[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ MDVSA-2010:222 ] mysql
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [ MDVSA-2010:222 ] mysql
- From: security@xxxxxxxxxxxx
- Date: Tue, 09 Nov 2010 18:22:01 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:222
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mysql
Date : November 9, 2010
Affected: 2009.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities were discovered and corrected in mysql:
* Joins involving a table with with a unique SET column could cause
a server crash (CVE-2010-3677).
* Use of TEMPORARY InnoDB tables with nullable columns could cause
a server crash (CVE-2010-3680).
* The server could crash if there were alternate reads from two
indexes on a table using the HANDLER interface (CVE-2010-3681).
* Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY
(SELECT ... WHERE ...) could cause a server crash (CVE-2010-3682).
* During evaluation of arguments to extreme-value functions (such
as LEAST() and GREATEST()), type errors did not propagate properly,
causing the server to crash (CVE-2010-3833).
* The server could crash after materializing a derived table that
required a temporary table for grouping (CVE-2010-3834).
* A user-variable assignment expression that is evaluated in a logical
expression context can be precalculated in a temporary table for GROUP
BY. However, when the expression value is used after creation of the
temporary table, it was re-evaluated, not read from the table and a
server crash resulted (CVE-2010-3835).
* Pre-evaluation of LIKE predicates during view preparation could
cause a server crash (CVE-2010-3836).
* GROUP_CONCAT() and WITH ROLLUP together could cause a server crash
(CVE-2010-3837).
* Queries could cause a server crash if the GREATEST() or LEAST()
function had a mixed list of numeric and LONGBLOB arguments, and
the result of such a function was processed using an intermediate
temporary table (CVE-2010-3838).
* Queries with nested joins could cause an infinite loop in the
server when used from stored procedures and prepared statements
(CVE-2010-3839).
* The PolyFromWKB() function could crash the server when improper
WKB data was passed to the function (CVE-2010-3840).
Additionally the default behaviour of using the mysqlmanager instead
of the mysqld_safe script has been reverted in the SysV init script
because of instability issues with the mysqlmanager.
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been upgraded to mysql 5.0.91 and patched
to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3681
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3840
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html
http://bugs.mysql.com/bug.php?id=54575
http://bugs.mysql.com/bug.php?id=54044
http://bugs.mysql.com/bug.php?id=54007
