ELSA-2009-1289

ULN >
Oracle Linux Errata repository >
ELSA-2009-1289

ELSA-2009-1289 - mysql security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2009-09-08

Description

[5.0.77-3]
- Add fix for CVE-2009-2446 (format string vulnerability in COM_CREATE_DB and
COM_DROP_DB processing)
Resolves: #512200

[5.0.77-2]
- Back-port upstream fix for CVE-2008-4456 (mysql command line client XSS flaw)
Resolves: #502169

[5.0.77-1]
- Update to MySQL 5.0.77, for numerous fixes described at
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-77.html
including low-priority security issues CVE-2008-2079, CVE-2008-3963
Resolves: #448487, #448534, #452824, #453156, #455619, #456875
Resolves: #457218, #462534, #470036, #476896, #479615
- Improve mysql.init to pass configured datadir to mysql_install_db,
and to force user=mysql for both mysql_install_db and mysqld_safe.
Resolves: #450178
- Fix mysql.init to wait correctly when socket is not in default place
Resolves: #435494

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	mysql-5.0.77-3.el5.src.rpm	cf92237a73c009a8d12886f9903dbcb3	ELSA-2013-0180
	mysql-5.0.77-3.el5.i386.rpm	b0c1e055d4958ca24eff8cc7e31ddb16	ELSA-2013-0180
	mysql-bench-5.0.77-3.el5.i386.rpm	825012d4fdcb59e7e8ea9e462c2545ec	ELSA-2013-0180
	mysql-devel-5.0.77-3.el5.i386.rpm	c877d2904fce22ba22256eac70184afd	ELSA-2013-0180
	mysql-server-5.0.77-3.el5.i386.rpm	7a84bcc4bfeada3c626a82d4f9322273	ELSA-2013-0180
	mysql-test-5.0.77-3.el5.i386.rpm	73d73e74b6d4aa52dcae6a2b5fb3dbdc	ELSA-2013-0180

Oracle Linux 5 (ia64)	mysql-5.0.77-3.el5.src.rpm	cf92237a73c009a8d12886f9903dbcb3	ELSA-2013-0180
	mysql-5.0.77-3.el5.i386.rpm	b0c1e055d4958ca24eff8cc7e31ddb16	ELSA-2013-0180
	mysql-5.0.77-3.el5.ia64.rpm	d86407ecdfd7c8a47213362b134aab08	ELSA-2013-0180
	mysql-bench-5.0.77-3.el5.ia64.rpm	baa6fe92745435dbeaf921b9b32392ac	ELSA-2013-0180
	mysql-devel-5.0.77-3.el5.ia64.rpm	97fc6bd97e5f0716ba8df499bca7d4be	ELSA-2013-0180
	mysql-server-5.0.77-3.el5.ia64.rpm	25e851885a016e2b4e6d4060fbd8fc2b	ELSA-2013-0180
	mysql-test-5.0.77-3.el5.ia64.rpm	b1e675a9de336fcd7fa89aedde13ec38	ELSA-2013-0180

Oracle Linux 5 (x86_64)	mysql-5.0.77-3.el5.src.rpm	cf92237a73c009a8d12886f9903dbcb3	ELSA-2013-0180
	mysql-5.0.77-3.el5.i386.rpm	b0c1e055d4958ca24eff8cc7e31ddb16	ELSA-2013-0180
	mysql-5.0.77-3.el5.x86_64.rpm	3afe96c8c6600632bfd991f3693a3c20	ELSA-2013-0180
	mysql-bench-5.0.77-3.el5.x86_64.rpm	c33dba5681f3fa156c46baceb8a98555	ELSA-2013-0180
	mysql-devel-5.0.77-3.el5.i386.rpm	c877d2904fce22ba22256eac70184afd	ELSA-2013-0180
	mysql-devel-5.0.77-3.el5.x86_64.rpm	b79936ee0f2ab705e42e2ac57ca9d62b	ELSA-2013-0180
	mysql-server-5.0.77-3.el5.x86_64.rpm	da4db42fa2dca5e36995a8ae9f57b3f5	ELSA-2013-0180
	mysql-test-5.0.77-3.el5.x86_64.rpm	d628a4b307662d032e31a666ea7c8a56	ELSA-2013-0180

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691