From security@linux-mandrake.com Mon Nov 1 22:34:54 2004 From: Mandrake Linux Security Team To: full-disclosure@lists.netsys.com Date: 2 Nov 2004 00:20:06 -0000 Subject: [Full-Disclosure] MDKSA-2004:119 - Updated MySQL packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: MySQL Advisory ID: MDKSA-2004:119 Date: November 1st, 2004 Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1 ______________________________________________________________________ Problem Description: A number of problems have been discovered in the MySQL database server: Jeroen van Wolffelaar discovered an insecure temporary file vulnerability in the mysqlhotcopy script when using the scp method (CAN-2004-0457). Oleksandr Byelkin discovered that the "ALTER TABLE ... RENAME" would check the CREATE/INSERT rights of the old table rather than the new one (CAN-2004-0835). Lukasz Wojtow discovered a buffer overrun in the mysql_real_connect function (CAN-2004-0836). Dean Ellis discovered that multiple threads ALTERing the same (or different) MERGE tables to change the UNION can cause the server to crash or stall (CAN-2004-0837). The updated MySQL packages have been patched to protect against these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0837 http://bugs.mysql.com/bug.php?id=3270 http://bugs.mysql.com/bug.php?id=4017 http://bugs.mysql.com/bug.php?id=2408 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: f680ccd6ecdd9abc77496c71ce02d70b 10.0/RPMS/MySQL-4.0.18-1.2.100mdk.i586.rpm 30c0c2b64243f1b9ac300eb52062d303 10.0/RPMS/MySQL-Max-4.0.18-1.2.100mdk.i586.rpm 8618a5f416cf30cd527be1f42763210f 10.0/RPMS/MySQL-bench-4.0.18-1.2.100mdk.i586.rpm b6d07c7d09e405e174311024e098de1b 10.0/RPMS/MySQL-client-4.0.18-1.2.100mdk.i586.rpm b28337d115d733eb280d7fe5659bcc5a 10.0/RPMS/MySQL-common-4.0.18-1.2.100mdk.i586.rpm 66536b18fc371f756a61496d90340a7b 10.0/RPMS/libmysql12-4.0.18-1.2.100mdk.i586.rpm befe1dbf68fcbc0b9300af93ec9b9d57 10.0/RPMS/libmysql12-devel-4.0.18-1.2.100mdk.i586.rpm 188e63d83d403f4c4c11ae7487cf45ac 10.0/SRPMS/MySQL-4.0.18-1.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64: 491712aed8839a408cd2e3a5ca088668 amd64/10.0/RPMS/MySQL-4.0.18-1.2.100mdk.amd64.rpm d579b376ed0da8d42dc1adb1a472a923 amd64/10.0/RPMS/MySQL-Max-4.0.18-1.2.100mdk.amd64.rpm b0b056e3a247c2187a09eec2b5c666a3 amd64/10.0/RPMS/MySQL-bench-4.0.18-1.2.100mdk.amd64.rpm 44fc8c891ea9e75ed10918c52e29ddd7 amd64/10.0/RPMS/MySQL-client-4.0.18-1.2.100mdk.amd64.rpm df20d5582e78629ff86e27499a72b0b7 amd64/10.0/RPMS/MySQL-common-4.0.18-1.2.100mdk.amd64.rpm 79af2d7adb19e2a0df48c8d0765914fe amd64/10.0/RPMS/lib64mysql12-4.0.18-1.2.100mdk.amd64.rpm a5e44db419bb47f1169deb3af54f9d48 amd64/10.0/RPMS/lib64mysql12-devel-4.0.18-1.2.100mdk.amd64.rpm 188e63d83d403f4c4c11ae7487cf45ac amd64/10.0/SRPMS/MySQL-4.0.18-1.2.100mdk.src.rpm Mandrakelinux 10.1: 0241fc97ccebf80f02f573404cc7f01b 10.1/RPMS/MySQL-4.0.20-3.1.101mdk.i586.rpm fb27d0a9d916a63d4c8143c7ae181ef0 10.1/RPMS/MySQL-Max-4.0.20-3.1.101mdk.i586.rpm 758d3b52cf32d0fb1114199eb7e65247 10.1/RPMS/MySQL-bench-4.0.20-3.1.101mdk.i586.rpm 1df5f23ef2ea4f9456323dc7925d0790 10.1/RPMS/MySQL-client-4.0.20-3.1.101mdk.i586.rpm 61d8e14939e9dcc9bf8b9207e7a4bd60 10.1/RPMS/MySQL-common-4.0.20-3.1.101mdk.i586.rpm ee21d69bf2275f8933ca0c91c5af5b98 10.1/RPMS/libmysql12-4.0.20-3.1.101mdk.i586.rpm 9c64006cb87de169f43ad8f78b1b1c47 10.1/RPMS/libmysql12-devel-4.0.20-3.1.101mdk.i586.rpm a3b194caf4c67c8fa6f881d5577aabba 10.1/SRPMS/MySQL-4.0.20-3.