http://bugs.mysql.com/bug.php?id=52711
http://bugs.mysql.com/bug.php?id=55826
http://bugs.mysql.com/bug.php?id=55568
http://bugs.mysql.com/bug.php?id=55564
http://bugs.mysql.com/bug.php?id=54568
http://bugs.mysql.com/bug.php?id=54476
http://bugs.mysql.com/bug.php?id=54461
http://bugs.mysql.com/bug.php?id=53544
http://bugs.mysql.com/bug.php?id=51875
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
eb907536a0eeaaa029dc177ea9ef0a39
2009.0/i586/libmysql15-5.0.91-0.1mdv2009.0.i586.rpm
6478e39626354dceed037e214ec6cb1b
2009.0/i586/libmysql-devel-5.0.91-0.1mdv2009.0.i586.rpm
f241d659367edc2514f252a770715ce3
2009.0/i586/libmysql-static-devel-5.0.91-0.1mdv2009.0.i586.rpm
3acc56592aa5ef4ae5227c204a3a5931
2009.0/i586/mysql-5.0.91-0.1mdv2009.0.i586.rpm
6dd27cf8a8a6ddfcba4ff41199e5af53
2009.0/i586/mysql-bench-5.0.91-0.1mdv2009.0.i586.rpm
969531a60f2b36ce51504ced260b0df9
2009.0/i586/mysql-client-5.0.91-0.1mdv2009.0.i586.rpm
0d6e8961bb929492b105d4552622eaa4
2009.0/i586/mysql-common-5.0.91-0.1mdv2009.0.i586.rpm
e34023d0f7030d97f5ae90299b68eec9
2009.0/i586/mysql-doc-5.0.91-0.1mdv2009.0.i586.rpm
4d23ed1d323b7386428dc5f558d3dfe2
2009.0/i586/mysql-max-5.0.91-0.1mdv2009.0.i586.rpm
b9f3ae1f4537d552874ca55ed0bbb0d5
2009.0/i586/mysql-ndb-extra-5.0.91-0.1mdv2009.0.i586.rpm
71e6e537d8ca78f4feb184127c6d2241
2009.0/i586/mysql-ndb-management-5.0.91-0.1mdv2009.0.i586.rpm
ca105074d069cff1a46b33d97ad98d9c
2009.0/i586/mysql-ndb-storage-5.0.91-0.1mdv2009.0.i586.rpm
fbb37043811a661be20b76f2b5580f69
2009.0/i586/mysql-ndb-tools-5.0.91-0.1mdv2009.0.i586.rpm
a08639f29c6d8a07534854c05a1d455b
2009.0/SRPMS/mysql-5.0.91-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
cd1407d890e82227401c8b362707b3b9
2009.0/x86_64/lib64mysql15-5.0.91-0.1mdv2009.0.x86_64.rpm
e0e273aa8b3491d2c9a4e3262769105f
2009.0/x86_64/lib64mysql-devel-5.0.91-0.1mdv2009.0.x86_64.rpm
2d33f0fe6f058303912058018a3d0d06
2009.0/x86_64/lib64mysql-static-devel-5.0.91-0.1mdv2009.0.x86_64.rpm
da91cf85defd1b0cff9c069fadd07e5d
2009.0/x86_64/mysql-5.0.91-0.1mdv2009.0.x86_64.rpm
8ebcffba8321ae17aae21cb3ba52a3e9
2009.0/x86_64/mysql-bench-5.0.91-0.1mdv2009.0.x86_64.rpm
d5d640a2ef35848f9befc0be86d78a49
2009.0/x86_64/mysql-client-5.0.91-0.1mdv2009.0.x86_64.rpm
b526d8835e448c064cd63f9aefb3623c
2009.0/x86_64/mysql-common-5.0.91-0.1mdv2009.0.x86_64.rpm
f797fffb311a794dab45d168a8b781d6
2009.0/x86_64/mysql-doc-5.0.91-0.1mdv2009.0.x86_64.rpm
6fbb34d053af580605ee5e38319e70dc
2009.0/x86_64/mysql-max-5.0.91-0.1mdv2009.0.x86_64.rpm
b3301c995e36f2785d25c7d3e61abe6e
2009.0/x86_64/mysql-ndb-extra-5.0.91-0.1mdv2009.0.x86_64.rpm
96296d78b320836f6199ccd9f6ded083
2009.0/x86_64/mysql-ndb-management-5.0.91-0.1mdv2009.0.x86_64.rpm
460ca6c62c5911774601ff0f2503e885
2009.0/x86_64/mysql-ndb-storage-5.0.91-0.1mdv2009.0.x86_64.rpm
414c0cf19deda444f69486aed137b9e6
