MDVSA-2010:155

Package name
mysql
Date
2010-08-20
Advisory ID
MDVSA-2010:155
Affected versions
2010.1 x86_64 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586

Problem description

Multiple vulnerabilities has been found and corrected in mysql:

MySQL before 5.1.48 allows remote authenticated users with alter
database privileges to cause a denial of service (server crash
and database loss) via an ALTER DATABASE command with a #mysql50#
string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or
similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which
causes MySQL to move certain directories to the server data directory
(CVE-2010-2008).

Additionally many security issues noted in the 5.1.49 release notes
has been addressed with this advisory as well, such as:

* LOAD DATA INFILE did not check for SQL errors and sent an OK packet
even when errors were already reported. Also, an assert related to
client-server protocol checking in debug servers sometimes was raised
when it should not have been. (Bug#52512) (CVE-2010-3683)

* Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER
BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711)
(CVE-2010-3682)

* The server could crash if there were alternate reads from two indexes
on a table using the HANDLER interface. (Bug#54007) (CVE-2010-3681)

* A malformed argument to the BINLOG statement could result in Valgrind
warnings or a server crash. (Bug#54393) (CVE-2010-3679)

* Incorrect handling of NULL arguments could lead to a crash for IN()
or CASE operations when NULL arguments were either passed explicitly
as arguments (for IN()) or implicitly generated by the WITH ROLLUP
modifier (for IN() and CASE). (Bug#54477) (CVE-2010-3678)

* Joins involving a table with with a unique SET column could cause
a server crash. (Bug#54575) (CVE-2010-3677)

* Use of TEMPORARY InnoDB tables with nullable columns could cause
a server crash. (Bug#54044) (CVE-2010-3680)

The updated packages have been patched to correct these issues.

Updated packages

2010.1 x86_64

 937f600c8f2ba9e76da5fc3b817106f7  2010.1/x86_64/lib64mysql16-5.1.46-4.1mdv2010.1.x86_64.rpm
 5c504645dd2944a1fc894fef5f9960c6  2010.1/x86_64/lib64mysql-devel-5.1.46-4.1mdv2010.1.x86_64.rpm
 a9e3f0fd47eb4c3064675b99d92874bd  2010.1/x86_64/lib64mysql-static-devel-5.1.46-4.1mdv2010.1.x86_64.rpm
 693048d4d8d9b5608bbf5ba781701195  2010.1/x86_64/mysql-5.1.46-4.1mdv2010.1.x86_64.rpm
 5a8b8519ab0002bf676abb0f912fab24  2010.1/x86_64/mysql-bench-5.1.46-4.1mdv2010.1.x86_64.rpm
 64b96e2ba5f040d98efe3c8057876873  2010.1/x86_64/mysql-client-5.1.46-4.1mdv2010.1.x86_64.rpm
 db25c98330349452f20edbb74b5e82b4  2010.1/x86_64/mysql-common-5.1.46-4.1mdv2010.1.x86_64.rpm
 e06e683b1ca6ed4def6e03cfc13569ae  2010.1/x86_64/mysql-common-core-5.1.46-4.1mdv2010.1.x86_64.rpm
 0a6801cf988f8a0d6cd7b24ba8a12c4a  2010.1/x86_64/mysql-core-5.1.46-4.1mdv2010.1.x86_64.rpm
 63c665a719242eab65168ec1dfcbc767  2010.1/x86_64/mysql-plugin_pbxt-1.0.10-13.1mdv2010.1.x86_64.rpm
 57498e5bfa7e9c89774321f68308beb6  2010.1/x86_64/mysql-plugin_pinba-0.0.5-13.1mdv2010.1.x86_64.rpm
 df8ec7acf48ae5e1d5263548594e7439  2010.1/x86_64/mysql-plugin_revision-0.1-13.1mdv2010.1.x86_64.rpm
 a048ac261564614081ab2f7296cf74be  2010.1/x86_64/mysql-plugin_sphinx-0.9.9-13.1mdv2010.1.x86_64.rpm
 9655f023de18252ad567604460f635fb  2010.1/x86_64/mysql-plugin_spider-2.13-13.1mdv2010.1.x86_64.rpm 
 fa916f4e032d28a6e0c8036026db9a26  2010.1/SRPMS/mysql-5.1.46-4.1mdv2010.1.src.rpm

