Package name
mysql
Date
2010-02-19
Advisory ID
MDVSA-2010:044
Affected versions
2009.1 i586 , 2009.1 x86_64 , 2010.0 x86_64 , 2010.0 i586

Problem description

A vulnerabilitiy has been found and corrected in mysql:

MySQL is vulnerable to a symbolic link attack when the data home
directory contains a symlink to a different filesystem which allows
remote authenticated users to bypass intended access restrictions
(CVE-2008-7247).

The updated packages have been patched to correct these issues.

Updated packages

2009.1 i586

 2f0b2aa01447c698f4c98a0456a1c69c  2009.1/i586/libmysql16-5.1.42-0.2mdv2009.1.i586.rpm
 8b524729396bbb6208a782804dea5548  2009.1/i586/libmysql-devel-5.1.42-0.2mdv2009.1.i586.rpm
 8bc0a6b0dc6193de2a12c19bba494de4  2009.1/i586/libmysql-static-devel-5.1.42-0.2mdv2009.1.i586.rpm
 44fade6ed7091d45cb982c90c9967b78  2009.1/i586/mysql-5.1.42-0.2mdv2009.1.i586.rpm
 2ce15b99962625064261eab3642bcf59  2009.1/i586/mysql-bench-5.1.42-0.2mdv2009.1.i586.rpm
 b847bd3413b5b969010defab4e5a40fa  2009.1/i586/mysql-client-5.1.42-0.2mdv2009.1.i586.rpm
 74f09051aaa94cb2ca8c9ddb59953eba  2009.1/i586/mysql-common-5.1.42-0.2mdv2009.1.i586.rpm
 a184d26f07c87eaa3ef7287b2a855d98  2009.1/i586/mysql-doc-5.1.42-0.2mdv2009.1.i586.rpm
 73830cb1bbbe377eeea1df07264c8ef5  2009.1/i586/mysql-max-5.1.42-0.2mdv2009.1.i586.rpm
 66824bb460b0297a77a8746ed78cbe99  2009.1/i586/mysql-ndb-extra-5.1.42-0.2mdv2009.1.i586.rpm
 59c3dec9fa4dbbc7a885836245a4078e  2009.1/i586/mysql-ndb-management-5.1.42-0.2mdv2009.1.i586.rpm
 ae978fcfedd8fae37b8817f10880b419  2009.1/i586/mysql-ndb-storage-5.1.42-0.2mdv2009.1.i586.rpm
 ba3da7eb5d0956150a56a3344e3ba55f  2009.1/i586/mysql-ndb-tools-5.1.42-0.2mdv2009.1.i586.rpm 
 ce22c4431b749422be94f25069d994a0  2009.1/SRPMS/mysql-5.1.42-0.2mdv2009.1.src.rpm

2009.1 x86_64

 62ff0176e3ddef7aafbdf750f25b47f8  2009.1/x86_64/lib64mysql16-5.1.42-0.2mdv2009.1.x86_64.rpm
 6fbcf2099750cf81ee3452ed5ac0787f  2009.1/x86_64/lib64mysql-devel-5.1.42-0.2mdv2009.1.x86_64.rpm
 53d08e3fbd79cea4ed26ff65add9765f  2009.1/x86_64/lib64mysql-static-devel-5.1.42-0.2mdv2009.1.x86_64.rpm
 065ad0b6772ed3b7525f30cc82bbc435  2009.1/x86_64/mysql-5.1.42-0.2mdv2009.1.x86_64.rpm
 bf07278c7ed2093b6af63972153bfff6  2009.1/x86_64/mysql-bench-5.1.42-0.2mdv2009.1.x86_64.rpm
 78b190af22f530856839d81b7409af5a  2009.1/x86_64/mysql-client-5.1.42-0.2mdv2009.1.x86_64.rpm
 645331fd75cb84ac64c386c61c190cc5  2009.1/x86_64/mysql-common-5.1.42-0.2mdv2009.1.x86_64.rpm
 01b2309cbd090ef9c3fc6fbc69f7a754  2009.1/x86_64/mysql-doc-5.1.42-0.2mdv2009.1.x86_64.rpm
 1448a5f6b87f94afb0f8a6e9d84f1ac1  2009.1/x86_64/mysql-max-5.1.42-0.2mdv2009.1.x86_64.rpm
 6ba14cb108e5bebbf24a92cb5c6f7ebe  2009.1/x86_64/mysql-ndb-extra-5.1.42-0.2mdv2009.1.x86_64.rpm
 0e759f206b3da3385ef85574353ed9e4  2009.1/x86_64/mysql-ndb-management-5.1.42-0.2mdv2009.1.x86_64.rpm
 5af588ba15272f44e0b572a6b4e52478  2009.1/x86_64/mysql-ndb-storage-5.1.42-0.2mdv2009.1.x86_64.rpm
 d6261440010c074d295bb851f9146a9a  2009.1/x86_64/mysql-ndb-tools-5.1.42-0.2mdv2009.1.x86_64.rpm 
 ce22c4431b749422be94f25069d994a0  2009.1/SRPMS/mysql-5.1.42-0.2mdv2009.1.src.rpm

