Accepted mysql-dfsg 4.0.24-10sarge2 (source all powerpc)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 8 May 2006 21:51:12 +0000
Source: mysql-dfsg
Binary: libmysqlclient12 mysql-client libmysqlclient12-dev mysql-server mysql-common
Architecture: source powerpc all
Version: 4.0.24-10sarge2
Distribution: stable-security
Urgency: low
Maintainer: Martin Schulze <joey@debian.org>
Changed-By: Christian Hammers <ch@debian.org>
Description:
libmysqlclient12 - mysql database client library
libmysqlclient12-dev - mysql database development files
mysql-client - mysql database client binaries
mysql-common - mysql database common files (e.g. /etc/mysql/my.cnf)
mysql-server - mysql database server binaries
Closes: 366043 366048 366162
Changes:
mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low
.
* Security upload prepared for the security team by the debian mysql
package maintainers.
* Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19
to fix the following bugs:
- When sending a specifically malformed login packet, the server fills
the response with uninitialized memory content which could contain
sensitive information. (CVE-2006-1516)
- An authenticated user could read random memory from MySQL server, by
taking advantage of a non checked packet length. (CVE-2006-1517)
- An authenticated user could remotely execute arbitrary commands by
taking advantage of a stack overflow. (CVE-2006-1518)
Closes: #366043, #366048
* Backported upstream patch to fix a bug which allows local users to bypass
logging mechanisms via SQL queries that contain the NULL character.
(CVE-2006-0903). Closes: #366162
Files:
42f14bb83f832f0f88bdabb317f62df8 966 misc optional mysql-dfsg_4.0.24-10sarge2.dsc
9aaf7d794c14faa63a05d7630f683383 98938 misc optional mysql-dfsg_4.0.24-10sarge2.diff.gz
f4aa726f5f9ec79e42799a40faabcf17 34566 misc optional mysql-common_4.0.24-10sarge2_all.deb
3f28badbf686cbff4a4905bdc507e31d 315104 libs optional libmysqlclient12_4.0.24-10sarge2_powerpc.deb
8c986e6f386b84f960894575e557c6b7 3184308 libdevel extra libmysqlclient12-dev_4.0.24-10sarge2_powerpc.deb
d48488660fc50361bdb58dc446a67b89 464662 misc optional mysql-client_4.0.24-10sarge2_powerpc.deb
902b6725bcbf405d723f3bdb1f86b52b 3842406 misc optional mysql-server_4.0.24-10sarge2_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD4DBQFEY1OTW5ql+IAeqTIRAvVNAJ45U/uGSYytZVpcKS9AlzUqc+8BiACXaEub
jvUSvgDNRqKtXBJiF6+wmg==
=Kp4F
-----END PGP SIGNATURE-----
Accepted:
libmysqlclient12-dev_4.0.24-10sarge2_powerpc.deb
to pool/main/m/mysql-dfsg/libmysqlclient12-dev_4.0.24-10sarge2_powerpc.deb
libmysqlclient12_4.0.24-10sarge2_powerpc.deb
to pool/main/m/mysql-dfsg/libmysqlclient12_4.0.24-10sarge2_powerpc.deb
mysql-client_4.0.24-10sarge2_powerpc.deb
to pool/main/m/mysql-dfsg/mysql-client_4.0.24-10sarge2_powerpc.deb
mysql-common_4.0.24-10sarge2_all.deb
to pool/main/m/mysql-dfsg/mysql-common_4.0.24-10sarge2_all.deb
mysql-dfsg_4.0.24-10sarge2.diff.gz
to pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge2.diff.gz
mysql-dfsg_4.0.24-10sarge2.dsc
to pool/main/m/mysql-dfsg/mysql-dfsg_4.0.24-10sarge2.dsc
mysql-server_4.0.24-10sarge2_powerpc.deb
to pool/main/m/mysql-dfsg/mysql-server_4.0.24-10sarge2_powerpc.deb