2009.0/x86_64/mysql-ndb-tools-5.0.91-0.1mdv2009.0.x86_64.rpm
a08639f29c6d8a07534854c05a1d455b
2009.0/SRPMS/mysql-5.0.91-0.1mdv2009.0.src.rpm
Corporate 4.0:
93ceb9fd59484cdea928ffd2e06d149c
corporate/4.0/i586/libmysql15-5.0.91-0.1.20060mlcs4.i586.rpm
f80353a66273e0f70aba1f4821efd2fa
corporate/4.0/i586/libmysql-devel-5.0.91-0.1.20060mlcs4.i586.rpm
e755ee14f4d94b55db8a74dbb721f068
corporate/4.0/i586/libmysql-static-devel-5.0.91-0.1.20060mlcs4.i586.rpm
95abd2f134cf728ecebb4c4d0b4a6ae9
corporate/4.0/i586/mysql-5.0.91-0.1.20060mlcs4.i586.rpm
1c18fe18e0475ea49a4a50b9d1f6c091
corporate/4.0/i586/mysql-bench-5.0.91-0.1.20060mlcs4.i586.rpm
7399fd7ae6850c14792eac8b79a34523
corporate/4.0/i586/mysql-client-5.0.91-0.1.20060mlcs4.i586.rpm
4aee716bce3e5965688194b1cd1712eb
corporate/4.0/i586/mysql-common-5.0.91-0.1.20060mlcs4.i586.rpm
86bfc5a65912fbbbe1ac5b9eda7b31f0
corporate/4.0/i586/mysql-doc-5.0.91-0.1.20060mlcs4.i586.rpm
c387117b0a39d2bad9cec605f3f7314a
corporate/4.0/i586/mysql-max-5.0.91-0.1.20060mlcs4.i586.rpm
f63da7fe87e2eb742a6a74e2c66a57e6
corporate/4.0/i586/mysql-ndb-extra-5.0.91-0.1.20060mlcs4.i586.rpm
9dd84b4d7102bf330b2979d90f8983c8
corporate/4.0/i586/mysql-ndb-management-5.0.91-0.1.20060mlcs4.i586.rpm
b51844ca5c493112335ca054f43e17d4
corporate/4.0/i586/mysql-ndb-storage-5.0.91-0.1.20060mlcs4.i586.rpm
09509a1f48bc11abe6570c3a46e9daf6
corporate/4.0/i586/mysql-ndb-tools-5.0.91-0.1.20060mlcs4.i586.rpm
927ed1974f0a042693967b6fd22ec008
corporate/4.0/SRPMS/mysql-5.0.91-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
20117b2754e9b91d085ff9680d811611
corporate/4.0/x86_64/lib64mysql15-5.0.91-0.1.20060mlcs4.x86_64.rpm
1853101973ee2852c1009e7595a2bc31
corporate/4.0/x86_64/lib64mysql-devel-5.0.91-0.1.20060mlcs4.x86_64.rpm
dd09522b46023ae468563abd47460bd3
corporate/4.0/x86_64/lib64mysql-static-devel-5.0.91-0.1.20060mlcs4.x86_64.rpm
9f0c3810761e001a6e371012cc2743eb
corporate/4.0/x86_64/mysql-5.0.91-0.1.20060mlcs4.x86_64.rpm
fd174ef50c83c54356ac8e4e891b3f73
corporate/4.0/x86_64/mysql-bench-5.0.91-0.1.20060mlcs4.x86_64.rpm
8a85a29a6ade51a0956786675ba887fe
corporate/4.0/x86_64/mysql-client-5.0.91-0.1.20060mlcs4.x86_64.rpm
09daedce7d9a9c1c00168b0b1d42994f
corporate/4.0/x86_64/mysql-common-5.0.91-0.1.20060mlcs4.x86_64.rpm
ef9743643cba3544a8824d4c17e0d6c8
corporate/4.0/x86_64/mysql-doc-5.0.91-0.1.20060mlcs4.x86_64.rpm
e7c3a9a251b4c8bc758591c5460d50dc
corporate/4.0/x86_64/mysql-max-5.0.91-0.1.20060mlcs4.x86_64.rpm
f522e85eb231fc6a021219f9647f9333
corporate/4.0/x86_64/mysql-ndb-extra-5.0.91-0.1.20060mlcs4.x86_64.rpm
f702c3f65c406cc76ed2c7a784cef4f2
corporate/4.0/x86_64/mysql-ndb-management-5.0.91-0.1.20060mlcs4.x86_64.rpm
6442629a873f3cce5eb00d490068afbb
corporate/4.0/x86_64/mysql-ndb-storage-5.0.91-0.1.20060mlcs4.x86_64.rpm
e3e5f618f95f4ff8f83761069c36fae2
