Multiple MySQL bugs

[Rain Forest Puppy <rfp () vulnwatch org>]

http://www.mysql.com/doc/en/News-3.23.54.html

Below is a few snippets from the MySQL changelog:


- Fixed a bug, that allowed to crash mysqld with a specially crafted
packet.

- Fixed a rare crash (double free'd pointer) when altering a temporary
table.

- Fixed buffer overrun in libmysqlclient library that allowed malicious
MySQL server to crash the client application.

- Fixed security-related bug in mysql_change_user() handling. All users
are strongly recommended to upgrade to the version 3.23.54.


Also of note is that the newly released MySQL 4.1 (alpha) series now has
support for subselects.  That means SQL tampering with MySQL just got more
interesting, as you can now run additional queries if you craft your SQL
carefully.  Prior to version 4.1 you were only limited to manipulated the
current query, which usually didn't produce a lot of interesting stuff
(besides the occasional 'INTO OUTFILE' or '1==1' clauses).

- rfp