Nom du paquet
mysql
Date
2009-07-29
Advisory ID
MDVSA-2009:179
Affected versions
MES5 i586 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in mysql:

Multiple format string vulnerabilities in the dispatch_command function
in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow
remote authenticated users to cause a denial of service (daemon crash)
and possibly have unspecified other impact via format string specifiers
in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request.
NOTE: some of these details are obtained from third party information
(CVE-2009-2446).

This update provides fixes for this vulnerability.

Updated packages

MES5 i586

 111edf7e800a28ded6ec28a5f5806078  mes5/i586/libmysql15-5.0.84-0.2mdvmes5.i586.rpm
 32284b9f62a41475d9e5f1d6021d9c33  mes5/i586/libmysql-devel-5.0.84-0.2mdvmes5.i586.rpm
 3c9849b16d358d2947b950f79d949fa5  mes5/i586/libmysql-static-devel-5.0.84-0.2mdvmes5.i586.rpm
 b197a2ce1c2f8384b7870ac51604c56a  mes5/i586/mysql-5.0.84-0.2mdvmes5.i586.rpm
 e2890a075910aaae54c6b4aadd310058  mes5/i586/mysql-bench-5.0.84-0.2mdvmes5.i586.rpm
 b0f65c14372b0ad9f4268a241c3aadf1  mes5/i586/mysql-client-5.0.84-0.2mdvmes5.i586.rpm
 b697ac74c23770e4acf6a745898ac804  mes5/i586/mysql-common-5.0.84-0.2mdvmes5.i586.rpm
 817565d1e9cfe7e456a86a2aedc8794a  mes5/i586/mysql-doc-5.0.84-0.2mdvmes5.i586.rpm
 aee00f43a8d160c69404943513158186  mes5/i586/mysql-max-5.0.84-0.2mdvmes5.i586.rpm
 a558bb267ab87256c2be99db21c6f90a  mes5/i586/mysql-ndb-extra-5.0.84-0.2mdvmes5.i586.rpm
 05c2f6cfb2e35a5ddeaf7bd781ff49e2  mes5/i586/mysql-ndb-management-5.0.84-0.2mdvmes5.i586.rpm
 a25f4eda51549892458a7018c6a1aa8c  mes5/i586/mysql-ndb-storage-5.0.84-0.2mdvmes5.i586.rpm
 9b4d0245ae703395e322dad3f1de77c9  mes5/i586/mysql-ndb-tools-5.0.84-0.2mdvmes5.i586.rpm 
 528357eda66ebd5b56c8df7e103cbb6e  mes5/SRPMS/mysql-5.0.84-0.2mdvmes5.src.rpm

MES5 x86_64

 439bfd3542d1c381767e5df2899dabc1  mes5/x86_64/lib64mysql15-5.0.84-0.2mdvmes5.x86_64.rpm
 936c76cd181fc0e570436e15afb5c3fe  mes5/x86_64/lib64mysql-devel-5.0.84-0.2mdvmes5.x86_64.rpm
 9195e6215287d2c10510e4b3966f098a  mes5/x86_64/lib64mysql-static-devel-5.0.84-0.2mdvmes5.x86_64.rpm
 901ee6678c5e26dd9c7678c0713a0846  mes5/x86_64/mysql-5.0.84-0.2mdvmes5.x86_64.rpm
 7a008ddf061471ca251bec7e6fc090b9  mes5/x86_64/mysql-bench-5.0.84-0.2mdvmes5.x86_64.rpm
 1b78d5dbd44f9cd90e47b65c0d42cc49  mes5/x86_64/mysql-client-5.0.84-0.2mdvmes5.x86_64.rpm
 0889ee744eea3dfb5ab5255526742f07  mes5/x86_64/mysql-common-5.0.84-0.2mdvmes5.x86_64.rpm
 82a3ea7dd6e86aadb7f59de8adac28e5  mes5/x86_64/mysql-doc-5.0.84-0.2mdvmes5.x86_64.rpm
 ff9aa6a146f0ec0c83f1becea8f128cb  mes5/x86_64/mysql-max-5.0.84-0.2mdvmes5.x86_64.rpm
 0e1651537446af7fd6c7693262b6c389  mes5/x86_64/mysql-ndb-extra-5.0.84-0.2mdvmes5.x86_64.rpm
 4bf5dc024969a37fb8ef205725bbf2dd  mes5/x86_64/mysql-ndb-management-5.0.84-0.2mdvmes5.x86_64.rpm
 a7090dab8c114e1ec1d123066977b53e  mes5/x86_64/mysql-ndb-storage-5.0.84-0.2mdvmes5.x86_64.rpm
 e8b8adf271646dfb46796e70edca0294  mes5/x86_64/mysql-ndb-tools-5.0.84-0.2mdvmes5.x86_64.rpm 
 528357eda66ebd5b56c8df7e103cbb6e  mes5/SRPMS/mysql-5.0.84-0.2mdvmes5.src.rpm

References