oss-sec mailing list archives

Re: CVE Request: MySQL: MyISAM temporary file issue

From: Ritwik Ghoshal <ritwik.ghoshal () oracle com>
Date: Thu, 11 Sep 2014 12:40:39 -0700

On 9/11/2014 3:14 AM, John Haxby wrote:

On 11/09/14 09:22, Sven Kieske wrote:


On 10/09/14 18:00, Salvatore Bonaccorso wrote:

MyISAM temporary files could be used to mount a code-execution attack.
(Bug #18045646).

Funny enough, when you search for this bug on bugs.mysql.com you get:

http://bugs.mysql.com/bug.php?id=18045646

"No such bug #18045646 or bug is referenced in the Oracle bug system."

Is this marked as private or something like that? Even if it's public
now?


It's probably marked as a security bug so only those people with a need
to know can see it, even though it's public.


Yes, information about security bug is private. Also 18045646 is an
internal tracking ID.

Thanks,
-Ritwik

Current thread:

Re: CVE Request: MySQL: MyISAM temporary file issue, (continued)
- Re: CVE Request: MySQL: MyISAM temporary file issue Kurt Seifried (Sep 10)
  - Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 10)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 10)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 12)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Marc Deslauriers (Sep 16)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Henri Salo (Sep 16)
- Re: CVE Request: MySQL: MyISAM temporary file issue Sven Kieske (Sep 11)
  - Re: CVE Request: MySQL: MyISAM temporary file issue John Haxby (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
  - Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Sven Kieske (Sep 11)
  - Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Kurt Seifried (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Loganaden Velvindron (Sep 11)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Sven Kieske (Sep 12)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 12)
    - Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 12)