[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2009-4030 regression in mysql
From:       Huzaifa Sidhpurwala <huzaifas () redhat ! com>
Date:       2012-09-27 5:53:29
Message-ID: 5063E709.8090605 () redhat ! com
[Download RAW message or body]

Hi All,

It was found that the fix for CVE-2009-4030 was not present in mysql
version 5.0.88, as claimed by upstream.

As a result of this, Red Hat Security Advisory RHSA-2012:0127 which
rebased mysql in Red Hat Enterprise Linux 5 to 5.0.95, missed the above
fix.

We have assigned CVE-2012-4452 to this issue.

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4452
http://bugs.mysql.com/bug.php?id=32167
http://rhn.redhat.com/errata/RHSA-2012-0127.html


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]