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 214a6acbb0fb3e8398111a6d30ac4082 x86_64/10.1/RPMS/MySQL-4.0.20-3.1.101mdk.x86_64.rpm 72ad37fa4cd99254d399e725c44b5681 x86_64/10.1/RPMS/MySQL-Max-4.0.20-3.1.101mdk.x86_64.rpm c98fd317bc3a2387801c440626459f4e x86_64/10.1/RPMS/MySQL-bench-4.0.20-3.1.101mdk.x86_64.rpm 3141d5e2fa8ca10f94c3501e10e0d00f x86_64/10.1/RPMS/MySQL-client-4.0.20-3.1.101mdk.x86_64.rpm 57f74802dbc5a4912dd926ec748d53a4 x86_64/10.1/RPMS/MySQL-common-4.0.20-3.1.101mdk.x86_64.rpm ab48d1099a5077e763b9d11c373369b4 x86_64/10.1/RPMS/lib64mysql12-4.0.20-3.1.101mdk.x86_64.rpm 2f0846107ddaa0d7c6c389add0dbd6d5 x86_64/10.1/RPMS/lib64mysql12-devel-4.0.20-3.1.101mdk.x86_64.rpm a3b194caf4c67c8fa6f881d5577aabba x86_64/10.1/SRPMS/MySQL-4.0.20-3.1.101mdk.src.rpm Corporate Server 2.1: 6a3d3652bcf1b9b213cb12b22abfa297 corporate/2.1/RPMS/MySQL-3.23.56-1.6.C21mdk.i586.rpm c819f40d6afef344e3fbfd50f13e4adb corporate/2.1/RPMS/MySQL-Max-3.23.56-1.6.C21mdk.i586.rpm c3bf86fe33f2e1f80ba53817fe23ed60 corporate/2.1/RPMS/MySQL-bench-3.23.56-1.6.C21mdk.i586.rpm 2296ca45f742f6ad4fe0f12827bc7e69 corporate/2.1/RPMS/MySQL-client-3.23.56-1.6.C21mdk.i586.rpm 7cdd06d76012d329ffb1b8c05af8ce22 corporate/2.1/RPMS/libmysql10-3.23.56-1.6.C21mdk.i586.rpm 6b8784affa68c19199753877a7127c93 corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.6.C21mdk.i586.rpm 537ee31b2c8b6c0c006d07bea8aad1a8 corporate/2.1/SRPMS/MySQL-3.23.56-1.6.C21mdk.src.rpm Corporate Server 2.1/x86_64: b308f0d13fabf30b0c73b6a62bae42d2 x86_64/corporate/2.1/RPMS/MySQL-3.23.56-1.6.C21mdk.x86_64.rpm d1681268b5c2d3d5865585d517001aff x86_64/corporate/2.1/RPMS/MySQL-Max-3.23.56-1.6.C21mdk.x86_64.rpm d508c3f565f294d319e8da215a622eeb x86_64/corporate/2.1/RPMS/MySQL-bench-3.23.56-1.6.C21mdk.x86_64.rpm 20219356f5a1256eb5d4543e30fa3ce4 x86_64/corporate/2.1/RPMS/MySQL-client-3.23.56-1.6.C21mdk.x86_64.rpm aac8add3fe8beee70f9b3048a7372ab0 x86_64/corporate/2.1/RPMS/libmysql10-3.23.56-1.6.C21mdk.x86_64.rpm cb7d3ebab5149514909633609b47fab1 x86_64/corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.6.C21mdk.x86_64.rpm 537ee31b2c8b6c0c006d07bea8aad1a8 x86_64/corporate/2.1/SRPMS/MySQL-3.23.56-1.6.C21mdk.src.rpm Mandrakelinux 9.2: 8a874159baa33853754001a99e1cdd10 9.2/RPMS/MySQL-4.0.15-1.2.92mdk.i586.rpm ea88058a50c8f170c35b070f8843d1dd 9.2/RPMS/MySQL-Max-4.0.15-1.2.92mdk.i586.rpm 686a188b99e75f2e44c7be5fc49313bb 9.2/RPMS/MySQL-bench-4.0.15-1.2.92mdk.i586.rpm 077b2f4785ec2af1a0886baf0dd5742d 9.2/RPMS/MySQL-client-4.0.15-1.2.92mdk.i586.rpm e2622344b092c71e68f6be668d2b00a1 9.2/RPMS/MySQL-common-4.0.15-1.2.92mdk.i586.rpm a1a485e1de88013571f6c2ea0417f1f8 9.2/RPMS/libmysql12-4.0.15-1.2.92mdk.i586.rpm 46b3cfd41057fd6ad674555f1cd2e786 9.2/RPMS/libmysql12-devel-4.0.15-1.2.92mdk.i586.rpm d040b231845bf2035905fcdeec142650 9.2/SRPMS/MySQL-4.0.15-1.2.92mdk.src.rpm Mandrakelinux 9.2/AMD64: e8a1259267471c9f47b812aa80782a7f amd64/9.2/RPMS/MySQL-4.0.15-1.2.92mdk.amd64.rpm 4545590ffd9eb4995807a4c37762d966 amd64/9.2/RPMS/MySQL-Max-4.0.15-1.2.92mdk.amd64.rpm e85c26267ae0847e982b848bcae82715 amd64/9.2/RPMS/MySQL-bench-4.0.15-1.2.92mdk.amd64.rpm f1ea2226a633f792d70ecb4508a50bc2 amd64/9.2/RPMS/MySQL-client-4.0.15-1.2.92mdk.amd64.rpm 4aa99ef449ebe42466adbdbf99e2f588 amd64/9.2/RPMS/MySQL-common-4.0.15-1.2.92mdk.amd64.rpm b92a3b4fa52f27e9e92b9d8691f6bf9e amd64/9.2/RPMS/lib64mysql12-4.0.15-1.2.92mdk.amd64.rpm 410e1737c0cff17eba69081894c91bcd amd64/9.2/RPMS/lib64mysql12-devel-4.0.15-1.2.92mdk.amd64.rpm d040b231845bf2035905fcdeec142650 amd64/9.2/SRPMS/MySQL-4.0.15-1.2.92mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBhtK2mqjQ0CJFipgRAtMSAKDIv5E7k98RpCTjzSG6R2iGNt4zaQCeLP6r p5cZUZjNxjAKW833kuof644= =vUSB -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html