mysql-dfsg-5.0 5.0.22-0ubuntu6.06.15 source package in Ubuntu
Changelog
mysql-dfsg-5.0 (5.0.22-0ubuntu6.06.15) dapper-security; urgency=low
* SECURITY UPDATE: denial of service via joins involving a table with a
unique SET column
- debian/patches/113_SECURITY_CVE-2010-3677.dpatch: improve logic in
sql/item_cmpfunc.cc. Add tests to mysql-test/*.
- CVE-2010-3677
* SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
nullable columns
- debian/patches/113_SECURITY_CVE-2010-3680.dpatch: check for null
datatype in sql/ha_innodb.cc. Add tests to mysql-test/*.
- CVE-2010-3680
* SECURITY UPDATE: denial of service via alternate reads from two indexes
on a table using the HANDLER interface
- debian/patches/113_SECURITY_CVE-2010-3681.dpatch: check for the same
index in sql/sql_handler.cc. Add tests to mysql-test/*.
- CVE-2010-3681
* SECURITY UPDATE: denial of service via use of EXPLAIN with certain
queries
- debian/patches/113_SECURITY_CVE-2010-3682.dpatch: improve conditional
in sql/sql_select.cc. Add tests to mysql-test/*.
- CVE-2010-3682
* SECURITY UPDATE: denial of service via derived table materializing.
- debian/patches/113_SECURITY_CVE-2010-3834.dpatch: handle temporary
tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
- CVE-2010-3834
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
predicates during view preparation.
- debian/patches/113_SECURITY_CVE-2010-3836.dpatch: make sure we're not
in view preparation mode in sql/item_cmpfunc.cc. Add tests to
mysql-test/*.
- CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
WITH ROLLUP together.
- debian/patches/113_SECURITY_CVE-2010-3837.dpatch: create a copy of
the order structures in sql/item_sum.cc, sql/table.h. Add tests to
mysql-test/*.
- CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
with subquery.
- debian/patches/113_SECURITY_CVE-2010-3838.dpatch: handle REAL_RESULT
in sql/item_func.cc. Add tests to mysql-test/*.
- CVE-2010-3838
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
improper data.
- debian/patches/113_SECURITY_CVE-2010-3840.dpatch: improve data
handling in sql/spatial.cc. Add tests to mysql-test/*.
- CVE-2010-3840
-- Marc Deslauriers <email address hidden> Tue, 09 Nov 2010 14:10:41 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Dapper
- Original maintainer:
- Christian Hammers
- Architectures:
- any
- Section:
- misc
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mysql-dfsg-5.0_5.0.22.orig.tar.gz | 17.6 MiB | b1aa489bb44621a6b6209884a5afb3b4a92431219ca7282636f93c3e53ba2785 |
| mysql-dfsg-5.0_5.0.22-0ubuntu6.06.15.diff.gz | 174.0 KiB | dd515c7e6d19dfb547f381d60a60b150c1b5caa017bffd29d6c660c30005549f |
| mysql-dfsg-5.0_5.0.22-0ubuntu6.06.15.dsc | 1.7 KiB | 39dd37e64d1cd817a62013541343d99fc9334c4f2edc755de6f96ee1fee4aedc |
Available diffs
Binary packages built by this source
- libmysqlclient15-dev: No summary available for libmysqlclient15-dev in ubuntu dapper.
No description available for libmysqlclient1
5-dev in ubuntu dapper.
- libmysqlclient15off: No summary available for libmysqlclient15off in ubuntu dapper.
No description available for libmysqlclient15off in ubuntu dapper.
- mysql-client: No summary available for mysql-client in ubuntu dapper.
No description available for mysql-client in ubuntu dapper.
- mysql-client-5.0: No summary available for mysql-client-5.0 in ubuntu dapper.
No description available for mysql-client-5.0 in ubuntu dapper.
- mysql-common: No summary available for mysql-common in ubuntu dapper.
No description available for mysql-common in ubuntu dapper.
- mysql-server: No summary available for mysql-server in ubuntu dapper.
No description available for mysql-server in ubuntu dapper.
- mysql-server-5.0: No summary available for mysql-server-5.0 in ubuntu dapper.
No description available for mysql-server-5.0 in ubuntu dapper.
