[Pkg-mysql-commits] r875 - in branches/sarge-4.1/debian: . patches
Sean Finney
seanius at alioth.debian.org
Thu May 17 17:17:38 UTC 2007
tags 424830 pending
thanks
Author: seanius
Date: 2007-05-17 17:17:38 +0000 (Thu, 17 May 2007)
New Revision: 875
Added:
branches/sarge-4.1/debian/patches/64_SECURITY_CVE-2007-2691_alter-drop.dpatch
Modified:
branches/sarge-4.1/debian/changelog
branches/sarge-4.1/debian/patches/00list
Log:
2007-2691
Modified: branches/sarge-4.1/debian/changelog
===================================================================
--- branches/sarge-4.1/debian/changelog 2007-05-13 10:45:24 UTC (rev 874)
+++ branches/sarge-4.1/debian/changelog 2007-05-17 17:17:38 UTC (rev 875)
@@ -1,55 +1,10 @@
-mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low
+mysql-dfsg-4.1 (4.1.11a-4sarge4) oldstable-security; urgency=low
- * SECURITY:
- MySQL when run on case-sensitive filesystems, allows remote
- authenticated users to create or access a database when the
- database name differs only in case from a database for which
- they have permissions. (CVE-2006-4226). Closes: #384798
+ * Upload prepared for the security team by the debian mysql maintainers
+ * Fix for CVE-2007-2691: DROP/RENAME TABLE statements (closes: #424830).
- -- Christian Hammers <ch at debian.org> Sat, 26 Aug 2006 13:42:02 +0000
+ -- sean finney <seanius at debian.org> Thu, 17 May 2007 19:13:14 +0200
-mysql-dfsg-4.1 (4.1.11a-4sarge6) stable; urgency=low
-
- * Certain SQL queries could crash the server and prevent master-slave
- replication from continue until manual intervention was taken.
- Closes: #383165
-
- -- Christian Hammers <ch at debian.org> Fri, 25 Aug 2006 21:15:35 +0000
-
-mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low
-
- * Security upload prepared for the security team by the Debian MySQL
- package maintainers.
- * Fixed DoS bug where any user could crash the server with
- "SELECT str_to_date(1, NULL);" (CVE-2006-3081).
- The vulnerability was discovered by Kanatoko <anvil at jumperz.net>.
- Closes: #373913
- * Fixed DoS bug where any user could crash the server with
- "SELECT date_format('%d%s', 1); (CVE-2006-3469).
- The vulnerability was discovered by Maillefer Jean-David
- <jean-david at kesako.ch> and filed as MySQL bug #20729.
- Closes: #375694
-
- -- Christian Hammers <ch at debian.org> Fri, 16 Jun 2006 09:52:12 +0000
-
-mysql-dfsg-4.1 (4.1.11a-4sarge4) stable-security; urgency=low
-
- * Security upload prepared for the security team bythe Debian MySQL
- package maintainers.
- * Extracted upstream patch from the diff of 4.1.19 and 4.1.20 to fix
- the following bug:
- "An SQL-injection security hole has been found in
- multibyte encoding processing. The bug was in the server,
- incorrectly parsing the string escaped with mysql_real_escape().
-
- This vulnerability was discovered and reported by Josh Berkus
- <josh at postgresql.org> and Tom Lane <tgl at sss.pgh.pa.us> as part of
- the inter-project security collaboration of the OSDB consortium."
- (CVE-2006-2753)
- Closes: #369735
-
- -- Christian Hammers <ch at debian.org> Wed, 31 May 2006 22:42:57 +0000
-
mysql-dfsg-4.1 (4.1.11a-4sarge3) stable-security; urgency=low
* Security upload prepared for the security team by the debian mysql
Modified: branches/sarge-4.1/debian/patches/00list
===================================================================
--- branches/sarge-4.1/debian/patches/00list 2007-05-13 10:45:24 UTC (rev 874)
+++ branches/sarge-4.1/debian/patches/00list 2007-05-17 17:17:38 UTC (rev 875)
@@ -18,8 +18,4 @@
61_SECURITY_CAN-2005-2558.dpatch
62_SECURITY_CVE-2006-0903.dpatch
63_SECURITY_CVE-2006-1516-1518.dpatch
-64_SECURITY_CVE-2006-2753.dpatch
-65_SECURITY_CVE-2006-3081.dpatch
-66_SECURITY_CVE-2006-3469.dpatch
-67_SECURITY_CVE-2006-4226.dpatch
-70_replication_fix.dpatch
+64_SECURITY_CVE-2007-2691_alter-drop.dpatch
Added: branches/sarge-4.1/debian/patches/64_SECURITY_CVE-2007-2691_alter-drop.dpatch
===================================================================
--- branches/sarge-4.1/debian/patches/64_SECURITY_CVE-2007-2691_alter-drop.dpatch (rev 0)
+++ branches/sarge-4.1/debian/patches/64_SECURITY_CVE-2007-2691_alter-drop.dpatch 2007-05-17 17:17:38 UTC (rev 875)
@@ -0,0 +1,15 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+# taken from http://lists.mysql.com/commits/24642?f=plain
+
+ at DPATCH@
+--- 1.496/sql/sql_parse.cc 2007-04-17 16:52:53 +05:00
++++ 1.497/sql/sql_parse.cc 2007-04-17 16:52:53 +05:00
+@@ -2818,7 +2818,7 @@ unsent_create_error:
+ old_list=table[0];
+ new_list=table->next[0];
+ old_list.next=new_list.next=0;
+- if (check_grant(thd, ALTER_ACL, &old_list, 0, UINT_MAX, 0) ||
++ if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, UINT_MAX, 0) ||
+ (!test_all_bits(table->next->grant.privilege,
+ INSERT_ACL | CREATE_ACL) &&
+ check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0,
More information about the Pkg-mysql-commits
mailing list