LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

March 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA March 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: mysql on SL6.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Fri, 4 Mar 2011 14:40:38 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (110 lines)

Synopsis:	Moderate: mysql security update
Issue date:	2011-01-18
CVE Names:	CVE-2010-3677 CVE-2010-3678 CVE-2010-3679
                   CVE-2010-3680 CVE-2010-3681 CVE-2010-3682
                   CVE-2010-3683 CVE-2010-3833 CVE-2010-3835
                   CVE-2010-3836 CVE-2010-3837 CVE-2010-3838
                   CVE-2010-3839 CVE-2010-3840

The MySQL PolyFromWKB() function did not sanity check Well-Known Binary
(WKB) data, which could allow a remote, authenticated attacker to crash
mysqld. (CVE-2010-3840)

A flaw in the way MySQL processed certain JOIN queries could allow a
remote, authenticated attacker to cause excessive CPU use (up to 100%), 
if a stored procedure contained JOIN queries, and that procedure was 
executed twice in sequence. (CVE-2010-3839)

A flaw in the way MySQL processed queries that provide a mixture of 
numeric and longblob data types to the LEAST or GREATEST function, could 
allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3838)

A flaw in the way MySQL processed PREPARE statements containing both
GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,
authenticated attacker to crash mysqld. (CVE-2010-3837)

MySQL did not properly pre-evaluate LIKE arguments in view prepare mode,
possibly allowing a remote, authenticated attacker to crash mysqld.
(CVE-2010-3836)

A flaw in the way MySQL processed statements that assign a value to a
user-defined variable and that also contain a logical value evaluation
could allow a remote, authenticated attacker to crash mysqld.
(CVE-2010-3835)

A flaw in the way MySQL evaluated the arguments of extreme-value 
functions, such as LEAST and GREATEST, could allow a remote, 
authenticated attacker to crash mysqld. (CVE-2010-3833)

A flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL 
to send OK packets even when there were errors. (CVE-2010-3683)

A flaw in the way MySQL processed EXPLAIN statements for some complex
SELECT queries could allow a remote, authenticated attacker to crash
mysqld. (CVE-2010-3682)

A flaw in the way MySQL processed certain alternating READ requests
provided by HANDLER statements could allow a remote, authenticated 
attacker to crash mysqld. (CVE-2010-3681)

A flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that
define NULL columns when using the InnoDB storage engine, could allow a
remote, authenticated attacker to crash mysqld. (CVE-2010-3680)

A flaw in the way MySQL processed certain values provided to the BINLOG
statement caused MySQL to read unassigned memory. A remote, 
authenticated attacker could possibly use this flaw to crash mysqld. 
(CVE-2010-3679)

A flaw in the way MySQL processed SQL queries containing IN or CASE
statements, when a NULL argument was provided as one of the arguments to
the query, could allow a remote, authenticated attacker to crash mysqld.
(CVE-2010-3678)

A flaw in the way MySQL processed JOIN queries that attempt to retrieve
data from a unique SET column could allow a remote, authenticated 
attacker to crash mysqld. (CVE-2010-3677)

Note: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,
CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, 
CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of 
service, as mysqld was automatically restarted after each crash.

These updated packages upgrade MySQL to version 5.1.52. Refer to the 
MySQL release notes for a full list of changes:

http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html

After installing this update, the MySQL server daemon (mysqld) will be 
restarted automatically.

SL 6.x

      SRPMS:
mysql-5.1.52-1.el6_0.1.src.rpm
      i386:
mysql-5.1.52-1.el6_0.1.i686.rpm
mysql-bench-5.1.52-1.el6_0.1.i686.rpm
mysql-devel-5.1.52-1.el6_0.1.i686.rpm
mysql-embedded-5.1.52-1.el6_0.1.i686.rpm
mysql-embedded-devel-5.1.52-1.el6_0.1.i686.rpm
mysql-libs-5.1.52-1.el6_0.1.i686.rpm
mysql-server-5.1.52-1.el6_0.1.i686.rpm
mysql-test-5.1.52-1.el6_0.1.i686.rpm
      x86_64:
mysql-5.1.52-1.el6_0.1.x86_64.rpm
mysql-bench-5.1.52-1.el6_0.1.x86_64.rpm
mysql-devel-5.1.52-1.el6_0.1.i686.rpm
mysql-devel-5.1.52-1.el6_0.1.x86_64.rpm
mysql-embedded-5.1.52-1.el6_0.1.i686.rpm
mysql-embedded-5.1.52-1.el6_0.1.x86_64.rpm
mysql-embedded-devel-5.1.52-1.el6_0.1.i686.rpm
mysql-embedded-devel-5.1.52-1.el6_0.1.x86_64.rpm
mysql-libs-5.1.52-1.el6_0.1.i686.rpm
mysql-libs-5.1.52-1.el6_0.1.x86_64.rpm
mysql-server-5.1.52-1.el6_0.1.x86_64.rpm
mysql-test-5.1.52-1.el6_0.1.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV