Synopsis:	Important: mysql security update

Issue date:	2010-05-26

CVE Names:	CVE-2010-1626 CVE-2010-1848 CVE-2010-1850



A buffer overflow flaw was found in the way MySQL handled the parameters 

of the MySQL COM_FIELD_LIST network protocol command (this command is 

sent when a client uses the MySQL mysql_list_fields() client library 

function). An authenticated database user could send a request with an 

excessively long table name to cause a temporary denial of service 

(mysqld crash) or, potentially, execute arbitrary code with the 

privileges of the database server. (CVE-2010-1850)



A directory traversal flaw was found in the way MySQL handled the

parameters of the MySQL COM_FIELD_LIST network protocol command. An

authenticated database user could use this flaw to obtain descriptions 

of the fields of an arbitrary table using a request with a 

specially-crafted table name. (CVE-2010-1848)



A flaw was discovered in the way MySQL handled symbolic links to tables

created using the DATA DIRECTORY and INDEX DIRECTORY directives in 

CREATE TABLE statements. An attacker with CREATE and DROP table 

privileges, and shell access to the database server, could use this flaw 

to remove data and index files of tables created by other database users 

using the MyISAM storage engine. (CVE-2010-1626)



After installing this update, the MySQL server daemon (mysqld) will be 

restarted automatically.



SL 5.x



     SRPMS:

mysql-5.0.77-4.el5_5.3.src.rpm

     i386:

mysql-5.0.77-4.el5_5.3.i386.rpm

mysql-bench-5.0.77-4.el5_5.3.i386.rpm

mysql-devel-5.0.77-4.el5_5.3.i386.rpm

mysql-server-5.0.77-4.el5_5.3.i386.rpm

mysql-test-5.0.77-4.el5_5.3.i386.rpm

     x86_64:

mysql-5.0.77-4.el5_5.3.i386.rpm

mysql-5.0.77-4.el5_5.3.x86_64.rpm

mysql-bench-5.0.77-4.el5_5.3.x86_64.rpm

mysql-devel-5.0.77-4.el5_5.3.i386.rpm

mysql-devel-5.0.77-4.el5_5.3.x86_64.rpm

mysql-server-5.0.77-4.el5_5.3.x86_64.rpm

mysql-test-5.0.77-4.el5_5.3.x86_64.rpm



-Connie Sieh

-Troy Dawson