mysql-dfsg-5.0 5.0.51a-3ubuntu5.8 source package in Ubuntu

Changelog

mysql-dfsg-5.0 (5.0.51a-3ubuntu5.8) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via joins involving a table with a
    unique SET column
    - debian/patches/98_CVE-2010-3677.dpatch: improve logic in
      sql/item_cmpfunc.cc. Add tests to mysql-test/*.
    - CVE-2010-3677
  * SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
    nullable columns
    - debian/patches/98_CVE-2010-3680.dpatch: check for null datatype in
      sql/ha_innodb.cc. Add tests to mysql-test/*.
    - CVE-2010-3680
  * SECURITY UPDATE: denial of service via alternate reads from two indexes
    on a table using the HANDLER interface
    - debian/patches/98_CVE-2010-3681.dpatch: check for the same index in
      sql/sql_handler.cc. Add tests to mysql-test/*.
    - CVE-2010-3681
  * SECURITY UPDATE: denial of service via use of EXPLAIN with certain
    queries
    - debian/patches/98_CVE-2010-3682.dpatch: improve conditional in
      sql/sql_select.cc. Add tests to mysql-test/*.
    - CVE-2010-3682
  * SECURITY UPDATE: denial of service via incorrect propagation of type
    errors.
    - debian/patches/98_CVE-2010-3833.dpatch: properly check for execution
      errors in sql/item_func.cc. Add tests to mysql-test/*.
    - CVE-2010-3833
  * SECURITY UPDATE: denial of service via derived table materializing.
    - debian/patches/98_CVE-2010-3834.dpatch: handle temporary tables in
      sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
    - CVE-2010-3834
  * SECURITY UPDATE: denial of service via user-variable assignment
    expression.
    - debian/patches/98_CVE-2010-3835.dpatch: fix logic in sql/item_func.*,
      Add tests to mysql-test/*.
    - CVE-2010-3835
  * SECURITY UPDATE: denial of service via pre-evaluation of LIKE
    predicates during view preparation.
    - debian/patches/98_CVE-2010-3836.dpatch: make sure we're not in view
      preparation mode in sql/item_cmpfunc.cc. Add tests to mysql-test/*.
    - CVE-2010-3836
  * SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
    WITH ROLLUP together.
    - debian/patches/98_CVE-2010-3837.dpatch: create a copy of the order
      structures in sql/item_sum.cc, sql/table.h. Add tests to
      mysql-test/*.
    - CVE-2010-3837
  * SECURITY UPDATE: denial of service via longblob and union or update
    with subquery.
    - debian/patches/98_CVE-2010-3838.dpatch: handle REAL_RESULT in
      sql/item_func.cc. Add tests to mysql-test/*.
    - CVE-2010-3838
  * SECURITY UPDATE: denial of service via PolyFromWKB() function and
    improper data.
    - debian/patches/98_CVE-2010-3840.dpatch: improve data handling in
      sql/spatial.cc. Add tests to mysql-test/*.
    - CVE-2010-3840
 -- Marc Deslauriers <email address hidden>   Tue, 09 Nov 2010 11:49:24 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Hardy
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
mysql-dfsg-5.0_5.0.51a.orig.tar.gz 17.1 MiB 9cfa50ae9bf3c798f218abe80032ce2363b085d64154f9e91f1f2c45619740d0
mysql-dfsg-5.0_5.0.51a-3ubuntu5.8.diff.gz 350.2 KiB 876eeebd178811ff0bebf7721b7c3ab0b4c73fff3c477eeaaa83eb7f3b5658d3
mysql-dfsg-5.0_5.0.51a-3ubuntu5.8.dsc 2.0 KiB 09352fd61df789349ab2472b18d0fb8cb3dc70c9af9e77c88fc986f3945bbd58

View changes file

Binary packages built by this source

libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu hardy.

No description available for libmysqlclient15-dev in ubuntu hardy.

libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu hardy.

No description available for libmysqlclient15off in ubuntu hardy.

mysql-client: No summary available for mysql-client in ubuntu hardy.

No description available for mysql-client in ubuntu hardy.

mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu hardy.

No description available for mysql-client-5.0 in ubuntu hardy.

mysql-common: No summary available for mysql-common in ubuntu hardy.

No description available for mysql-common in ubuntu hardy.

mysql-server: No summary available for mysql-server in ubuntu hardy.

No description available for mysql-server in ubuntu hardy.

mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu hardy.

No description available for mysql-server-5.0 in ubuntu hardy.