[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request - MySQL - 5.0.88
From: Josh Bressers <bressers () redhat ! com>
Date: 2009-11-23 21:26:33
Message-ID: 1728815975.612571259011593868.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Jan Lieskovsky" <jlieskov@redhat.com> wrote:
>
> MySQL upstream has released latest 5.0.88 version of their Community
> Server, fixing one security issue:
>
> * Error handling was missing for SELECT statements containing
> subqueries in the WHERE clause and that assigned a SELECT
> result to a user variable. The server could crash as a result.
> (Bug#48291: http://bugs.mysql.com/48291)
>
> This looks to be from adjacent network exploitable mysqld DoS.
>
> * If the first argument to GeomFromWKB() function was a geometry
> value, the function just returned its value. However, it
> failed to preserve the argument's null_value flag, which
> caused an unexpected NULL value to be returned to the caller,
> resulting in a server crash.
> (Bug#47780: http://bugs.mysql.com/47780)
>
> Same case as the above, though I can't look into upstream MySQL bugs
> to confirm or disprove it. Thus Cc-ed Sergei Golubchik on this mail.
>
Let's group these two together. This also appears to affect MySQL versions
before 5.1.41 5.0.88.
CVE-2009-4019
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
http://bugs.mysql.com/47780
http://bugs.mysql.com/48291
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic