oss-sec mailing list archives
Re: CVE Request - MySQL - 5.0.88
From: Josh Bressers <bressers () redhat com>
Date: Mon, 23 Nov 2009 16:26:33 -0500 (EST)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:
MySQL upstream has released latest 5.0.88 version of their Community Server, fixing one security issue: * Error handling was missing for SELECT statements containing subqueries in the WHERE clause and that assigned a SELECT result to a user variable. The server could crash as a result. (Bug#48291: http://bugs.mysql.com/48291) This looks to be from adjacent network exploitable mysqld DoS. * If the first argument to GeomFromWKB() function was a geometry value, the function just returned its value. However, it failed to preserve the argument's null_value flag, which caused an unexpected NULL value to be returned to the caller, resulting in a server crash. (Bug#47780: http://bugs.mysql.com/47780) Same case as the above, though I can't look into upstream MySQL bugs to confirm or disprove it. Thus Cc-ed Sergei Golubchik on this mail.
Let's group these two together. This also appears to affect MySQL versions before 5.1.41 5.0.88. CVE-2009-4019 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html http://bugs.mysql.com/47780 http://bugs.mysql.com/48291 -- JB
Current thread:
- CVE Request - MySQL - 5.0.88 Jan Lieskovsky (Nov 21)
- Re: CVE Request - MySQL - 5.0.88 Sergei Golubchik (Nov 21)
- Re: CVE Request - MySQL - 5.0.88 Josh Bressers (Nov 23)