Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in mysql
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in mysql
ID: MDVSA-2010:093
Distribution: Mandriva
Plattformen: Mandriva 2009.1, Mandriva 2010.0
Datum: Fr, 7. Mai 2010, 21:44
Referenzen: http://bugs.mysql.com/bug.php?id=51770
https://qa.mandriva.com/58843
Applikationen: MySQL

Originalnachricht

This is a multi-part message in MIME format...

------------=_1273255756-24326-7495


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:093
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mysql
Date : May 7, 2010
Affected: 2009.1, 2010.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered in mysql which would permit mysql users
without any kind of privileges to use the UNINSTALL PLUGIN function.

A problem was discovered in the mysqld init script which under certain
circumstances could cause the service to exit too quickly, giving the [
OK ] status and before the mysql server was really started and bound
to the mysql socket or IP address. This caused a problem for products
like Pulse2.

The corrected packages solves these problems.
_______________________________________________________________________

References:

http://bugs.mysql.com/bug.php?id=51770
https://qa.mandriva.com/58843
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.1:
54006c70afc3e861c4deef24d761370b
2009.1/i586/libmysql16-5.1.42-0.3mdv2009.1.i586.rpm
76dd0e691c8bc3b113a97192b556cabc
2009.1/i586/libmysql-devel-5.1.42-0.3mdv2009.1.i586.rpm
32ab2d4751a47963da3c88b51f1d3fd8
2009.1/i586/libmysql-static-devel-5.1.42-0.3mdv2009.1.i586.rpm
16632ad717aa5a11f2fb74a548859814
2009.1/i586/mysql-5.1.42-0.3mdv2009.1.i586.rpm
7f553d38a23daac410b925ec0094309e
2009.1/i586/mysql-bench-5.1.42-0.3mdv2009.1.i586.rpm
c499f591935b91af8752e4bfaf146f9e
2009.1/i586/mysql-client-5.1.42-0.3mdv2009.1.i586.rpm
b4545700f4afa0a471a8306f99f22249
2009.1/i586/mysql-common-5.1.42-0.3mdv2009.1.i586.rpm
aa2de0e2a3121bc724a84d836033500f
2009.1/i586/mysql-doc-5.1.42-0.3mdv2009.1.i586.rpm
9d79d1d0f9d176a26dd3727e747dfdf5
2009.1/i586/mysql-max-5.1.42-0.3mdv2009.1.i586.rpm
fe2003bac60bb2f388b65eb711f7984a
2009.1/i586/mysql-ndb-extra-5.1.42-0.3mdv2009.1.i586.rpm
ed8b3c6a2f0e25abfc030d3f886f13d1
2009.1/i586/mysql-ndb-management-5.1.42-0.3mdv2009.1.i586.rpm
be6ff43c94502883be9ce176bddbf9b4
2009.1/i586/mysql-ndb-storage-5.1.42-0.3mdv2009.1.i586.rpm
1bacb295ea603908a2f04a6b4b269d31
2009.1/i586/mysql-ndb-tools-5.1.42-0.3mdv2009.1.i586.rpm
a0b096a1669abdc876ef6c01d8c075b5
2009.1/SRPMS/mysql-5.1.42-0.3mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
61e03c60fec61328da5475cfb7bc4bf4
2009.1/x86_64/lib64mysql16-5.1.42-0.3mdv2009.1.x86_64.rpm
3176c0e87e754759204d0ad1be769a65
2009.1/x86_64/lib64mysql-devel-5.1.42-0.3mdv2009.1.x86_64.rpm
19bbdd8f6d57e4b5bb4a74d4b476f0cf
2009.1/x86_64/lib64mysql-static-devel-5.1.42-0.3mdv2009.1.x86_64.rpm
0e80df8a100d82364e7a3323ec892d1f
2009.1/x86_64/mysql-5.1.42-0.3mdv2009.1.x86_64.rpm
d405ffb3e8f65578f54bce2360c78433
2009.1/x86_64/mysql-bench-5.1.42-0.3mdv2009.1.x86_64.rpm
eb7baf714d55aae6ad041cdabdd84dab
2009.1/x86_64/mysql-client-5.1.42-0.3mdv2009.1.x86_64.rpm
90abeaf5a5b218a21567df0a02572232
2009.1/x86_64/mysql-common-5.1.42-0.3mdv2009.1.x86_64.rpm
c7fce8846a34bdac5ad4144d8856043c
2009.1/x86_64/mysql-doc-5.1.42-0.3mdv2009.1.x86_64.rpm
cba5723911fa87d7e7211ab2cdb658f6
2009.1/x86_64/mysql-max-5.1.42-0.3mdv2009.1.x86_64.rpm
98edbde9e1393a275fd45a78fda03b92
2009.1/x86_64/mysql-ndb-extra-5.1.42-0.3mdv2009.1.x86_64.rpm
2f5b6b0b9a6726b7322deb723480c527
2009.1/x86_64/mysql-ndb-management-5.1.42-0.3mdv2009.1.x86_64.rpm
db10798231c42e0304fb75f1f7941728
2009.1/x86_64/mysql-ndb-storage-5.1.42-0.3mdv2009.1.x86_64.rpm
07ca70ad1b446afd873c482cc544d1dc
2009.1/x86_64/mysql-ndb-tools-5.1.42-0.3mdv2009.1.x86_64.rpm
a0b096a1669abdc876ef6c01d8c075b5
2009.1/SRPMS/mysql-5.1.42-0.3mdv2009.1.src.rpm