2010.1 i586

 9b26917d3f8a0867796ed4b0abf3b593  2010.1/i586/libmysql16-5.1.46-4.1mdv2010.1.i586.rpm
 a66497934fc6a7f6ddedb23b377f30eb  2010.1/i586/libmysql-devel-5.1.46-4.1mdv2010.1.i586.rpm
 4f576adb88c4059dc6a032b6def9d3c7  2010.1/i586/libmysql-static-devel-5.1.46-4.1mdv2010.1.i586.rpm
 fc09d0963ef6137b890cebc3f2bcfb7f  2010.1/i586/mysql-5.1.46-4.1mdv2010.1.i586.rpm
 6c380457de4d14b2fb5c2bb9d7ccef2a  2010.1/i586/mysql-bench-5.1.46-4.1mdv2010.1.i586.rpm
 abe986ae0c4f41a836aa41e1994a2bf7  2010.1/i586/mysql-client-5.1.46-4.1mdv2010.1.i586.rpm
 7b91ade7f6ca9849cbc575d2c4509351  2010.1/i586/mysql-common-5.1.46-4.1mdv2010.1.i586.rpm
 8d426b99b7a65269f64366f2deb9a955  2010.1/i586/mysql-common-core-5.1.46-4.1mdv2010.1.i586.rpm
 050e1d41c7c8923a6b66fc954962dc73  2010.1/i586/mysql-core-5.1.46-4.1mdv2010.1.i586.rpm
 9d92266b348047b2d5c2314320a81453  2010.1/i586/mysql-plugin_pbxt-1.0.10-13.1mdv2010.1.i586.rpm
 46b4f2dd48c3b4c976ec32f497e64eec  2010.1/i586/mysql-plugin_pinba-0.0.5-13.1mdv2010.1.i586.rpm
 d68b654e70ae110b4fd39f8025fa2826  2010.1/i586/mysql-plugin_revision-0.1-13.1mdv2010.1.i586.rpm
 812f10b106f16d9f38f6b69bcda22d9c  2010.1/i586/mysql-plugin_sphinx-0.9.9-13.1mdv2010.1.i586.rpm
 45a49833d1714319fa9236190dfa2390  2010.1/i586/mysql-plugin_spider-2.13-13.1mdv2010.1.i586.rpm 
 fa916f4e032d28a6e0c8036026db9a26  2010.1/SRPMS/mysql-5.1.46-4.1mdv2010.1.src.rpm

