oss-sec mailing list archives

CVE request: MySQL empty bit-string literal server crash

From: Robert Buchholz <rbu () gentoo org>
Date: Tue, 9 Sep 2008 14:18:40 +0200

Hi,

we consider the following bug a security issue. I'm not sure whether 
MySQL upstream feels so as well. Quoting the ChangeLog:

  An empty bit-string literal (b'') caused a server crash. Now the value  
  is parsed as an empty bit value (which is treated as an empty string
  in string context or 0 in numeric context). (Bug#35658)


Bug:
  http://bugs.mysql.com/bug.php?id=35658

ChangeLogs:
* 5.0.66
  http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html
* 5.1.26
  http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html
* 6.0.6
  http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html


Gentoo handles this as bug 237166 [ https://bugs.gentoo.org/237166 ].


Thanks,
Robert

Attachment: signature.asc
Description: This is a digitally signed message part.

Current thread:

CVE request: MySQL empty bit-string literal server crash Robert Buchholz (Sep 09)
- Re: CVE request: MySQL empty bit-string literal server crash Steven M. Christey (Sep 09)
- Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Tomas Hoger (Sep 09)
  - Re: CVE request: MySQL incomplete fix for CVE-2008-2079 Steven M. Christey (Sep 15)