corporate/4.0/x86_64/mysql-ndb-tools-5.0.91-0.1.20060mlcs4.x86_64.rpm
927ed1974f0a042693967b6fd22ec008
corporate/4.0/SRPMS/mysql-5.0.91-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
89c2269f406dc3045dfd7d4722439b89
mes5/i586/libmysql15-5.0.91-0.1mdvmes5.1.i586.rpm
a39245d96a2343f94a6c3de2b0a1d5e8
mes5/i586/libmysql-devel-5.0.91-0.1mdvmes5.1.i586.rpm
c3a8626adfa64c80e9780cae382677d3
mes5/i586/libmysql-static-devel-5.0.91-0.1mdvmes5.1.i586.rpm
d08bcf51ea7cca9291879867d94bfd46 mes5/i586/mysql-5.0.91-0.1mdvmes5.1.i586.rpm
894a8b94003bae051d4301f6adcf2669
mes5/i586/mysql-bench-5.0.91-0.1mdvmes5.1.i586.rpm
62396656052e01c3fdf8d500bc55a860
mes5/i586/mysql-client-5.0.91-0.1mdvmes5.1.i586.rpm
5b824ecf37eb00993e47aff4531775a7
mes5/i586/mysql-common-5.0.91-0.1mdvmes5.1.i586.rpm
bf869755a712d83629256a9a99c15711
mes5/i586/mysql-doc-5.0.91-0.1mdvmes5.1.i586.rpm
bff52c734c7efc2305e22c1dd2bdf094
mes5/i586/mysql-max-5.0.91-0.1mdvmes5.1.i586.rpm
5f33d4b7e2de3e03beb58bd5c543c97b
mes5/i586/mysql-ndb-extra-5.0.91-0.1mdvmes5.1.i586.rpm
10133c0bfbaa5080156ff83f871ee4da
mes5/i586/mysql-ndb-management-5.0.91-0.1mdvmes5.1.i586.rpm
35c3f4e88178c3bee2247aa5fe506aca
mes5/i586/mysql-ndb-storage-5.0.91-0.1mdvmes5.1.i586.rpm
f4fc7bfef0241437d69d170e26391efc
mes5/i586/mysql-ndb-tools-5.0.91-0.1mdvmes5.1.i586.rpm
d1e56324f66cd14937b7612206def290 mes5/SRPMS/mysql-5.0.91-0.1mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
8916ce12f0a1369f39cd250e2c8c35c9
mes5/x86_64/lib64mysql15-5.0.91-0.1mdvmes5.1.x86_64.rpm
8276a9fd8be29452610c67e2971be511
mes5/x86_64/lib64mysql-devel-5.0.91-0.1mdvmes5.1.x86_64.rpm
2306d392866669f16ed65275ec8ea1ec
mes5/x86_64/lib64mysql-static-devel-5.0.91-0.1mdvmes5.1.x86_64.rpm
da916613ff80db456eadddd61d6cba18
mes5/x86_64/mysql-5.0.91-0.1mdvmes5.1.x86_64.rpm
8563b08ca76a16d01f1b9c41b9cc7dcc
mes5/x86_64/mysql-bench-5.0.91-0.1mdvmes5.1.x86_64.rpm
88289d93bf3e177ae304843fc3f221a4
mes5/x86_64/mysql-client-5.0.91-0.1mdvmes5.1.x86_64.rpm
55b1ddf76c99a5561b738682fb55b4fb
mes5/x86_64/mysql-common-5.0.91-0.1mdvmes5.1.x86_64.rpm
8b33e50cc5c12dfb577a7d1ca85800ea
mes5/x86_64/mysql-doc-5.0.91-0.1mdvmes5.1.x86_64.rpm
b2fd7c02c73ab39a68c5799ae71769da
mes5/x86_64/mysql-max-5.0.91-0.1mdvmes5.1.x86_64.rpm
0875dffd5f38fd9873347aad5353cdc1
mes5/x86_64/mysql-ndb-extra-5.0.91-0.1mdvmes5.1.x86_64.rpm
1fcf16f947ccc0eca16aa5f47f910ded
mes5/x86_64/mysql-ndb-management-5.0.91-0.1mdvmes5.1.x86_64.rpm
93bfc7f9bd45288ea5e6d97aedfd109e
mes5/x86_64/mysql-ndb-storage-5.0.91-0.1mdvmes5.1.x86_64.rpm
a98125ba65e6ade91189944dd148a218
mes5/x86_64/mysql-ndb-tools-5.0.91-0.1mdvmes5.1.x86_64.rpm
d1e56324f66cd14937b7612206def290 mes5/SRPMS/mysql-5.0.91-0.1mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFM2VUgmqjQ0CJFipgRAkmKAKDZq9ZsL8ehC3DYz8Cvl7S9kOMIigCfc/Bn
PtNWZN/OpXqCPP3oiCQKR4Y=
=W5lO
-----END PGP SIGNATURE-----