Your message dated Sun, 23 Dec 2007 07:52:34 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#451235: fixed in mysql-dfsg-5.0 5.0.32-7etch3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: mysql-dfsg-5.0
Version: 5.0.32-7etch1
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for mysql-dfsg-5.0.
CVE-2007-5925[0]:
| The convert_search_mode_to_innobase function in ha_innodb.cc in the
| InnoDB engine in MySQL 5.1.23-BK and earlier allows remote
| authenticated users to cause a denial of service (database crash) via
| a certain CONTAINS operation on an indexed column, which triggers an
| assertion error.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpf8AqtyXQrv.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: mysql-dfsg-5.0
Source-Version: 5.0.32-7etch3
We believe that the bug you reported is fixed in the latest version of
mysql-dfsg-5.0, which is due to be installed in the Debian FTP archive:
libmysqlclient15-dev_5.0.32-7etch3_i386.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.32-7etch3_i386.deb
libmysqlclient15off_5.0.32-7etch3_i386.deb
to pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.32-7etch3_i386.deb
mysql-client-5.0_5.0.32-7etch3_i386.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.32-7etch3_i386.deb
mysql-client_5.0.32-7etch3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.32-7etch3_all.deb
mysql-common_5.0.32-7etch3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.32-7etch3_all.deb
mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
mysql-dfsg-5.0_5.0.32-7etch3.dsc
to pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.32-7etch3.dsc
mysql-server-4.1_5.0.32-7etch3_i386.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server-4.1_5.0.32-7etch3_i386.deb
mysql-server-5.0_5.0.32-7etch3_i386.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.32-7etch3_i386.deb
mysql-server_5.0.32-7etch3_all.deb
to pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.32-7etch3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Norbert Tretkowski <[EMAIL PROTECTED]> (supplier of updated mysql-dfsg-5.0
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 15 Nov 2007 18:51:30 +0100
Source: mysql-dfsg-5.0
Binary: libmysqlclient15-dev mysql-client mysql-client-5.0 mysql-server
mysql-server-4.1 mysql-server-5.0 mysql-common libmysqlclient15off
Architecture: source all i386
Version: 5.0.32-7etch3
Distribution: stable-security
Urgency: high
Maintainer: [EMAIL PROTECTED]
Changed-By: Norbert Tretkowski <[EMAIL PROTECTED]>
Description:
libmysqlclient15-dev - mysql database development files
libmysqlclient15off - mysql database client library
mysql-client - mysql database client (meta package depending on the latest
versi
mysql-client-5.0 - mysql database client binaries
mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
mysql-server - mysql database server (meta package depending on the latest
versi
mysql-server-4.1 - mysql database server (transitional package)
mysql-server-5.0 - mysql database server binaries
Closes: 451235
Changes:
mysql-dfsg-5.0 (5.0.32-7etch3) stable-security; urgency=high
.
* SECURITY:
Fix for CVE-2007-5925: The convert_search_mode_to_innobase function in
ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows
remote authenticated users to cause a denial of service (database crash)
via a certain CONTAINS operation on an indexed column, which triggers an
assertion error. (closes: #451235)
Files:
1f37ff72f1d5276c52b1adcebe796704 1117 misc optional
mysql-dfsg-5.0_5.0.32-7etch3.dsc
ceb5a1f5875bd86c34f1c8711fff1512 158239 misc optional
mysql-dfsg-5.0_5.0.32-7etch3.diff.gz
5eab71c3e41f585dfb86f360cf9413a8 53548 misc optional
mysql-common_5.0.32-7etch3_all.deb
e3e2cf556bcf98b077090b9aa1551973 47306 misc optional
mysql-server_5.0.32-7etch3_all.deb
8ae0496a27a9919f0ef79100a294cb5c 45228 misc optional
mysql-client_5.0.32-7etch3_all.deb
1be98453fe240009dd910bb4f3ce6ecb 1793210 libs optional
libmysqlclient15off_5.0.32-7etch3_i386.deb
09df50c04d87f934b021188d28a6de56 6968400 libdevel optional
libmysqlclient15-dev_5.0.32-7etch3_i386.deb
2c7a41713a396c8aecedc8b924f348a1 7188116 misc optional
mysql-client-5.0_5.0.32-7etch3_i386.deb
112399fe4ec962c0ed807768880a7770 25356378 misc optional
mysql-server-5.0_5.0.32-7etch3_i386.deb
c303c553a72e9819ea90efbd04973bbb 47336 oldlibs extra
mysql-server-4.1_5.0.32-7etch3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHQm5xYrVLjBFATsMRAmFaAJ95vWGg3ZlJzrAmkrPg+raaEmydIQCfQvxD
Tgoea+TGAxdx+7EwWo/22tw=
=4jPH
-----END PGP SIGNATURE-----
--- End Message ---
