[Pkg-mysql-commits] r971 - in branches/sarge-4.0/debian: . patches

Christian Hammers ch at alioth.debian.org
Tue Nov 6 22:43:44 UTC 2007 

tags 424778 pending
thanks

Author: ch
Date: 2007-11-06 22:43:44 +0000 (Tue, 06 Nov 2007)
New Revision: 971

Added:
   branches/sarge-4.0/debian/patches/91_CVE-2007-2691_alter-drop.dpatch
Modified:
   branches/sarge-4.0/debian/changelog
   branches/sarge-4.0/debian/patches/00list
Log:
preparing new security upload


Modified: branches/sarge-4.0/debian/changelog
===================================================================
--- branches/sarge-4.0/debian/changelog	2007-11-06 22:42:36 UTC (rev 970)
+++ branches/sarge-4.0/debian/changelog	2007-11-06 22:43:44 UTC (rev 971)
@@ -1,3 +1,13 @@
+mysql-dfsg (4.0.24-10sarge3) stable-security; urgency=low
+
+  * Security upload prepared for the security team by the debian mysql
+    package maintainers.
+  * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP
+    privilege for RENAME TABLE statements which allows remote authenticated
+    users to rename arbitrary tables. Closes: #424778
+
+ -- Christian Hammers <ch at debian.org>  Tue, 06 Nov 2007 22:52:57 +0100
+
 mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low
 
   * Security upload prepared for the security team by the debian mysql

Modified: branches/sarge-4.0/debian/patches/00list
===================================================================
--- branches/sarge-4.0/debian/patches/00list	2007-11-06 22:42:36 UTC (rev 970)
+++ branches/sarge-4.0/debian/patches/00list	2007-11-06 22:43:44 UTC (rev 971)
@@ -15,3 +15,4 @@
 52_CAN-2005-2558_create_function.dpatch
 55_CVE-2006-0903_logging_bypass.dpatch
 56_CVE-2006-1516-1518_anon_login_and_table_dump.dpatch
+91_CVE-2007-2691_alter-drop.dpatch

Added: branches/sarge-4.0/debian/patches/91_CVE-2007-2691_alter-drop.dpatch
===================================================================
--- branches/sarge-4.0/debian/patches/91_CVE-2007-2691_alter-drop.dpatch	                        (rev 0)
+++ branches/sarge-4.0/debian/patches/91_CVE-2007-2691_alter-drop.dpatch	2007-11-06 22:43:44 UTC (rev 971)
@@ -0,0 +1,16 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+# DP: based on http://lists.mysql.com/commits/24642?f=plain
+# DP: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
+
+ at DPATCH@
+--- old/sql/sql_parse.cc.origch	2007-11-06 22:58:40.000000000 +0100
++++ new/sql/sql_parse.cc	2007-11-06 23:01:03.000000000 +0100
+@@ -1855,7 +1855,7 @@
+ 	old_list=table[0];
+ 	new_list=table->next[0];
+ 	old_list.next=new_list.next=0;
+-	if (check_grant(thd,ALTER_ACL,&old_list) ||
++	if (check_grant(thd,ALTER_ACL | DROP_ACL,&old_list) ||
+ 	    (!test_all_bits(table->next->grant.privilege,
+ 			    INSERT_ACL | CREATE_ACL) &&
+ 	     check_grant(thd,INSERT_ACL | CREATE_ACL, &new_list)))


Property changes on: branches/sarge-4.0/debian/patches/91_CVE-2007-2691_alter-drop.dpatch
___________________________________________________________________
Name: svn:executable
   + *

More information about the Pkg-mysql-commits mailing list