Synopsis: Moderate: mysql security update
Issue date: 2010-11-03
CVE Names: CVE-2010-3677 CVE-2010-3680 CVE-2010-3681
CVE-2010-3682 CVE-2010-3833 CVE-2010-3835
CVE-2010-3836 CVE-2010-3837 CVE-2010-3838
CVE-2010-3839 CVE-2010-3840
It was found that the MySQL PolyFromWKB() function did not sanity check
Well-Known Binary (WKB) data. A remote, authenticated attacker could use
specially-crafted WKB data to crash mysqld. This issue only caused a
temporary denial of service, as mysqld was automatically restarted after
the crash. (CVE-2010-3840)
A flaw was found in the way MySQL processed certain JOIN queries. If a
stored procedure contained JOIN queries, and that procedure was executed
twice in sequence, it could cause an infinite loop, leading to excessive
CPU use (up to 100%). A remote, authenticated attacker could use this flaw
to cause a denial of service. (CVE-2010-3839)
A flaw was found in the way MySQL processed queries that provide a mixture
of numeric and longblob data types to the LEAST or GREATEST function. A
remote, authenticated attacker could use this flaw to crash mysqld. This
issue only caused a temporary denial of service, as mysqld was
automatically restarted after the crash. (CVE-2010-3838)
A flaw was found in the way MySQL processed PREPARE statements containing
both GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticated
attacker could use this flaw to crash mysqld. This issue only caused a
temporary denial of service, as mysqld was automatically restarted after
the crash. (CVE-2010-3837)
It was found that MySQL did not properly pre-evaluate LIKE arguments in
view prepare mode. A remote, authenticated attacker could possibly use
this flaw to crash mysqld. (CVE-2010-3836)
A flaw was found in the way MySQL processed statements that assign a
value to a user-defined variable and that also contain a logical value
evaluation. A remote, authenticated attacker could use this flaw to
crash mysqld. This issue only caused a temporary denial of service, as
mysqld was automatically restarted after the crash. (CVE-2010-3835)
A flaw was found in the way MySQL evaluated the arguments of
extreme-value functions, such as LEAST and GREATEST. A remote,
authenticated attacker could use this flaw to crash mysqld. This issue
only caused a temporary denial of service, as mysqld was automatically
restarted after the crash. (CVE-2010-3833)
A flaw was found in the way MySQL processed EXPLAIN statements for some
complex SELECT queries. A remote, authenticated attacker could use this
flaw to crash mysqld. This issue only caused a temporary denial of
service, as mysqld was automatically restarted after the crash.
(CVE-2010-3682)
A flaw was found in the way MySQL processed certain alternating READ
requests provided by HANDLER statements. A remote, authenticated
attacker could use this flaw to provide such requests, causing mysqld to
crash. This issue only caused a temporary denial of service, as mysqld
was automatically restarted after the crash. (CVE-2010-3681)
A flaw was found in the way MySQL processed CREATE TEMPORARY TABLE
statements that define NULL columns when using the InnoDB storage
engine. A remote, authenticated attacker could use this flaw to crash
mysqld. This issue only caused a temporary denial of service, as mysqld
was automatically restarted after the crash. (CVE-2010-3680)
A flaw was found in the way MySQL processed JOIN queries that attempt to
retrieve data from a unique SET column. A remote, authenticated attacker
could use this flaw to crash mysqld. This issue only caused a temporary
denial of service, as mysqld was automatically restarted after the
crash. (CVE-2010-3677)
After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.
SL 5.x
SRPMS:
mysql-5.0.77-4.el5_5.4.src.rpm
i386:
mysql-5.0.77-4.el5_5.4.i386.rpm
mysql-bench-5.0.77-4.el5_5.4.i386.rpm
mysql-devel-5.0.77-4.el5_5.4.i386.rpm
mysql-server-5.0.77-4.el5_5.4.i386.rpm
mysql-test-5.0.77-4.el5_5.4.i386.rpm
x86_64:
mysql-5.0.77-4.el5_5.4.i386.rpm
mysql-5.0.77-4.el5_5.4.x86_64.rpm
mysql-bench-5.0.77-4.el5_5.4.x86_64.rpm
mysql-devel-5.0.77-4.el5_5.4.i386.rpm
mysql-devel-5.0.77-4.el5_5.4.x86_64.rpm
mysql-server-5.0.77-4.el5_5.4.x86_64.rpm
mysql-test-5.0.77-4.el5_5.4.x86_64.rpm
-Connie Sieh
-Troy Dawson
|