Mandriva Linux 2010.0:
be1721e543c3724d35a63aa5f213f8de
2010.0/i586/libmysql16-5.1.42-0.3mdv2010.0.i586.rpm
8e5472cc7afddd745e02fd97fa3e65e3
2010.0/i586/libmysql-devel-5.1.42-0.3mdv2010.0.i586.rpm
2302fb56a522390b97425f6fbef98148
2010.0/i586/libmysql-static-devel-5.1.42-0.3mdv2010.0.i586.rpm
6b3039075fb7828f00f6d5fe3b6f2cc9
2010.0/i586/mysql-5.1.42-0.3mdv2010.0.i586.rpm
8190cae8369824a35c2a84b7463bc11b
2010.0/i586/mysql-bench-5.1.42-0.3mdv2010.0.i586.rpm
bda23f602b5230b994b1b12baec86af1
2010.0/i586/mysql-client-5.1.42-0.3mdv2010.0.i586.rpm
4056f9719c0873d63e46c10597c7d688
2010.0/i586/mysql-common-5.1.42-0.3mdv2010.0.i586.rpm
59826ffe62a040bd84e530e4e5be163f
2010.0/i586/mysql-common-core-5.1.42-0.3mdv2010.0.i586.rpm
6774569d17dd638b8e09a3a0d5b6ea0e
2010.0/i586/mysql-core-5.1.42-0.3mdv2010.0.i586.rpm
c5ecb88a2cdc9b22ee98a90d6b1a9d03
2010.0/i586/mysql-doc-5.1.42-0.3mdv2010.0.i586.rpm
b3c8aaf9e97656f024b5e7f54af0728d
2010.0/i586/mysql-max-5.1.42-0.3mdv2010.0.i586.rpm
2f8a0156d8d2ea7c3e2432ee1600e4c6
2010.0/i586/mysql-ndb-extra-5.1.42-0.3mdv2010.0.i586.rpm
810eb32b04552f831b5ac35f9241356d
2010.0/i586/mysql-ndb-management-5.1.42-0.3mdv2010.0.i586.rpm
fa0670d9eed9803cbc5f40536208c141
2010.0/i586/mysql-ndb-storage-5.1.42-0.3mdv2010.0.i586.rpm
4b0be649cc0a6331b935059f99d27dfb
2010.0/i586/mysql-ndb-tools-5.1.42-0.3mdv2010.0.i586.rpm
04afccfb76f0f88375f9dc6598584f9b
2010.0/SRPMS/mysql-5.1.42-0.3mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
ebd36c904b32a99bdd9ce0e938eb6ef2
2010.0/x86_64/lib64mysql16-5.1.42-0.3mdv2010.0.x86_64.rpm
ffde28d96cfe44d159d3176e1972a6b2
2010.0/x86_64/lib64mysql-devel-5.1.42-0.3mdv2010.0.x86_64.rpm
288915dbebc01d488180362784d1b011
2010.0/x86_64/lib64mysql-static-devel-5.1.42-0.3mdv2010.0.x86_64.rpm
e9f1674e68e7ddc8d68ec5c6147e051f
2010.0/x86_64/mysql-5.1.42-0.3mdv2010.0.x86_64.rpm
3aa8d227d757d2a0172c39d22f503fc9
2010.0/x86_64/mysql-bench-5.1.42-0.3mdv2010.0.x86_64.rpm
0d9a788891e0b20c4339c6f8ed0b14ab
2010.0/x86_64/mysql-client-5.1.42-0.3mdv2010.0.x86_64.rpm
373b970d951de243a21451a31154e21d
2010.0/x86_64/mysql-common-5.1.42-0.3mdv2010.0.x86_64.rpm
757bceabfacd191d9b32dce2140025f8
2010.0/x86_64/mysql-common-core-5.1.42-0.3mdv2010.0.x86_64.rpm
78335300c5dfd20ad7c18ee53c8e7549
2010.0/x86_64/mysql-core-5.1.42-0.3mdv2010.0.x86_64.rpm
c8a3554ef62aa6cc8335a7352f2b9ff3
2010.0/x86_64/mysql-doc-5.1.42-0.3mdv2010.0.x86_64.rpm
f3c8489b506b91f2a9dd5ef64dcf9064
2010.0/x86_64/mysql-max-5.1.42-0.3mdv2010.0.x86_64.rpm
44f0b531705bc0d155a24d3847dd0d50
2010.0/x86_64/mysql-ndb-extra-5.1.42-0.3mdv2010.0.x86_64.rpm
1574dda1d6e3717832440c5f94c01816
2010.0/x86_64/mysql-ndb-management-5.1.42-0.3mdv2010.0.x86_64.rpm
ec14aafb931921e75e847d25373f901c
2010.0/x86_64/mysql-ndb-storage-5.1.42-0.3mdv2010.0.x86_64.rpm
7e38f7400e1c96fbb5e24520ab554b4b
2010.0/x86_64/mysql-ndb-tools-5.1.42-0.3mdv2010.0.x86_64.rpm
04afccfb76f0f88375f9dc6598584f9b
2010.0/SRPMS/mysql-5.1.42-0.3mdv2010.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL5CnimqjQ0CJFipgRAs+uAJ4qRfD5p0DtrMZZrDeGBaXSrxX08wCgmjhZ
N0qrX52vXppOw/fCprvl584=
=FvOH
-----END PGP SIGNATURE-----


------------=_1273255756-24326-7495
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1273255756-24326-7495--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung