From: Mandrakelinux Security Team <security@linux-mandrake.com.>
To: [email protected]Subject: MDKSA-2005:060 - Updated MySQL packages fix multiple vulnerabilities
Message-Id: <E1DDX3R-0007yo-0q@updates.mandrakesoft.com.>
Date: Mon, 21 Mar 2005 17:15:29 -0700
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: MySQL
Advisory ID: MDKSA-2005:060
Date: March 21st, 2005
Affected versions: 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
A number of vulnerabilities were discovered by Stefano Di Paola in the
MySQL server:
If an authenticated user had INSERT privileges on the 'mysql' database,
the CREATE FUNCTION command allowed that user to use libc functions to
execute arbitrary code with the privileges of the user running the
database server (mysql) (CAN-2005-0709).
If an authenticated user had INSERT privileges on the 'mysql' database,
it was possible to load a library located in an arbitrary directory by
using INSERT INTO mysql.func instead of CREATE FUNCTION. This also
would allow the user to execute arbitrary code with the privileges of
the user running the database server (CAN-2005-0710).
Finally, temporary files belonging to tables created with CREATE
TEMPORARY TABLE were handled in an insecure manner, allowing any local
user to overwrite arbitrary files with the privileges of the database
server (CAN-2005-0711).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
a63c4a586c5ce21eefc68121b8bfcbb7 10.0/RPMS/libmysql12-4.0.18-1.4.100mdk.i586.rpm
91deea11427c50779b5435a952efc7e3 10.0/RPMS/libmysql12-devel-4.0.18-1.4.100mdk.i586.rpm
4150e294ce81935ee7e8844537867f89 10.0/RPMS/MySQL-4.0.18-1.4.100mdk.i586.rpm
1d7343e4ef5363066387fb4249ddf22a 10.0/RPMS/MySQL-Max-4.0.18-1.4.100mdk.i586.rpm
1b96455b734d9f896391041c6a1014d9 10.0/RPMS/MySQL-bench-4.0.18-1.4.100mdk.i586.rpm
d4e8ee5ce5608ad9c81905ad4a9b10eb 10.0/RPMS/MySQL-client-4.0.18-1.4.100mdk.i586.rpm
d83c85b5417d2c0e96002aa1d162bf35 10.0/RPMS/MySQL-common-4.0.18-1.4.100mdk.i586.rpm
7f206e82f4858c1f5d26e3f45f317320 10.0/SRPMS/MySQL-4.0.18-1.4.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
0ab0bb4f82c8dc3d6194bd6d01136948 amd64/10.0/RPMS/lib64mysql12-4.0.18-1.4.100mdk.amd64.rpm
283f25dfa37b406ac76c724f7d45dfe7 amd64/10.0/RPMS/lib64mysql12-devel-4.0.18-1.4.100mdk.amd64.rpm
6e796a5b00ee1b450aefe434ccadf437 amd64/10.0/RPMS/MySQL-4.0.18-1.4.100mdk.amd64.rpm
bcd3e0ffdd1402ff54a63cc7386a36be amd64/10.0/RPMS/MySQL-Max-4.0.18-1.4.100mdk.amd64.rpm