2010.0 x86_64

 ea556322b3f13413e7d04563d4d5e7eb  2010.0/x86_64/lib64mysql16-5.1.42-0.2mdv2010.0.x86_64.rpm
 aaf281480d6d0151e55f29bc3ef46005  2010.0/x86_64/lib64mysql-devel-5.1.42-0.2mdv2010.0.x86_64.rpm
 c1f73b5b14ad2ed5bac67ceed030f2af  2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.2mdv2010.0.x86_64.rpm
 1b343c72fbb285e315019d710d9af791  2010.0/x86_64/mysql-5.1.42-0.2mdv2010.0.x86_64.rpm
 487b5275268598c2251e052de5547942  2010.0/x86_64/mysql-bench-5.1.42-0.2mdv2010.0.x86_64.rpm
 0754d67fbb00d2b605118aa054e3accc  2010.0/x86_64/mysql-client-5.1.42-0.2mdv2010.0.x86_64.rpm
 ea39b9654fb2180cea2d4a0cf893679a  2010.0/x86_64/mysql-common-5.1.42-0.2mdv2010.0.x86_64.rpm
 332ffbed9bc8e5cd63826d9155e4162b  2010.0/x86_64/mysql-common-core-5.1.42-0.2mdv2010.0.x86_64.rpm
 00850c47b9f2517ed3eee285458398d2  2010.0/x86_64/mysql-core-5.1.42-0.2mdv2010.0.x86_64.rpm
 a65c273a6be0bba6dee7ba920f018be1  2010.0/x86_64/mysql-doc-5.1.42-0.2mdv2010.0.x86_64.rpm
 c2b187a16cedc2bcadd056820d910a88  2010.0/x86_64/mysql-max-5.1.42-0.2mdv2010.0.x86_64.rpm
 fe01b52c852b9fd1ab4651c947216be6  2010.0/x86_64/mysql-ndb-extra-5.1.42-0.2mdv2010.0.x86_64.rpm
 77f4079a5c81d128519ed5d80150b0be  2010.0/x86_64/mysql-ndb-management-5.1.42-0.2mdv2010.0.x86_64.rpm
 982b7cbaf4751e34067a45003e153adf  2010.0/x86_64/mysql-ndb-storage-5.1.42-0.2mdv2010.0.x86_64.rpm
 75a9f93fdefc6f79018cc067a59e486a  2010.0/x86_64/mysql-ndb-tools-5.1.42-0.2mdv2010.0.x86_64.rpm 
 12f6c61720238739fcdd90db0fb51b4f  2010.0/SRPMS/mysql-5.1.42-0.2mdv2010.0.src.rpm

2010.0 i586

 44b895dce7ed6d97a834aff3406a3ccd  2010.0/i586/libmysql16-5.1.42-0.2mdv2010.0.i586.rpm
 4cee478e44331238abdd640aa703b157  2010.0/i586/libmysql-devel-5.1.42-0.2mdv2010.0.i586.rpm
 f962b485ef111348268290c8be76b29b  2010.0/i586/libmysql-static-devel-5.1.42-0.2mdv2010.0.i586.rpm
 61c112619ffd8a3552a6ecf63970f051  2010.0/i586/mysql-5.1.42-0.2mdv2010.0.i586.rpm
 062691f1e77e30bffaea73094b4d0413  2010.0/i586/mysql-bench-5.1.42-0.2mdv2010.0.i586.rpm
 056c73a5e74c319f4539768c94d73c4e  2010.0/i586/mysql-client-5.1.42-0.2mdv2010.0.i586.rpm
 7624c659c4a3da88e03225999de01469  2010.0/i586/mysql-common-5.1.42-0.2mdv2010.0.i586.rpm
 30f34758e898a4a4dcc93d0c1bcb6192  2010.0/i586/mysql-common-core-5.1.42-0.2mdv2010.0.i586.rpm
 cb06e6cf42509662b05e26e087c52d41  2010.0/i586/mysql-core-5.1.42-0.2mdv2010.0.i586.rpm
 3438d54da48beb3d0380b53a0b78b8cd  2010.0/i586/mysql-doc-5.1.42-0.2mdv2010.0.i586.rpm
 c4e2fdc5c0d725cd177b2dcd884d7743  2010.0/i586/mysql-max-5.1.42-0.2mdv2010.0.i586.rpm
 f28ece33328a9b3270a1deee90d7cb3f  2010.0/i586/mysql-ndb-extra-5.1.42-0.2mdv2010.0.i586.rpm
 43f9b3d2d6c6f3b7babc0a9f65317be2  2010.0/i586/mysql-ndb-management-5.1.42-0.2mdv2010.0.i586.rpm
 ba863e83a0ad172dcf6ac45c9e18a397  2010.0/i586/mysql-ndb-storage-5.1.42-0.2mdv2010.0.i586.rpm
 a042fd2f1675840827d3cb10956f3b04  2010.0/i586/mysql-ndb-tools-5.1.42-0.2mdv2010.0.i586.rpm 
 12f6c61720238739fcdd90db0fb51b4f  2010.0/SRPMS/mysql-5.1.42-0.2mdv2010.0.src.rpm

References