2010.0 x86_64

 dfa125382cbe6a86a3e2747c40e80556  2010.0/x86_64/lib64mysql16-5.1.42-0.6mdv2010.0.x86_64.rpm
 968922e7d30ad10adc07e494df043f65  2010.0/x86_64/lib64mysql-devel-5.1.42-0.6mdv2010.0.x86_64.rpm
 6fc264fa829f9e1843bfe1fa2034b7c7  2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.6mdv2010.0.x86_64.rpm
 13b2e24a215b63f36eb530b352a67ad3  2010.0/x86_64/mysql-5.1.42-0.6mdv2010.0.x86_64.rpm
 e32753015f97d63a4bc07e88d9823250  2010.0/x86_64/mysql-bench-5.1.42-0.6mdv2010.0.x86_64.rpm
 c06b10d407d93365d728eacecf54ae2b  2010.0/x86_64/mysql-client-5.1.42-0.6mdv2010.0.x86_64.rpm
 f89dc39e6cc7a5c4e567f8c92cff9c5d  2010.0/x86_64/mysql-common-5.1.42-0.6mdv2010.0.x86_64.rpm
 8983a954ac90e6f57b3b6b93dd5a390d  2010.0/x86_64/mysql-common-core-5.1.42-0.6mdv2010.0.x86_64.rpm
 d656b12ce58632088b1156685f5e02ed  2010.0/x86_64/mysql-core-5.1.42-0.6mdv2010.0.x86_64.rpm
 233eedc8496ebcc87fd816e2a571c800  2010.0/x86_64/mysql-doc-5.1.42-0.6mdv2010.0.x86_64.rpm
 8eab7f59e2cd28e04e2fac6b27b248e3  2010.0/x86_64/mysql-max-5.1.42-0.6mdv2010.0.x86_64.rpm
 4b3c37814d862cbbce00af6fa9c84e0f  2010.0/x86_64/mysql-ndb-extra-5.1.42-0.6mdv2010.0.x86_64.rpm
 cb105cd46742d7c16f60197a7a7d5164  2010.0/x86_64/mysql-ndb-management-5.1.42-0.6mdv2010.0.x86_64.rpm
 1405a62c2ed606a611e9ea05323c17d2  2010.0/x86_64/mysql-ndb-storage-5.1.42-0.6mdv2010.0.x86_64.rpm
 9fe486a7b2aeacb8f44e1254538a4bbf  2010.0/x86_64/mysql-ndb-tools-5.1.42-0.6mdv2010.0.x86_64.rpm 
 9a02ff536f50d0dec97097d94d24c7e6  2010.0/SRPMS/mysql-5.1.42-0.6mdv2010.0.src.rpm

2010.0 i586

 e0181e6f02a4d75da4844afb468a2272  2010.0/i586/libmysql16-5.1.42-0.6mdv2010.0.i586.rpm
 90babf8758412eedecb7eb6c9881d1a9  2010.0/i586/libmysql-devel-5.1.42-0.6mdv2010.0.i586.rpm
 217ebcccf4b1af0701bdcf042165be12  2010.0/i586/libmysql-static-devel-5.1.42-0.6mdv2010.0.i586.rpm
 6b1a9b256eb1d1449609a9e914f7664e  2010.0/i586/mysql-5.1.42-0.6mdv2010.0.i586.rpm
 7add987091592e974e8ae64994c82313  2010.0/i586/mysql-bench-5.1.42-0.6mdv2010.0.i586.rpm
 a13c5bb98abb9aba82fb80dcb27e2752  2010.0/i586/mysql-client-5.1.42-0.6mdv2010.0.i586.rpm
 8b2847d65735c38458c77153072a281e  2010.0/i586/mysql-common-5.1.42-0.6mdv2010.0.i586.rpm
 86567fb759318246336f7077d6c13709  2010.0/i586/mysql-common-core-5.1.42-0.6mdv2010.0.i586.rpm
 e8a3c6e59eb5321d13ad1a863465f6ef  2010.0/i586/mysql-core-5.1.42-0.6mdv2010.0.i586.rpm
 b54c2338358f35dfb1292d615583ea2a  2010.0/i586/mysql-doc-5.1.42-0.6mdv2010.0.i586.rpm
 1b4987ab9f81a4c0cd8e44e2bb2433c4  2010.0/i586/mysql-max-5.1.42-0.6mdv2010.0.i586.rpm
 38c17d5f3d550d81dc14f38b7a5dc73d  2010.0/i586/mysql-ndb-extra-5.1.42-0.6mdv2010.0.i586.rpm
 75cde53e6cc55176915cdd510419052c  2010.0/i586/mysql-ndb-management-5.1.42-0.6mdv2010.0.i586.rpm
 522dd59860efcf76b2ecbd598e1fbba4  2010.0/i586/mysql-ndb-storage-5.1.42-0.6mdv2010.0.i586.rpm
 a2fbac8608bd716b13b24644fc4e28c5  2010.0/i586/mysql-ndb-tools-5.1.42-0.6mdv2010.0.i586.rpm 
 9a02ff536f50d0dec97097d94d24c7e6  2010.0/SRPMS/mysql-5.1.42-0.6mdv2010.0.src.rpm

References