46b367fcf652e07fccd09d76738a8662 amd64/10.0/RPMS/MySQL-bench-4.0.18-1.4.100mdk.amd64.rpm
76ea0bbb46e2f7af835498759cd991cb amd64/10.0/RPMS/MySQL-client-4.0.18-1.4.100mdk.amd64.rpm
db3725e14b8dfd0bd99e0f5ebc645303 amd64/10.0/RPMS/MySQL-common-4.0.18-1.4.100mdk.amd64.rpm
7f206e82f4858c1f5d26e3f45f317320 amd64/10.0/SRPMS/MySQL-4.0.18-1.4.100mdk.src.rpm
Mandrakelinux 10.1:
c3c557a06d519f6f8e91ba43a9f3d404 10.1/RPMS/libmysql12-4.0.20-3.3.101mdk.i586.rpm
0ada09ca0942df3ac24b54e77d4f1ab7 10.1/RPMS/libmysql12-devel-4.0.20-3.3.101mdk.i586.rpm
051ba4877ed955d2ba10dfa689d4b380 10.1/RPMS/MySQL-4.0.20-3.3.101mdk.i586.rpm
ec4c10ff52536c9aba73207d4090878a 10.1/RPMS/MySQL-Max-4.0.20-3.3.101mdk.i586.rpm
8a0df2fc5431d0bea357ff35f99aec64 10.1/RPMS/MySQL-bench-4.0.20-3.3.101mdk.i586.rpm
bc0478faf5d4f1c453b3a67143685c82 10.1/RPMS/MySQL-client-4.0.20-3.3.101mdk.i586.rpm
3f87f6fa53b47ab287714df3a7b569cf 10.1/RPMS/MySQL-common-4.0.20-3.3.101mdk.i586.rpm
5eef9940c3b0f16bbe47ef5cf2d87335 10.1/SRPMS/MySQL-4.0.20-3.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
7782ecace6685d4070d50983e4b68a26 x86_64/10.1/RPMS/lib64mysql12-4.0.20-3.3.101mdk.x86_64.rpm
23c36f372c0eafad5304fe8a5a91340c x86_64/10.1/RPMS/lib64mysql12-devel-4.0.20-3.3.101mdk.x86_64.rpm
d1d378de68e919c70125a26f598bbc9d x86_64/10.1/RPMS/MySQL-4.0.20-3.3.101mdk.x86_64.rpm
bef40ae1d0b3d7d2fd02e23675890bf3 x86_64/10.1/RPMS/MySQL-Max-4.0.20-3.3.101mdk.x86_64.rpm
33888c8872f94005b83c46ee7a4c0e9e x86_64/10.1/RPMS/MySQL-bench-4.0.20-3.3.101mdk.x86_64.rpm
c1d72a2398a4fca7d60efe7f717ddb91 x86_64/10.1/RPMS/MySQL-client-4.0.20-3.3.101mdk.x86_64.rpm
3a8bcfea1e9106510c69c93875cedad3 x86_64/10.1/RPMS/MySQL-common-4.0.20-3.3.101mdk.x86_64.rpm
5eef9940c3b0f16bbe47ef5cf2d87335 x86_64/10.1/SRPMS/MySQL-4.0.20-3.3.101mdk.src.rpm
Corporate Server 2.1:
0bc49a4120e6f7218204420787eb2f67 corporate/2.1/RPMS/libmysql10-3.23.56-1.8.C21mdk.i586.rpm
7bb7b42e1872b2e4087f2e9818d3c309 corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.8.C21mdk.i586.rpm
23470127e8aa4d0f17d4d4112dbcedfd corporate/2.1/RPMS/MySQL-3.23.56-1.8.C21mdk.i586.rpm
19c2791af702f6642073c545c7e0849b corporate/2.1/RPMS/MySQL-Max-3.23.56-1.8.C21mdk.i586.rpm
8096eb5a826ff1789285a7604ce39d30 corporate/2.1/RPMS/MySQL-bench-3.23.56-1.8.C21mdk.i586.rpm
f1276798252c0f5376c263b0e0e18b89 corporate/2.1/RPMS/MySQL-client-3.23.56-1.8.C21mdk.i586.rpm
6e07c7ea6e92b0b0828814648234c9b3 corporate/2.1/SRPMS/MySQL-3.23.56-1.8.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
179bb081fc42e1605aee0e0cd4302479 x86_64/corporate/2.1/RPMS/libmysql10-3.23.56-1.8.C21mdk.x86_64.rpm
0aff7099f82a97b088a42998c8a2be79 x86_64/corporate/2.1/RPMS/libmysql10-devel-3.23.56-1.8.C21mdk.x86_64.rpm
3c5266fa6cd2bc2ea601b400d7affd27 x86_64/corporate/2.1/RPMS/MySQL-3.23.56-1.8.C21mdk.x86_64.rpm
e50a52624efac2ab7f2ee79a56093a9b x86_64/corporate/2.1/RPMS/MySQL-Max-3.23.56-1.8.C21mdk.x86_64.rpm
c7d5c09665aa3ba0f93de29b2a825b0f x86_64/corporate/2.1/RPMS/MySQL-bench-3.23.56-1.8.C21mdk.x86_64.rpm
4c885f301ed4fa22954a24e86f96e11b x86_64/corporate/2.1/RPMS/MySQL-client-3.23.56-1.8.C21mdk.x86_64.rpm
6e07c7ea6e92b0b0828814648234c9b3 x86_64/corporate/2.1/SRPMS/MySQL-3.23.56-1.8.C21mdk.src.rpm
Corporate 3.0:
c7b137fde3b84b2135cdb1b1c4b3669c corporate/3.0/RPMS/libmysql12-4.0.18-1.4.C30mdk.i586.rpm
9a1220153597986dcea93655e616985c corporate/3.0/RPMS/libmysql12-devel-4.0.18-1.4.C30mdk.i586.rpm
c94748b75420afebba61f3889179ed27 corporate/3.0/RPMS/MySQL-4.0.18-1.4.C30mdk.i586.rpm
4230df255b7e26fdc5352fef47a652dd corporate/3.0/RPMS/MySQL-Max-4.0.18-1.4.C30mdk.i586.rpm
f341a2cdbe037f03f1589dd03c32b122 corporate/3.0/RPMS/MySQL-bench-4.0.18-1.4.C30mdk.i586.rpm
23706070a88e7705d65656fb75a38bac corporate/3.0/RPMS/MySQL-client-4.0.18-1.4.C30mdk.i586.rpm
8445d01b3058a678b31d4e4f62f0500f corporate/3.0/RPMS/MySQL-common-4.0.18-1.4.C30mdk.i586.rpm
85f2566dec3dfaea49f5c7220030d13d corporate/3.0/SRPMS/MySQL-4.0.18-1.4.C30mdk.src.rpm
Corporate 3.0/X86_64:
64283c6daaaf50e766d98b4fa9281a3d x86_64/corporate/3.0/RPMS/lib64mysql12-4.0.18-1.4.C30mdk.x86_64.rpm
fcf3a8d2142dc35d83ee537a03b2b69d x86_64/corporate/3.0/RPMS/lib64mysql12-devel-4.0.18-1.4.C30mdk.x86_64.rpm
16984a3255ce4b7934b8b479f2a3d744 x86_64/corporate/3.0/RPMS/MySQL-4.0.18-1.4.C30mdk.x86_64.rpm
f3d128d91d0db42234a0799c17529ef0 x86_64/corporate/3.0/RPMS/MySQL-Max-4.0.18-1.4.C30mdk.x86_64.rpm
34ef63c34906f4bb69d2c5a2048ead58 x86_64/corporate/3.0/RPMS/MySQL-bench-4.0.18-1.4.C30mdk.x86_64.rpm
abeb243d806f4d6026314e0c6323aa27 x86_64/corporate/3.0/RPMS/MySQL-client-4.0.18-1.4.C30mdk.x86_64.rpm
6fe8cd9e5b1d3b784267dcf3b6155438 x86_64/corporate/3.0/RPMS/MySQL-common-4.0.18-1.4.C30mdk.x86_64.rpm
85f2566dec3dfaea49f5c7220030d13d x86_64/corporate/3.0/SRPMS/MySQL-4.0.18-1.4.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCP2OgmqjQ0CJFipgRAhPMAKCj5D0U2RXZ9BiyDjbr6Ki4Y+D/ZgCgmD0V
o4AliAFtO6xTVip03Ze5RIM=
=EZ8s
-----END PGP SIGNATURE-----