mysql-5.1 (5.1.49-1ubuntu8.1) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect propagation of type
errors.
- debian/patches/61_CVE-2010-3833.dpatch: properly check for execution
errors in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3833
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/61_CVE-2010-3834.dpatch: handle temporary tables in
sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via user-variable assignment
expression.
- debian/patches/61_CVE-2010-3835.dpatch: fix logic in sql/item_func.*,
Add tests to mysql-test/*.
- CVE-2010-3835
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/61_CVE-2010-3836.dpatch: make sure we're not in view
preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/61_CVE-2010-3837.dpatch: create a copy of the order
structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/61_CVE-2010-3838.dpatch: handle REAL_RESULT in
sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via certain queries with nested
joins.
- debian/patches/61_CVE-2010-3839.dpatch: fix nesting in
sql/sql_select.cc. Add tests to mysql-test/*.
- CVE-2010-3839
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/61_CVE-2010-3840.dpatch: improve data handling in
sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
* debian/patches/62_disable_longfilename_test.dpatch: disable the
partition_rename_longfilename test as it fails when building with
sbuild and schroots.
Date: Tue, 09 Nov 2010 12:58:03 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/maverick/+source/mysql-5.1/5.1.49-1ubuntu8.1
Format: 1.8
Date: Tue, 09 Nov 2010 12:58:03 -0500
Source: mysql-5.1
Binary: libmysqlclient16 libmysqlclient16-dev libmysqld-pic libmysqld-dev
libmysqlclient-dev mysql-common mysql-client-core-5.1 mysql-client-5.1
mysql-server-core-5.1 mysql-server-5.1 mysql-server mysql-client mysql-testsuite
Architecture: source
Version: 5.1.49-1ubuntu8.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
libmysqlclient-dev - MySQL database development files
libmysqlclient16 - MySQL database client library
libmysqlclient16-dev - MySQL database development files - empty transitional
package
libmysqld-dev - MySQL embedded database development files
libmysqld-pic - MySQL database development files
mysql-client - MySQL database client (metapackage depending on the latest
versio
mysql-client-5.1 - MySQL database client binaries
mysql-client-core-5.1 - MySQL database core client binaries
mysql-common - MySQL database common files, e.g. /etc/mysql/my.cnf
mysql-server - MySQL database server (metapackage depending on the latest
versio
mysql-server-5.1 - MySQL database server binaries and system database setup
mysql-server-core-5.1 - MySQL database server binaries
mysql-testsuite - MySQL testsuite
Changes:
mysql-5.1 (5.1.49-1ubuntu8.1) maverick-security; urgency=low
.
* SECURITY UPDATE: denial of service via incorrect propagation of type
errors.
- debian/patches/61_CVE-2010-3833.dpatch: properly check for execution
errors in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3833
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/61_CVE-2010-3834.dpatch: handle temporary tables in
sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via user-variable assignment
expression.
- debian/patches/61_CVE-2010-3835.dpatch: fix logic in sql/item_func.*,
Add tests to mysql-test/*.
- CVE-2010-3835
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/61_CVE-2010-3836.dpatch: make sure we're not in view
preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/61_CVE-2010-3837.dpatch: create a copy of the order
structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/61_CVE-2010-3838.dpatch: handle REAL_RESULT in
sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via certain queries with nested
joins.
- debian/patches/61_CVE-2010-3839.dpatch: fix nesting in
sql/sql_select.cc. Add tests to mysql-test/*.
- CVE-2010-3839
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/61_CVE-2010-3840.dpatch: improve data handling in
sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
* debian/patches/62_disable_longfilename_test.dpatch: disable the
partition_rename_longfilename test as it fails when building with
sbuild and schroots.
Checksums-Sha1:
91cec68c3ddeeb1e41ef91f3e01f1eea8d372538 2515 mysql-5.1_5.1.49-1ubuntu8.1.dsc
fb3dddc505964c3cc57c12a4a2b7a489281a5fbf 305493
mysql-5.1_5.1.49-1ubuntu8.1.diff.gz
Checksums-Sha256:
c5cf8315152a80808c7c29d4bd081982c447a9622a9e7c16c2cf9c7c656b1505 2515
mysql-5.1_5.1.49-1ubuntu8.1.dsc
dcdf4bc78e9f68b2bca00adc7dc130373093def3237da9d9713017c949c7c8ce 305493
mysql-5.1_5.1.49-1ubuntu8.1.diff.gz
Files:
8ab9c7f2d21ffb997084059c810c5fdf 2515 database optional
mysql-5.1_5.1.49-1ubuntu8.1.dsc
bf1401a668e17d2fe8968b3eb5e972cd 305493 database optional
mysql-5.1_5.1.49-1ubuntu8.1.diff.gz
Original-Maintainer: Debian MySQL Maintainers
<[email protected]>
--
Maverick-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/maverick-changes
