Your message dated Sun, 23 Dec 2007 07:52:34 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#451235: fixed in mysql-dfsg-5.0 5.0.32-7etch3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: mysql-dfsg-5.0 Version: 5.0.32-7etch1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for mysql-dfsg-5.0. CVE-2007-5925[0]: | The convert_search_mode_to_innobase function in ha_innodb.cc in the | InnoDB engine in MySQL 5.1.23-BK and earlier allows remote | authenticated users to cause a denial of service (database crash) via | a certain CONTAINS operation on an indexed column, which triggers an | assertion error. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.pgpf8AqtyXQrv.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: mysql-dfsg-5.0 Source-Version: 5.0.32-7etch3 We believe that the bug you reported is fixed in the latest version of mysql-dfsg-5.0, which is due to be installed in the Debian FTP archive: libmysqlclient15-dev_5.0.32-7etch3_i386.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb libmysqlclient15off_5.0.32-7etch3_i386.deb to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb mysql-client-5.0_5.0.32-7etch3_i386.deb to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb mysql-client_5.0.32-7etch3_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb mysql-common_5.0.32-7etch3_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb mysql-dfsg-5.0_5.0.32-7etch3.diff.gz to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz mysql-dfsg-5.0_5.0.32-7etch3.dsc to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc mysql-server-4.1_5.0.32-7etch3_i386.deb to pool/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb mysql-server-5.0_5.0.32-7etch3_i386.deb to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb mysql-server_5.0.32-7etch3_all.deb to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Norbert Tretkowski <[EMAIL PROTECTED]> (supplier of updated mysql-dfsg-5.0 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 15 Nov 2007 18:51:30 +0100 Source: mysql-dfsg-5.0 Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off Architecture: source all i386 Version: 5.0.32-7etch3 Distribution: stable-security Urgency: high Maintainer: [EMAIL PROTECTED] Changed-By: Norbert Tretkowski <[EMAIL PROTECTED]> Description: libmysqlclient15-dev - mysql database development files libmysqlclient15off - mysql database client library mysql-client - mysql database client (meta package depending on the latest versi mysql-client-5.0 - mysql database client binaries mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf) mysql-server - mysql database server (meta package depending on the latest versi mysql-server-4.1 - mysql database server (transitional package) mysql-server-5.0 - mysql database server binaries Closes: 451235 Changes: mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high . * SECURITY: Fix for CVE-2007-5925: The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. (closes: #451235) Files: 1f37ff72f1d5276c52b1adcebe796704 1117 misc optional mysql-dfsg-5.0_5.0.32-7etch3.dsc ceb5a1f5875bd86c34f1c8711fff1512 158239 misc optional mysql-dfsg-5.0_5.0.32-7etch3.diff.gz 5eab71c3e41f585dfb86f360cf9413a8 53548 misc optional mysql-common_5.0.32-7etch3_all.deb e3e2cf556bcf98b077090b9aa1551973 47306 misc optional mysql-server_5.0.32-7etch3_all.deb 8ae0496a27a9919f0ef79100a294cb5c 45228 misc optional mysql-client_5.0.32-7etch3_all.deb 1be98453fe240009dd910bb4f3ce6ecb 1793210 libs optional libmysqlclient15off_5.0.32-7etch3_i386.deb 09df50c04d87f934b021188d28a6de56 6968400 libdevel optional libmysqlclient15-dev_5.0.32-7etch3_i386.deb 2c7a41713a396c8aecedc8b924f348a1 7188116 misc optional mysql-client-5.0_5.0.32-7etch3_i386.deb 112399fe4ec962c0ed807768880a7770 25356378 misc optional mysql-server-5.0_5.0.32-7etch3_i386.deb c303c553a72e9819ea90efbd04973bbb 47336 oldlibs extra mysql-server-4.1_5.0.32-7etch3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHQm5xYrVLjBFATsMRAmFaAJ95vWGg3ZlJzrAmkrPg+raaEmydIQCfQvxD Tgoea+TGAxdx+7EwWo/22tw= =4jPH -----END PGP SIGNATURE-----
--- End Message ---