oss-sec mailing list archives
Re: CVE Request: MySQL: MyISAM temporary file issue
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 11 Sep 2014 13:42:24 -0600
On 11/09/14 01:36 PM, Ritwik Ghoshal wrote:
On 9/11/2014 1:28 AM, Sven Kieske wrote:On 10/09/14 18:00, Salvatore Bonaccorso wrote:Hi The changes for MySQL 5.5.39[1] and 5.6.20[2] contain a reference to the following issue, which could be exploited by a local user to run arbitrary code in context of the mysqld server.While I'm investigating this: Does someone happen to know in which version this vuln got introduced?A complete list of all affected-supported MySQL releases will be published via Oracle's quarterly Critical Patch Update(CPU) advisory. More information about our CPU program is available at - http://www.oracle.com/technetwork/topics/security/alerts-086861.html Thanks, -Ritwik
So you're saying you won't tell anyone until the middle of October? So we have to wait just under 3 months from the release of MySQL 5.5.39 to find out exactly what versions are affected by security flaws fixed in it? Are you serious? -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: CVE Request: MySQL: MyISAM temporary file issue, (continued)
- Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 12)
- Re: CVE Request: MySQL: MyISAM temporary file issue Marc Deslauriers (Sep 16)
- Re: CVE Request: MySQL: MyISAM temporary file issue Henri Salo (Sep 16)
- Re: CVE Request: MySQL: MyISAM temporary file issue John Haxby (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Ritwik Ghoshal (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Kurt Seifried (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Loganaden Velvindron (Sep 11)
- Re: CVE Request: MySQL: MyISAM temporary file issue Sven Kieske (Sep 12)
- Re: CVE Request: MySQL: MyISAM temporary file issue Tomas Hoger (Sep 12)