Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: b06-3309.htm

MySQL 4.1 vulnerability



MySQL 4.1 vulnerability
MySQL 4.1 vulnerability




--oLBj+sq0vYjzfsbl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=========================================================== 
Ubuntu Security Notice USN-306-1              June 27, 2006
mysql-dfsg-4.1 vulnerability
CVE-2006-3081
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 5.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  mysql-server-4.1               4.1.12-1ubuntu3.6

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

MySQL did not correctly handle NULL as the second argument to the
str_to_date() function. An authenticated user could exploit this to
crash the server.


Updated packages for Ubuntu 5.10:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.6.diff.gz 
      Size/MD5:   164878 463c3768464221d0825dbf8fd153432e
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12-1ubuntu3.6.dsc 
      Size/MD5:     1024 5e533d4f9d9fd83c67d4119a39625e2c
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.12.orig.tar.gz 
      Size/MD5: 15921909 c7b83a19bd8a4f42d5d64c239d05121f

  Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.12-1ubuntu3.6_all.deb 
      Size/MD5:    36742 b96636b4d38a0f45cd5607f26018101a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.6_amd64.deb 
      Size/MD5:  5831370 d23061f89f903c9808b6768dd6d92335
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.6_amd64.deb 
      Size/MD5:  1540608 ff3bdbcec7d80ee656fff71318db5f9a
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.6_amd64.deb 
      Size/MD5:   898350 2dbf1c511e23d4d0134979b7ec660264
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.6_amd64.deb 
      Size/MD5: 18433714 158ce4bd992fe64a8695687e82d2ef94

  i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.6_i386.deb 
      Size/MD5:  5348044 41d20999de86b8f7983f62b756212cd1
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.6_i386.deb 
      Size/MD5:  1475378 3057a66edc7863f8695d03aec050d0f5
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.6_i386.deb 
      Size/MD5:   866354 8c84ad0649a119fd0370d33756a9c1cb
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.6_i386.deb 
      Size/MD5: 17336250 b1bc484bceaf8a4debdbb1d58d637dd0

  powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.12-1ubuntu3.6_powerpc.deb 
      Size/MD5:  6069148 7d5d032fb8f0bed0c3efa6911578854c
http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.12-1ubuntu3.6_powerpc.deb 
      Size/MD5:  1549044 be30993f7e8f207d99f11b43282b5f00
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.12-1ubuntu3.6_powerpc.deb 
      Size/MD5:   937622 fb4802c64825f7e4127bbd15b656d214
http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.12-1ubuntu3.6_powerpc.deb 
      Size/MD5: 18523392 31b331faba3c77b55e126b84d24ce223

--oLBj+sq0vYjzfsbl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEoTgwDecnbV4Fd/IRAqipAKCkYHJly8OxEhkQ/SyYj4Hyc+zwdQCeKvHx
kZZM/JKVzH0tbpTiBPKmFtY=xqBL
-----END PGP SIGNATURE-----

--oLBj+sq0vYjzfsbl--


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH