This bug was fixed in the package mysql-5.5 - 5.5.25-0ubuntu1
---
mysql-5.5 (5.5.25-0ubuntu1) quantal; urgency=low
* New upstream release (LP: #1011371, LP: #986892)
* d/rules: change get-orig-source to pull from a working mirror.
* d/control: Build with default compiler
FYI, I can only reproduce CVE-2012-2122 on real hardware that supports
SSE4. Oneiric and higher, amd64 only.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371
Title:
mysql
Regarding #2:
You're right. I've tried on identical 12.04 LTS 64bit.
Vulnurable on Xeon E5654
Not vulnurable on Xeon E5345
Both machines are paravirtualizes Xen DomU, so it looks like the system is
vulnurable by the availability of sse4 only. It looks like the existence of
Xen
12.04 http://shelr.tv/records/4fd6173a966080489418
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1011371
Title:
mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug
To
This bug was fixed in the package mysql-dfsg-5.0 - 5.0.96-0ubuntu3
---
mysql-dfsg-5.0 (5.0.96-0ubuntu3) hardy-security; urgency=low
* SECURITY UPDATE: authentication bypass (LP: #1011371)
- debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
in
This bug was fixed in the package mysql-5.5 - 5.5.24-0ubuntu0.12.04.1
---
mysql-5.5 (5.5.24-0ubuntu0.12.04.1) precise-security; urgency=low
* SECURITY UPDATE: Update to 5.5.24 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
--
This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.10.1
---
mysql-5.1 (5.1.63-0ubuntu0.11.10.1) oneiric-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
--
This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.04.1
---
mysql-5.1 (5.1.63-0ubuntu0.11.04.1) natty-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
-- Marc
This bug was fixed in the package mysql-dfsg-5.1 -
5.1.63-0ubuntu0.10.04.1
---
mysql-dfsg-5.1 (5.1.63-0ubuntu0.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
-
** Branch linked: lp:ubuntu/hardy-security/mysql-dfsg-5.0
** Branch linked: lp:ubuntu/lucid-security/mysql-dfsg-5.1
** Branch linked: lp:ubuntu/natty-security/mysql-5.1
** Branch linked: lp:ubuntu/oneiric-security/mysql-5.1
** Branch linked: lp:ubuntu/precise-security/mysql-5.5
--
You
bug #64884 is CVE-2012-2122
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Importance: Undecided = High
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Status: New = Confirmed
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed
11 matches
Mail list logo