109a2a456a6c0f05db7b3a20c9ebb87a9079096af0efc93efca714620ELSA-2013-0180el5_u4_ia64_base
mysql-bench-5.0.77-3.el5.ia64.rpm207380f5ff69ca85f1aeb5f8446c9113aeb0003e67da684a70541db432395fa5ELSA-2013-0180el5_u4_ia64_base
mysql-devel-5.0.77-3.el5.ia64.rpm9ba3a569a4f9aa448adc29901a61eae8917df01aaf4375cfd925f75d208be59bELSA-2013-0180el5_u4_ia64_base
mysql-server-5.0.77-3.el5.ia64.rpmaddab0bee090ed4b35cd882620eaee9844db1abbdb1b5817a3c6437b48cec519ELSA-2013-0180el5_u4_ia64_base
mysql-test-5.0.77-3.el5.ia64.rpm0c4b8f0818acdb589891145dd836e644057f2dc73eb3dac8b58795bd59413960ELSA-2013-0180el5_u4_ia64_base
Oracle Linux 5 (x86_64) mysql-5.0.77-3.el5.src.rpm29f061f4446781bb06c11289139131862ec30452e87724e1615ebd859a4fcc42ELSA-2013-0180el5_u4_x86_64_base
mysql-5.0.77-3.el5.i386.rpm6bf3c8e4601b9a7bb6c3f5c38dcef4a87536d7650fcdb7a61e2b8c8eb9f96250ELSA-2013-0180el5_u4_x86_64_base
mysql-5.0.77-3.el5.x86_64.rpm56ac58d6cfb687d378226add122249cafb833db66f9bd0db98346bd5a295576cELSA-2013-0180el5_u4_x86_64_base
mysql-bench-5.0.77-3.el5.x86_64.rpm0f741c4497b5c8840872a1fccc77d460d249c1ce3787f23df9d2833becac92cdELSA-2013-0180el5_u4_x86_64_base
mysql-devel-5.0.77-3.el5.i386.rpm2fe5060a46b0250577c40322d724e0c353b59cbfe0c837eeae14da85b334ccecELSA-2013-0180el5_u4_x86_64_base
mysql-devel-5.0.77-3.el5.x86_64.rpm2c755d03bcde0841457680da72fbee311f6886cfa938592af5d8a80050e377d9ELSA-2013-0180el5_u4_x86_64_base
mysql-server-5.0.77-3.el5.x86_64.rpm0a496600dfaf0242f61ebff8b68f723ec79a5b9588624c2600524c42ab9631d5ELSA-2013-0180el5_u4_x86_64_base
mysql-test-5.0.77-3.el5.x86_64.rpm08dac1cdf43826e2dc1676e542d204aaf18f4b507ed33fbf597ecdce1c8cb3b9ELSA-2013-0180el5_u4_x86_64_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights