bug #64884 is CVE-2012-2122
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Importance: Undecided => High
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Status: New => Confirmed
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Chang
FYI, I can only reproduce CVE-2012-2122 on real hardware that supports
SSE4. Oneiric and higher, amd64 only.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1011371
Title:
mysql 5.5.24, 5.1.63, 5.0.x
Regarding #2:
You're right. I've tried on identical 12.04 LTS 64bit.
Vulnurable on Xeon E5654
Not vulnurable on Xeon E5345
Both machines are paravirtualizes Xen DomU, so it looks like the system is
vulnurable by the availability of sse4 only. It looks like the existence of
Xen virtualizationlay
12.04 http://shelr.tv/records/4fd6173a966080489418
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1011371
Title:
mysql 5.5.24, 5.1.63, 5.0.x security update tracking bug
To manage notifications
This bug was fixed in the package mysql-dfsg-5.0 - 5.0.96-0ubuntu3
---
mysql-dfsg-5.0 (5.0.96-0ubuntu3) hardy-security; urgency=low
* SECURITY UPDATE: authentication bypass (LP: #1011371)
- debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
in sql/password
This bug was fixed in the package mysql-5.5 - 5.5.24-0ubuntu0.12.04.1
---
mysql-5.5 (5.5.24-0ubuntu0.12.04.1) precise-security; urgency=low
* SECURITY UPDATE: Update to 5.5.24 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
-- Mar
This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.10.1
---
mysql-5.1 (5.1.63-0ubuntu0.11.10.1) oneiric-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
-- Mar
This bug was fixed in the package mysql-5.1 - 5.1.63-0ubuntu0.11.04.1
---
mysql-5.1 (5.1.63-0ubuntu0.11.04.1) natty-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
-- Marc
This bug was fixed in the package mysql-dfsg-5.1 -
5.1.63-0ubuntu0.10.04.1
---
mysql-dfsg-5.1 (5.1.63-0ubuntu0.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: Update to 5.1.63 to fix security issues (LP: #1011371)
- http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
** Branch linked: lp:ubuntu/hardy-security/mysql-dfsg-5.0
** Branch linked: lp:ubuntu/lucid-security/mysql-dfsg-5.1
** Branch linked: lp:ubuntu/natty-security/mysql-5.1
** Branch linked: lp:ubuntu/oneiric-security/mysql-5.1
** Branch linked: lp:ubuntu/precise-security/mysql-5.5
--
You receive
This bug was fixed in the package mysql-5.5 - 5.5.25-0ubuntu1
---
mysql-5.5 (5.5.25-0ubuntu1) quantal; urgency=low
* New upstream release (LP: #1011371, LP: #986892)
* d/rules: change get-orig-source to pull from a working mirror.
* d/control: Build with default compiler instead
11 matches
Mail list logo