Updated mysql packages that fix several security issues are now available
for Red Hat Application Stack v1 and v2.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld), and
many different client programs and libraries.
A flaw was found in a way MySQL handled symbolic links when database tables
were created with explicit "DATA" and "INDEX DIRECTORY" options. An
authenticated user could create a table that would overwrite tables in
other databases, causing destruction of data or allowing the user to
elevate privileges. (CVE-2007-5969)
A flaw was found in a way MySQL's InnoDB engine handled spatial indexes. An
authenticated user could create a table with spatial indexes, which are not
supported by the InnoDB engine, that would cause the mysql daemon to crash
when used. This issue only causes a temporary denial of service, as the
mysql daemon will be automatically restarted after the crash.
(CVE-2007-5925)
A flaw was found in a way MySQL handled the "DEFINER" view parameter. A
user with the "ALTER VIEW" privilege for a view created by another database
user, could modify that view to get access to any data accessible to the
creator of said view. (CVE-2007-6303)
All mysql users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
| Red Hat Application Stack v1 for Enterprise Linux AS (v.4) |
|
| SRPMS: |
mysql-5.0.44-2.el4s1.1.src.rpm
File outdated by: RHSA-2008:0510 |
ca84729dbb47b6733cde3b385ca3773d |
| |
| IA-32: |
mysql-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
d71440ea3ee98d1d6481457b0cfcd7eb |
mysql-bench-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
2da466fc2754b6b4bb279f7181d7cf37 |
mysql-cluster-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
8f6c64281708ba3ad7eaaf6948762fc1 |
mysql-devel-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
72a2d26bf19cc79d0a9c4f94658b00d0 |
mysql-libs-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
c77211698fb1ce60be43744acc28a546 |
mysql-server-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
8e9bb1932f851006a5a4e3f586c8b148 |
mysql-test-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
80ebb4bc395e2338b2175188d636e81f |
| |
| x86_64: |
mysql-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
d71440ea3ee98d1d6481457b0cfcd7eb |
mysql-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
8b3674d07d0de7131ca61d0e5b82d9d4 |
mysql-bench-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
e32256754d35b2f741cf023d313db803 |
mysql-cluster-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
0433ff7e161e6166069b990ed5e5adc0 |
mysql-devel-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
706271c5eb07ec0862ffb6cd820f15c0 |
mysql-libs-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
c77211698fb1ce60be43744acc28a546 |
mysql-libs-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
ea65b280ea61b2c8aae57ebad1bd5748 |
mysql-server-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
064abb6df8f7272d1a91ca890fefe1ff |
mysql-test-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
81b83016558b08b4558f3b04dd681b19 |
| |
| Red Hat Application Stack v1 for Enterprise Linux ES (v.4) |
|
| SRPMS: |
mysql-5.0.44-2.el4s1.1.src.rpm
File outdated by: RHSA-2008:0510 |
ca84729dbb47b6733cde3b385ca3773d |
| |
| IA-32: |
mysql-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
d71440ea3ee98d1d6481457b0cfcd7eb |
mysql-bench-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
2da466fc2754b6b4bb279f7181d7cf37 |
mysql-cluster-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
8f6c64281708ba3ad7eaaf6948762fc1 |
mysql-devel-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
72a2d26bf19cc79d0a9c4f94658b00d0 |
mysql-libs-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
c77211698fb1ce60be43744acc28a546 |
mysql-server-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
8e9bb1932f851006a5a4e3f586c8b148 |
mysql-test-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
80ebb4bc395e2338b2175188d636e81f |
| |
| x86_64: |
mysql-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
d71440ea3ee98d1d6481457b0cfcd7eb |
mysql-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
8b3674d07d0de7131ca61d0e5b82d9d4 |
mysql-bench-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
e32256754d35b2f741cf023d313db803 |
mysql-cluster-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
0433ff7e161e6166069b990ed5e5adc0 |
mysql-devel-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
706271c5eb07ec0862ffb6cd820f15c0 |
mysql-libs-5.0.44-2.el4s1.1.i386.rpm
File outdated by: RHSA-2008:0510 |
c77211698fb1ce60be43744acc28a546 |
mysql-libs-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
ea65b280ea61b2c8aae57ebad1bd5748 |
mysql-server-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
064abb6df8f7272d1a91ca890fefe1ff |
mysql-test-5.0.44-2.el4s1.1.x86_64.rpm
File outdated by: RHSA-2008:0510 |
81b83016558b08b4558f3b04dd681b19 |
| |
| Red Hat Application Stack v2 |
|
| SRPMS: |
mysql-5.0.44-3.el5s2.src.rpm
File outdated by: RHSA-2008:0505 |
9b9b957fe2d29d198f27f956dedb31fe |
| |
| IA-32: |
mysql-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
cf1887c176b79fe704600f2bdc163474 |
mysql-bench-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
1753693081423dc9841979b5564b58ff |
mysql-cluster-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
3be4ca88aa307cb4fd3ad786852782ec |
mysql-devel-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
dcacca0a00f7eb14bdcebd1f943c47e7 |
mysql-libs-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
809ff153137e95e27fd771c1be590dfc |
mysql-server-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
a7a65b019b44f9c016739b5818dbf46b |
mysql-test-5.0.44-3.el5s2.i386.rpm
File outdated by: RHSA-2008:0505 |
1a40e64039df2a50d68c22cbbb88edbf |
| |
| x86_64: |
| mysql-5.0.44-3.el5s2.i386.rpm |
cf1887c176b79fe704600f2bdc163474 |
mysql-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
cc9549cea809112110f1ec76cfbee1d8 |
mysql-bench-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
c20fc6b7e24a6928e7f080cfba9d98dd |
mysql-cluster-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
9ae5003039deb5772fb954ed1440cbcc |
| mysql-devel-5.0.44-3.el5s2.i386.rpm |
dcacca0a00f7eb14bdcebd1f943c47e7 |
mysql-devel-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
823725665e22e44533177134487d9f0f |
| mysql-libs-5.0.44-3.el5s2.i386.rpm |
809ff153137e95e27fd771c1be590dfc |
mysql-libs-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
b66ef3e045f403152d0451ae0bee8e39 |
mysql-server-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
cb45dec1b2d708e62955c4017f663036 |
mysql-test-5.0.44-3.el5s2.x86_64.rpm
File outdated by: RHSA-2008:0505 |
902c6e1e350ae925d5de24c5e13f0418 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
377451 - CVE-2007-5925 mysql DoS in the InnoDB Engine
397071 - CVE-2007-5969 mysql: possible system table information overwrite using symlinks
420231 - CVE-2007-6303 mysql: DEFINER value of view not altered on ALTER VIEW
Important: mysql security update